--- Martin Wilck Martin.Wilck@fujitsu-siemens.com wrote:
Am Don, 2002-10-24 um 15.43 schrieb Dustin Navea:
Another potential problem popped into my head
though,
and that is:
what if someone edits the initscript to where wine runs as root (or someone compromises the server
and
does it),
If the system is already compromised it is too late anyway. Some intruder who can change init scripts already has root rights and probably wouldn't bother with wine.
They may do it anyways so that they have a 2nd way in (for after the original security hole is closed)
If sysadmin himself changes the init script to run wine as root it is his own fault (he could as well have their apache or bind run as root, also a bad idea for both).
True.
or what if someone just changes the owner/group on the file (like a word doc), and
then
tries to run it with wine, what happens then?
Unless wine has some suid capabilities (which it shouldn't) this has no impact - wine runs in the account of the user who opens the file (runs word).
I was actually thinking more from a read the file standpoint, i.e if in the future wine runs as a service with its own account, would wine be able to read the file after someone changed the file's owner from wine to, say user speeddy, or would it just say access denied and not let you read the file, therefore making you have to redo the permissions or make it owned by wine again.
A good example would be, say user speeddy wants to be able to edit a file in word sometimes and in kword other times. If in the future wine has it's own account, will wine be able to read AND write the file no matter who it is owned by, without having to modify permissions on the file, or will the user have to change to owner to wine when he wants to modify it in word and change the owner to speeddy when he wants to edit it in kword. Maybe I'm missing the point altogether, but isnt the whole point of having wine as a service in the future to make it easier to use while still being safe? I do believe that some "namby-pamby mouse-addicted beginner" to linux is not going to want to change owners on the file each time he uses a different program to edit it, nor will he even know how to, which therefore makes the useability factor go _way_ down.
__________________________________________________ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/