Ubuntu Security :: Running Wine Under A Different User Account?
Jan 2, 2010
I've written an article on my site which lays out steps for installing Wine and running it under its own, separate user account, so that Windows applications cannot access personal files (particularly those in your home directory).[URL}..i'm hoping that there are people on this forum who know Ubuntu inside-out, as I'd like to know how effective the described method is at trapping Windows applications so that they cannot read or write personal files or directories.
The way I understand it, once the process is running under user account wine, it's stuck with the access privileges of user wine. But are there ways in which a rogue application could break out of this prison and gain access to whatever it wishes? I'm guessing that such behaviour would mean someone customising Windows software to recognise Linux, and that such a thing is very unlikely, but I'm still interested to hear what gurus of the Ubuntu internals think of this method.
I started up my computer and suddenly, I saw that there was a new user account. I didn't create it and no one else uses my computer (let alone has access to user account creations). It was called dtc. It didn't seem to have any privileges and the only file in its home folder was called Examples. Should I worry that I might have some kind of malware? I deleted the user and the folder (and it came back after a while). It's main group is dtcgrp. The User ID is 1004.
I have a user account on my laptop which does not display the sound-service icon in my notification area applet (Ubuntu 11.04). If I try to start /usr/lib/indicator-sound/indicator-sound-service manually, I get the following error: Code: libindicator-WARNING **: No watchers, service timing out. ** (process:5612): DEBUG: Service shutdown !
In the many months I've had this account on this box, and as a result of the many minor mods I've made to the account, I've somehow bollixed something in the account setup which interferes with the startup of the service. I created a new account on the system, and the sound service icon displays properly, so I know it's not a system problem. Both the new, bare account and my personal account are in the audio group. As a work-around, I have an icon for gnome-volume-control on my top panel, which works pretty well.
I ran a test where I login a test user several times using the wrong password to see that he gets locked out after several attempts. Now that I got the test user locked out, how do I unlock the test user? I tried passwd -u <test user>, but it says passwd: Error (password not set?).
In the past, I've installed Internet services as daemons and as xinetd.d with no problems. Those approaches do not meet my needs. And, perhaps, nothing will.
- the service was converted from VB-6 to wxPython. It has a GUI which is accessed with either "remote desktop" or VNC. - the wxPython service works on Windows and can be accessed from other hosts on my LAN - the wxPython service works on CentOS and Fedora, but can only be accessed from within the server host. Even from other user-ids. But, I cannot get to it from other hosts. - ipchains AKA firewall ports are marked for INPUT. - The server host uses autologin to fire up a useid in group "user". I do not want it running as "root". the .bash_profile fires the service up. - the service is heavily mult-threaded, and supports devices connected to serial ports asynchronously with the ephemeral port threads (all this works).
There are some programming solutions that I would rather not develop. - a proxy service that runs under xinetd.d. - separate the GUI code from the Internet and serial port code. Allocate a "control" port for remote GUI control. a'la SAMBA & SWAT
Is there any hope, that I can run it as is, by doing some network configuration stuff.
I remember my password very well and have no need of password recovery. Everywhere I look it's how to recover and I don't want that. The kind where you boot into root recovery console to change the password.
I am a new Linux user and have a question about the administrative authentication. When I am logged in as a user and I need to do something that requires root privileges the little password window comes up and I enter the root password. My question is how long are the root privileges granted for?I noticed that a few minutes after finishing checking out the firewall configuration tool and closing the window that I was still able to re-enter the fire wall tool and other administrative tools. How do I log out of the root privileges without logging out and then back into my account?
I am using Red Hat LDAP (version 3) and I have passwordLockout set as "on" at global level. Is there a way to disable account lockout for a specific user?
I need to create such an account that the user wouldn't be able to r/w any file which doesn't belong to it, even if access mode is set to o+rw. I guess normal chmod/chown won't help here... How can i do this?
I made a Desktop User account. When I went on that account, it allowed me to execute sudo as if I was an administrator. I don't know what might be causing this. I do have ufw set up and blocking incoming connections. Do you guys know what might be at the root of this?Also, when I used sudo from the user account (which I shouldn't have been able to do), I provided the password for my admin account.
