2009/2/25 Chris Robinson <chris.k...@gmail.com>: > On Tuesday 24 February 2009 3:46:53 pm Paul Chitescu wrote: >> My FAT partitions disable +x through file mode mount option since I don't >> want the kernel to attempt to identify and execute every unknown file I >> happen to open/click/hit enter. On those partitions there are no POSIX >> executables but plenty of Win32 ones - many of them shared between Windows >> and Wine. > > If you want to execute something (Wine or otherwise), why set -x? If you set > a file to be -r, would you expect to read it in Wine, still? Or if it's -w, > would you expect Wine apps to be able to write to it? Of course you wouldn't, > so why should x be different? > > If you require an exe to be +x, it becomes quite a bit more difficult to > unintentionally run it. Unsolicited files do not get +x, thus it's impossible > to execute them, accidentally or carelessly (sans the .desktop file issue that > has come up, again, recently). If you ignore the +x, then all it takes is a > mis-click on an email or some other simple mistake.
"Unsolicited" files will get +x with default mount options on vfat/fat partitions, because ALL files on such partitions get +x this way. I would at least like to see Wine respect noexec, if possible. I understand concerns about Wine respecting +x, due mainly to CD-based installers that may or may not have +x set on the files, but I think it would also be the *correct* thing to do. Possibly have some registry entry disable the +x check? This would be particularly useful on a per-application basis, allowing the construction of a whitelist.