1 |
On 4/18/2010 12:29 AM, Jonathan wrote: |
2 |
> On Sun, 18 Apr 2010 00:46:25 +0100 |
3 |
> David W Noon<dwnoon@××××××××.com> wrote: |
4 |
> |
5 |
>> If any Joe Schmoe could imbue a program with capabilities, this might |
6 |
>> be true. But that's not the way the system works. |
7 |
> |
8 |
> Sorry, I think i'm missing your point. |
9 |
> |
10 |
>> Only root can run the setcap program to add capabilities to a program, |
11 |
>> at least on a normal, UNIX-style security system. On a role-based |
12 |
>> security system, even root might not be permitted to do this. |
13 |
> |
14 |
> If I had the root password to own system(which I do...) and I wanted Wine to uses IPX |
15 |
> without running as root. I would set "setcap cap_net_raw=ep /usr/bin/wine" as root. |
16 |
> Then I could run Wine as my normal user. |
17 |
> |
18 |
> No one in there right mind would run Wine as root. If you did you may as well use Windows. |
19 |
|
20 |
You say "no one in their right mind" would run Wine as root. |
21 |
But if you did not have capabilities support available, |
22 |
and wanted Wine to use IPX, then you wouldn't have any other |
23 |
choice but to run Wine as root. |
24 |
|
25 |
By using capabilities, you aren't increasing Wines |
26 |
permissions, you are decreasing the permissions needed to |
27 |
support IPX. Trying to compare Wine without IPX to Wine |
28 |
with CAP_NET_RAW isn't a fair comparison, as the two don't |
29 |
have the same feature set and thus clearly don't have the |
30 |
same security needs. |
31 |
|
32 |
--Mike |