Is there a way to set Linux to automatically log in to a specific user account and at the same time lock the screen? I want to save time and trigger various software that always should start up on boot, while leaving the computer unattended during startup (extra important and practical for remote control boots), by enforcing a 'screen lock' so that no-one can see what happens behind the login screen without entering the login credentials.
I want to jail Skype into its own process and not the one I login with. That way, if a hacker breaks in, it's limited to this process and only the limited functionality that that user account has. The thing is this -- thousands of Linux guys run Skype, but Skype is hardly ever updated or have security patches, and we run it all the time. It seems like an easy avenue for an exploit. As well, my iptables firew all blocks input connections that I have not established, but Skype is an established connection. How do I create a Bash script that launches Skype under a separate user account?
I wonder if it is possible to have two passwords for one user account in 9.10. I have a long login password (5 words about 45 characters with spaces caps). I would like to set a shorter password for Authentication, sudo, etc. While retaining the original for logging in.In short:Have long password to login to computer.Have short password for everything after login.
I have a problem with the Google search box top right corner in Konqueror, when entering search I recieve an error page "Unsupported Protocol" Google asks for ioslave or kioslave. Also when highlighting text on a page and right clicking with the mouse no search option is given. I created a new user and all works as it should for the new user. What is wrong with my user account? I have reset default values in Konqueror setup.
I have a problem running a game on a fresh Slackware64 install.
Slack version is 13.37
I've followed alien bobs instructions for a multilib environment from here:[url]
And then used sbopkg to download and compile wine version 1.2.2, which went through just fine.
After that I grabbed cabextract from sbopkg and ran this: wget [url] sh winetricks d3dx9 To get the DX9.
But, when I try to run the game, this is the error I get:
Code:
The game it self ran perfectly on the 32 bit version of Slackware, tested with 13.0. So now I think I'm missing some libs or something, but I have no clue which.
Sometimes I connect to my Debian box from another computer (using SSH on Cygwin or Linux), and once ina while I want to run some console apps. And sometimes some of these apps might complain about "another intance, Error: an instance of newsbeuter is already running (PID: 2496)". Is there a work around for this issue at all(without killing the original instance") ? The reason I do not want to kill the app because there might be 2 users connected to the same machine that might be using the same app.
I have a user account which is required to run as part of the operating system and as a service. I am currently attempting to install my companies software on an Ubuntu desktop via wine just for the purpose of finding out if it's do-able.
Is there a way, in Ubuntu, for a user account to be given the local rights assignment to act as part of the operating system and to function as a service in the background?
Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ; if rsync fails with a permission denied. Now I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
I have an init script running as a special build user which performs an automated build that fails with (Too many open files).I updated /etc/security/limits to allow the special user more open files, but that didn't work - the init script still isn't allowed more open files.Here's a demonstration of the problem;
I recently installed likewise 6.0 on a Ubuntu 10.04 box and I was able to login as a Domain user. However my domain user account is not showing on the "User Settings" panel (I can only see locally created accounts). And if try to change login shell by typing "chsh", then it tells me user "DOMAINusername" does not exist in /etc/passwd.
I recently created a new user account in ubuntu linux, and created a file called xsession so that I can boot directly into xmbc when I log into that account. Is there anyway to delete the home folder for that account. I can view the file but when I try to delete it is says I do not have apporite permisions to delete the file.
I removed the account and deleted the group but it still shows up when I type in the address /home/xmbc
Is there anyway I can delete this file. It also will not let me create any new user accounts is there any way I can fix these prolbems without totaly reinstalling the system.
i cant log out of my user account without shutting down the computer, and no one else can either. computer can't be turned off unless i, (administrator)have logged out, this can't be a default setting surely.
I tried to add a samba user account on an Ubuntu machine called "video" like I had on another Ubuntu machine, but it's telling me it already exists. At one point I had added the user via terminal, but the user did not show up in system-config-samba (the popular samba gui a lot of people use). So now I'm trying to re-add him and it's not working. Likewise, if I use terminal to sudo smbpasswd -x video, it says failed to find an entry for that user.
As far as I can tell, the user doesn't exist - yet I can't add him because it "already exists."
the OEM account was created when I just installed Maverick (10.10) and now I've changed the password on that account and want to create a daily user account, cannot locate where I can do that.I want to learn Linux badly but am completely in the dark beginner right now.
