On Sun, 20 Nov 2005 20:26:07 +0100, Jonathan Ernst jonathan@ernstfamily.ch wrote:
Le dimanche 20 novembre 2005 à 19:04 +0000, Oliver Stieber a écrit :
--- Jonathan Ernst jonathan@ernstfamily.ch wrote:
Le dimanche 20 novembre 2005 à 18:57 +0100, wino@piments.com a écrit :
On Sun, 20 Nov 2005 18:33:53 +0100, Oliver Stieber oliver_stieber@yahoo.co.uk wrote:
I've just tried at it appears to have wiped my MBR logged in as
a normal
User in wheel group. If this is the problem then I purchsed a new drive because of it
last
month. Oliver.
Can I have your old one ? ;)
Apart from fixing this ugly bug , it looks like something more
precise
than "dont run as root" is needed before inviting the click-and-go
windows
crowd to join the party.
brw-rw---- 1 root disk 8, 0 nov 20 17:23 /dev/hda
If you are not part of the disk group and you are not running as root, this cannot happen. There might be a bug in Wine, but the most
important
error is people having incorrect rights set or having too much rights.
I was part of the disk group when my MBR was overwritten because I'd been doing some work on the drives and don't like sudo. Isn't it still a bug in wine that the MBR was overwritten in the first place, even if I'm in the disks group or running as root?
Yes of course that's a bug in Wine. But what I meant is that the security model of Linux if correctly applied (i.e. people don't have rights to make things they are not supposed to do) would prevent such things to happen.
So is the conclusion that users need to set up a special new user with super restrictive rights to protect the system from bugs in wine?! My confidence in wine has just taken a knock.
Up until now I have not seen anything that says a wine user should not have access to any other services.
Setting up a tightly restricted user soley to run wine is what I do in any case since I am installing windows software and this often necessitates installing IE and other horrors.
Maybe this should become an official recommendation.
If it is not sufficient to just "not run wine as root" then this should go down as a documentation bug as well.