Dear Tzembi, the problems with wine are very well known from the windows world. I just read your forum post, and have to annotate some of your things:
the wine exploit is fixed long time ago...I think Ubuntu was one of the first distros who had the patch handy, if I remember correctly I was the one who patched it in. See dapper-changes: https://lists.ubuntu.com/archives/dapper- changes/2006-January/004465.html. Regarding your linked article, it was 4 days later (http://article.gmane.org/gmane.comp.emulators.wine.patches/20976) Regarding the problem with Windows Insecurity, you are right, but it's not the problem of Wine, it's the problem of the people who are using not-reviewed software. And it doesn't matter if this is with linux and wine or on windows directly or linux alone. As a system administrator, I agree with you, to "secure" wine with apparmor or selinux. As a normal user: WTH is apparmor or selinux? can I click it? is it easy to understand? A better approach would be, to ask Wine Upstream Devs to implement a chroot version, which builds a cage around .wine/drive_c or something. The problem is just that: Windows software (!= opensourced windows software) can do whatever it needs to do, and the user is not caring about. Therefore, you need to secure the user from the user himself. <- not fixable. Giving the user a choice to use what he wants <- fixable with discussions and showing the user, that using Unix Software is better then using Windows Software. Anyways, you could provide a wine apparmor/selinux profile, so that we can ship it with our wine packages and the user, who knows what apparmor/selinux is, can enable is. -- Wine secure by default https://bugs.launchpad.net/bugs/137560 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
