[pkg-wine-party] Bug#733556: Ok I think someone has this issue backwards.
Peter Dolding
oiaohm at gmail.com
Tue Mar 4 03:11:08 UTC 2014
I think you have this issue backwards. Wine project in fact
recommends against using binfmt_misc with wine.
Building wine from source has never made binfmt-misc entries. The
binfmt_misc entries are something maintainers thought up as a good
idea.
Reasons why its an very wrong thing. 1 wine should not be run as
root. There is no wrapper on binfmt_misc to make it fail in case of
a .exe on root.
Reason why wine should not run as root. Wine can run Windows viruses
very effectively.
Number 2 WINEPREFIX settings. Direct running by binfmt_misc cannot
tell that X application in fact owns to alternative WINEPREFIX. Wine
does not use extended Xattr to declare WINEPREFIX ownership on .exe
files.
So the fact it broken the question needs to be asked. Should this
feature be removed and made only for those who wish to take the risk.
Really I would like to hear the real-world examples that require this feature.
binfmt_misc is not required by graphical environments on Linux since
wine does register itself by the freedesktop mine types. From
command line you will find xdg-open <some.exe> does in fact work.
Just like wine some.exe works. Yes the missing WINEPREFIX
inforamtion is a problem with xdg-open this is why running wine by
shell script or .desktop file is recommend.
Basically as far as the main wine project knows no end user has an use
for binfmt_misc loading .exe files. So to them its one of those
bright spark ideas by package makers without any consideration to
security.
If binfmt_misc exists with wine it should really be a independent
package to the main wine package as the implementation of binfmt_misc
does not come from the main wine project and it is a security risk
that end users should opt in on not have to remember to opt out on.
Basically the broken state is a good time to patch up a security
issue. I also don't believe this bug is due a grave rating. Grave
rating was the fact binfmt_misc worked with wine.
More information about the pkg-wine-party
mailing list