On Saturday 26 October 2002 11:43 pm, Francois Gouget wrote:
On Sat, 26 Oct 2002, Greg Turner wrote:
That is, wine "emulates" an OS with no security measures at the filesystem level, no security policy regarding what API's can be called (except as provided by the CPU itself), and so on.
I agree that there is a problem of perception so I will quickly clarify the above sentence, lest it be mis-interpreted and contribute to that perception problem.
When reading 'wine "emulates" an OS with no security measures at the filesystem level' I think most people will think that Windows applications running under Wine can read and modify any file on the Unix system, including system files and files not belonging to the user running the application. This is of course not the case!
good call. thanks for that clarification.
(however I will quickly point out that the NT security model suffers from a serious design flaw which lets processes escalate privileges in a way which is currently simply impossible in Wine, for more details see http://security.tombom.co.uk/shatter.html)
seen this one, too. interesting article; there's an even more interesting follow up at http://security.tombom.co.uk/moreshatter.html. If were very careful to do everything "just like windows" I think we could reproduce these flaws in a year or two :)
At http://security.tombom.co.uk/aboutfoon.html, the author (who calls himself "Foon") boasts "Able to program in 23 languages on 14 platforms, Foon takes an average of 3 days to learn a new programming language." ... That means he's spent exactly 69 days learning programming languages en toto.
AFAIK the Win32 API (unlike the Unix API, see chroot) does not make it possible to prevent a process from accessing or modifying files belonging to the current user.
This is another argument for a permissions mapping scheme instead of direct translation of Unix permissions to wine permissions, as I see it. Of course, this leads us back to the Wine Is Not an Emulator "problem" as previously discussed... so I guess I'm going in mental circles and, in a sense, contradicting myself... time to shut up and get back to work on RPC :)