On Sunday 25 May 2008 05:18:18 Dan Kegel wrote:
Figured out why so many people are running winetest on windows today: http://linux.slashdot.org/comments.pl?sid=563226&cid=23530662
Yes, this was a surprise.
IIRC, these tests are considered slightly hazardous. In the past we recommend that only developers (and others who understand the slight risk) run winetest.exe; although obviously the greater coverage is useful.
Before people run the tests, I feel we should give them the opportunity[1] to find out: a. what the tests do and why it's useful, b. who should help (e.g., answering the question: how about my Win. install inside VMWare?). c. what might go wrong (e.g., stale Reg. entries, computer freezing), how likely these problems are to occur and how to fix them if they do happen,
I'd recommend we add a clearly worded link at the top of each results page, that directs the person to a wiki page with above information. For example, this could be the existing ConformanceTests wiki; although, with the additional information, that wiki might be a bit too busy.
Also, it would be nice if we provided some way that end-users could verify the authenticity of winetest.exe. I PGP/GPG sign the binaries, but currently those don't propagate to the test-result page, so people probably won't see 'em.
Also, detached PGP signatures aren't very handy. I guess running codesign.exe (or equiv[2]) would be better, but I've not used it before and we'd have to think about the X509 setup.
Cheers,
Paul.
[1] -- also surprising was that one post to Slashdot and a legit-looking URI and many people downloaded and ran winetest.exe. People's laissez-faire attitude towards downloading and running executable content off the Internet helps keep the anti-virus business going, I guess :-/
[2] -- A quick search found this: http://sourceforge.net/projects/osslsigncode/ I don't know how well it works.