| 1 |
On 4/18/2010 12:29 AM, Jonathan wrote: |
| 2 |
> On Sun, 18 Apr 2010 00:46:25 +0100 |
| 3 |
> David W Noon<dwnoon@××××××××.com> wrote: |
| 4 |
> |
| 5 |
>> If any Joe Schmoe could imbue a program with capabilities, this might |
| 6 |
>> be true. But that's not the way the system works. |
| 7 |
> |
| 8 |
> Sorry, I think i'm missing your point. |
| 9 |
> |
| 10 |
>> Only root can run the setcap program to add capabilities to a program, |
| 11 |
>> at least on a normal, UNIX-style security system. On a role-based |
| 12 |
>> security system, even root might not be permitted to do this. |
| 13 |
> |
| 14 |
> If I had the root password to own system(which I do...) and I wanted Wine to uses IPX |
| 15 |
> without running as root. I would set "setcap cap_net_raw=ep /usr/bin/wine" as root. |
| 16 |
> Then I could run Wine as my normal user. |
| 17 |
> |
| 18 |
> No one in there right mind would run Wine as root. If you did you may as well use Windows. |
| 19 |
|
| 20 |
You say "no one in their right mind" would run Wine as root. |
| 21 |
But if you did not have capabilities support available, |
| 22 |
and wanted Wine to use IPX, then you wouldn't have any other |
| 23 |
choice but to run Wine as root. |
| 24 |
|
| 25 |
By using capabilities, you aren't increasing Wines |
| 26 |
permissions, you are decreasing the permissions needed to |
| 27 |
support IPX. Trying to compare Wine without IPX to Wine |
| 28 |
with CAP_NET_RAW isn't a fair comparison, as the two don't |
| 29 |
have the same feature set and thus clearly don't have the |
| 30 |
same security needs. |
| 31 |
|
| 32 |
--Mike |
Archives