wine users - Sep 2009 - Wine must implement user/group permission policy

Hi,

Using Wine 1.1.29 on Ubuntu 9.04 x32 and x64. 

Currently, once installed, Wine can be used by every user. It would be better if
there is a WineUsers group. Only the users who are in this group can see the
Wine menu and can execute Windows executable within Wine.

Scenario: UserX is a low privilege user. This user cannot install any software.
When UserX uses Firefox to surf the web, if this user download a Window
executable, The Firefox dialog box must not show "Open with Wine".

If UserX saves the Win exe on the hard drive. The Nautilus right-click context
menu must not show "Open with Wine".

If it is too complex to configure Firefox or the Nautilus context menu to hide
"Open with Wine" specific to each user, It is OK for the "Open
with Wine" item to be visible. However this must be a dud. Which means if
UserX still decides to open the Win exe with Wine, there must be a system error
and NOTHING must happen (The Win exe is ignored and NOT excuted).

Is it doable? And I wonder if there was already a request for this feature.

Thanks in advance for any help.

CruBourgeois wrote:
> 
> Currently, once installed, Wine can be used by every user. It would be
better if there is a WineUsers group..

So create one. Permissions are handled by your OS, not Wine.

So then if I create a new group called WineUsers, how can I tell Wine that user
not member of this group cannot use Wine?

Gert van den Berg wrote:
> On Thu, Sep 17, 2009 at 04:44, Let the WineUsers group own the binaries /
directories, give group
> execute / browse permission, remove everyone permissions?
> 
> Of course, you need to ensure that the user cannot install packages
> and doesn't have access to a compiler...

Thank you for your answer. The user in question cannot install package and
doesn't even know what a compiler is.

As for setting group permission, which binaries / directories are you talking
about? I would appreciate a more detailed hint. I know Linux in general, I can
do chmod. But I don't know what the policy or rules that Wine expect.

I would appreciate some clear indications like:

- Give RWX to WineUsers group on this folder and subfolders (and please indicate
exactly the path of that folder). Or better yet, can you give me the exact chmod
command to run?

- Should the WineUsers group own certain folders (and which one)?

Has this scenario already experimented by someone else? I can't believe I am
the first one who has this idea.

Hi Gert,

Thanks for the indications. That give some ideas I will try this tonight. I am
using Ubuntu 9.04 too (x32 and x64).

May be I was not clear in my previous post. The Linux User I am trying to block
the usage of Wine is a low privilege user. This User doesn't know installing
package and doesn't know compiling or UNtar or anything. The only thing this
user does on the computer is to surf the web. And I would like to prevent this
user from accidentally execute a Win exe in wine.

I will try your suggestion if it doesn't work then I will go for the
absolute solution which mean removing Wine from the computer.