On 29 September 2010 15:42, Michael Stefaniuc <mstef...@redhat.com> wrote: > On 09/29/2010 03:14 PM, Scott Ritchie wrote: >> >> Ubuntu 10.10 is coming out soon, and its new kernel settings prevent >> Wine apps from looking at each others' memory. This breaks World of >> Warcraft, among other things. See: >> http://bugs.winehq.org/show_bug.cgi?id=24193 >> >> What's needed is a very small shim for Wine that can be setuid 0, but >> then release all capabilities except what Wine actually needs -- what a >> normal user has, and cap_sys_ptrace. > > Pardon my ignorance but why is Ubuntu restricting the ptrace'ing of > processing belonging to the same uid? >
See http://lkml.org/lkml/2010/6/29/401 for some background on this. I think the conclusion from that thread was essentially that ptrace restrictions and the like should be done using something like SELinux instead.
