Le dimanche 20 novembre 2005 à 21:01 +0100, [EMAIL PROTECTED] a écrit : > On Sun, 20 Nov 2005 20:26:07 +0100, Jonathan Ernst > <[EMAIL PROTECTED]> wrote: > > > Le dimanche 20 novembre 2005 à 19:04 +0000, Oliver Stieber a écrit : > >> --- Jonathan Ernst <[EMAIL PROTECTED]> wrote: > >> > >> > Le dimanche 20 novembre 2005 à 18:57 +0100, [EMAIL PROTECTED] a écrit : > >> > > On Sun, 20 Nov 2005 18:33:53 +0100, Oliver Stieber > >> > > <[EMAIL PROTECTED]> wrote: > >> > > > >> > > > I've just tried at it appears to have wiped my MBR logged in as > >> a normal > >> > > > User in wheel group. > >> > > > If this is the problem then I purchsed a new drive because of it > >> last > >> > > > month. > >> > > > Oliver. > >> > > > >> > > Can I have your old one ? ;) > >> > > > >> > > Apart from fixing this ugly bug , it looks like something more > >> precise > >> > > than "dont run as root" is needed before inviting the click-and-go > >> windows > >> > > crowd to join the party. > >> > > >> > brw-rw---- 1 root disk 8, 0 nov 20 17:23 /dev/hda > >> > > >> > If you are not part of the disk group and you are not running as root, > >> > this cannot happen. There might be a bug in Wine, but the most > >> important > >> > error is people having incorrect rights set or having too much rights. > >> > > >> I was part of the disk group when my MBR was overwritten because I'd > >> been doing some work on the > >> drives and don't like sudo. Isn't it still a bug in wine that the MBR > >> was overwritten in the first > >> place, even if I'm in the disks group or running as root? > > > > Yes of course that's a bug in Wine. But what I meant is that the > > security model of Linux if correctly applied (i.e. people don't have > > rights to make things they are not supposed to do) would prevent such > > things to happen. > > > > So is the conclusion that users need to set up a special new user with > super restrictive rights to protect the system from bugs in wine?! My > confidence in wine has just taken a knock. > > Up until now I have not seen anything that says a wine user should not > have access to any other services. > > Setting up a tightly restricted user soley to run wine is what I do in any > case since I am installing windows software and this often necessitates > installing IE and other horrors. > > Maybe this should become an official recommendation. > > > If it is not sufficient to just "not run wine as root" then this should go > down as a documentation bug as well.
I think I still didn't make myself clear. Yes there is (I guess) a bad bug in Wine. But: giving normal users a right to write to /dev/hd? is very dangerous and should be avoided. Why would a normal user need a write access to /dev/hd? ? Wine can have bugs, any other application could have bugs that made them try to write things to /dev/hd?. You could get some virus or whatever that execute with you user's right and you really don't want it to wipe out your hdd, do you ? Regards, Jonathan
signature.asc
Description: This is a digitally signed message part
