austin987 Never ever do the quoted on a Linux system > $ sudo wineboot > $ sudo wine foo.exe > will work fine (need some way for users that need raw ICMP/disk > access/etc. to work around it) Raw ICMP and Disk access can be granted many other ways without using sudo. Sudo grants the right to a virus in wine to take out your complete OS. I normally stick to posix capiblities to grant them. If you distro is old or don't have posix file capiblities in kernel. >From http://ftp.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.4/capfaq-0.2.txt > How do I start a process with a limited set of capabilities under > another uid? > > Use the sucap utility which changes uid from root without loosing any > capabilities. Normally all capabilities are cleared when changing uid > from root. The sucap utility requires the CAP_SETPCAP capability. > The following example starts updated under uid updated and gid updated > with CAP_SYS_ADMIN raised in the Effective set. > > sucap updated updated execcap 'cap_sys_admin=eip' update > Or if your kernel has support of file capiblies create a version of wine with a little more permissions. setfcaps -c cap_net_raw=p -e /bin/ping There has been no reason to run wine on Linux as root since late 2.2 linux kernels and early 2.4 linux kernels. Personally I really do wish that a bail out patch would get added to wine for all Linux systems. Even running services there is no reason for wine to be root.
