L. Rahyen schrieb:
So for fixing some _broken_ applications this patch unconditionally disables nx protection for every application running under wine. Seems like a bad tradeoff imo. (Though I don't know how widespread these kind of broken applications are. But there are definitly applications out there which don't need this.)
Most of Windows applications will not work. Especialy games. Yes there some applications that work but this is mostly small applications without complex GUI. Some example are Proxomitron (this is a proxy) and mdict (simple 9KB program with graphical interface). But most users use Wine for Games and for applications with complex GUI (complex GUI = complex application in most cases). Just try 10-20 popular games and 10-20 popular applications - most of them will crash without McCormack's patch or with noexec=on. Even if real problem is because of broken PE header this doesn't matter - we must emulate typical Windows behavior in such case (at least by default).
This way would have the advantage that the behaviour is tunable either globally or on a per-app basis.
That's great but what is the default behavior? By default Wine must work in compatibility mode with not-noexec-aware programs. And only if advanced user (simple user just want to run his apps and nothing more) want to try noexec protection with his Windows application it should be activated via registy (globally or for specific app). Otherwise it will be really major regression (most application will crash).
As I said, I don't know how many application are affected by this.For the ones I tested it was only a minority(though i didn't tested that many). But I wouldn't even argue that much against enabling compatibility mode by default (if it would break the majority of the applications otherwise). I was only in favor of making it adjustible at all.
What I want to say that Wine must work out-of-the-box in all cases where this is possible - this is what most users expect.
This "sacrifice everything for compatibility"-strategy is imo exactly the reason why there are still so many broken applications out there. If MS had this protection enabled by default there would be more whining users for sure, but also more pressure on the vendors to fix their applications. But I guess everybody has different priorities, thats why it should be a configurable option.