Scott Ritchie <sc...@open-vote.org> writes: > Ubuntu 10.10 is coming out soon, and its new kernel settings prevent > Wine apps from looking at each others' memory. This breaks World of > Warcraft, among other things. See: > http://bugs.winehq.org/show_bug.cgi?id=24193 > > What's needed is a very small shim for Wine that can be setuid 0, but > then release all capabilities except what Wine actually needs -- what a > normal user has, and cap_sys_ptrace.
I don't think that's a good idea. CAP_SYS_PTRACE allows access to any process, so it's a lot more dangerous than the standard ptrace checks that Ubuntu decided to break. Going back to the default behavior is probably safer than making Wine setuid... -- Alexandre Julliard julli...@winehq.org
