On Jun 30, 2006, at 1:08 AM, Troy Rollo wrote:
On Friday 30 June 2006 14:52, William Knop wrote:
Um hold on a second. Clearly many developers have different ideas
about what's reasonable.
Actually I don't think that's true. As far as I can see all of the
*developers* participating in this thread agreed that autorun (1)
is a bad
idea and should not be implemented, and (2) is on the other side of
the
demarcation line between Wine and the desktop environment.
I would be surprised if any significant number of developers
disagreed with
these two points. As for the first, it reflects the difference between
Windows' security model and the Unix/Linux security model (the
difference
being that the latter systems actually have a model deserving of the
label "security"). As for the second, an end user may well not
understand the
distinction between Wine's role and that of the desktop
environment, but a
developer should. Wine is for making Windows applications (and native
applications coded to the Windows API) run - I am not aware of any
developer
who thinks it should be a complete reimplementation of Windows.
1) While I agree maintaining a staunch security policy is important,
that has nothing to do with autorun. Making the user browse to find
an executable is not security.
2) The line you refer to I believe would put detecting media inserts
on the desktop environment side, and the parsing and execution of
windows autorun inf files on the wine side. Hell, the user would have
to run `wine --media-autorun /mountpoint/autorun.inf`. That has to be
as secure as the user running `cd /mountpoint/somedir; wine ./some.exe`.
Will
