Re: [PATCH v5 0/1] MR3381: server: Try isolate wineserver directory.

Jinoh Kang (@iamahuman) commented about dlls/ntdll/unix/server.c:

• /*

• * try following locations for wineserver directory:
  

• * - ${XDG_RUNTIME_DIR}/wine
  

• * - /run/user/${uid}/wine
  

• * - ${TMPDIR}/wine - only if ${TMPDIR} is per-user
  

• * - ${TMPDIR}/.wine-${uid}
  

• * - /tmp/.wine-${uid}
  

• */
  

• dir = NULL;
• /* try "${XDG_RUNTIME_DIR}/wine" */

+#ifdef HAVE_SECURE_GETENV

• server_root_dir = secure_getenv( "XDG_RUNTIME_DIR" );

I don't see how `secure_getenv` is useful.

1. Wine is not intended to be run as root, or on behalf of another Unix user. 2. There are plenty of other environment variables that directly influence Wine's behavior, to the point of arbitrary code execution.