On 4/18/2010 12:29 AM, Jonathan wrote:
On Sun, 18 Apr 2010 00:46:25 +0100
David W Noon<dwn...@ntlworld.com> wrote:
If any Joe Schmoe could imbue a program with capabilities, this might
be true. But that's not the way the system works.
Sorry, I think i'm missing your point.
Only root can run the setcap program to add capabilities to a program,
at least on a normal, UNIX-style security system. On a role-based
security system, even root might not be permitted to do this.
If I had the root password to own system(which I do...) and I wanted Wine to
uses IPX
without running as root. I would set "setcap cap_net_raw=ep /usr/bin/wine" as
root.
Then I could run Wine as my normal user.
No one in there right mind would run Wine as root. If you did you may as well
use Windows.
You say "no one in their right mind" would run Wine as root.
But if you did not have capabilities support available,
and wanted Wine to use IPX, then you wouldn't have any other
choice but to run Wine as root.
By using capabilities, you aren't increasing Wines
permissions, you are decreasing the permissions needed to
support IPX. Trying to compare Wine without IPX to Wine
with CAP_NET_RAW isn't a fair comparison, as the two don't
have the same feature set and thus clearly don't have the
same security needs.
--Mike
