17 Oct
2006
17 Oct
'06
7:21 p.m.
Yes for the last statement, but extraordinary user's mileage may vary. It can choose between (a) running wine as root and (b) running LIDS-patched kernel [8] plus this command:
# lidsadm -A -s /path/to/some_wine_binary_piece -o CAP_SYS_RAWIO -j GRANT
Couldn't you also unmap the I/O ports memory and catch segmentation faults referring to that area, then reroute them through some system service running as root? It's safer than running wine as root.
All that one needs is a small setuid-root wrapper that grants needed ioperms and then folds back to regular user and execs wine.
Cheers, Kuba