Alexandre Julliard julliard@winehq.org wrote:
While investigating how to fix the file section access tests in kernel32 I've found that some places in Wine deliberately create objects with access rights set to 0, that leads to creation of potentially not accessible objects.
Many of these are deliberate. You'll need test cases to show that you can require more permissions.
In the most cases these patches just add the access rights appropriate for particular calls instead of assuming some default ones, that should be a good thing to do from a security point of view. Test cases are needed, but only to figure out what actual default permissions are provided for 0 access, and for file sections the test already exists and shows that defaults access is 0 and a not accessible object as a result. Creating objects with access rights set to 0 should not be used, and considered a bad practice in general IMO.