CrossOver Support - Community Forums

Important Information These are community forums and not official technical support. If you need official support: Contact Us



CrossOver Linux
Discussion about CrossOver Linux

The following comments are owned by whoever posted them. We are not responsible for them in any way.


Reply to Thread Back to Threads

Bottle stops working on removing the virtual drive Z
Barafu
Barafu
Posted 2015-10-10 15:23
I am using evaluation version to understand if this product fits my needs.
I have found out that if you remove virtual drive Z from bottle config, everything stops working - installed applications and winecfg itself.
The log says
Traceback (most recent call last):
  File "/opt/cxoffice/lib/python/cxsetup.py", line 636, in browse_c_drive
    environ = bottlequery.get_win_environ(bottleObj.name, ("SystemDrive",))
  File "/opt/cxoffice/lib/python/bottlequery.py", line 964, in get_win_environ
    environ[varname.lower()] = manipulator.send('getexpandedstr %s' % varname).get()
  File "/opt/cxoffice/lib/python/bottlequery.py", line 429, in get
    raise IOError("The cxmanip process quit before serving this query.")
IOError: The cxmanip process quit before serving this query.
wine: cannot find L"\\\\?\\unix\\opt\\cxoffice\\lib\\wine\\cxmanip.exe.so"
winewrapper.exe:error: cannot execute L"\\\\?\\unix\\opt\\cxoffice\\lib\\wine\\cxmanip.exe.so"


Is it bug? Can I prevent application from plain access to all my files?
I can run Crossover and apps as separate user, though, but it not very convenient
J-P Simard
J-P Simard Omniscient Mystical Exalted Nigh-invincible Supreme Raging Atomic Dragon Turbo Chief Senior Advocate, Rank 4
Posted 2015-10-10 15:59
I just removed z drive from one of my bottles and things just keep chuggin' along nicely, so I can't reproduce your problem. What software are you trying to run? Is there any demo I can try? I'm willing to test on my system if I can have a demo at least, and if so, maybe I can figure out the problem.

That being said, it might also be useful to know what distro you're using.
Barafu
Barafu
Posted 2015-10-11 07:07
OK. Full report.

OS: Kubuntu 15.10 64bit
Crossover: Demo version I downloaded yesterday, 14.1.10
Related: Have installed wine and every package that Crossover suggested.

Reproduce:
1) Create new bottle. Tried both XP and 7 modes.
2) In Control - Wine configuration remove drive Z OR just manually replace Z symlink with link to empty folder.
3) Wine config can't be called again. No button in "Manage bottle" tabs work, including the "open drive C". If Crossover is run from the console, it reports as stated above.

What I expect:
After the removal of drive Z link everything should work normal except the obvious access to root files.
J-P Simard
J-P Simard Omniscient Mystical Exalted Nigh-invincible Supreme Raging Atomic Dragon Turbo Chief Senior Advocate, Rank 4
Posted 2015-10-11 07:51
Ok, but did you try to install software in there? I know you used the demo of Crossover since you were evaluating, I was more wondering what software you tried to use with Crossover.

In any case, I have managed to sort of reproduce your problem. In my opinion, this is a bug with the GUI. On my system, just removing z doesn't seem to change much as the bottle manager's interface, and the bottles themselves, just work as usual. I did find that removing the y drive (to my home directory) did finally kill the control panel with everything in it gone. Winecfg could still be accessed by using the "run command" button in the bottle manager's GUI. The software in the bottles still worked as before, even with only the fake c drive and a faulty control panel. So, since the software still runs, I do think this is just a bug or a bad assumption made with the bottle manager that expects both the c drive and a drive towards the user's home. That means you could easily remove every drive except the fake c drive even then, it would just lead to an empty control panel in the bottle manager.

That being said, I can't but remark that this is the first anyone tried removing all access. If you're worried about malware, at this time, basically nothing works. Wine / Crossover do not offer the entirety of Windows API, and certainly very little that is low level. That means little in the way of malware actually works, and I never heard of a serious security problem while using a windows software under Crossover. Further,  Crossover doesn't circumvent normal file permissions. Access to / doesn't mean root privileges won't be necessary, and Crossover doesn't even have a mechanism to get root (or sudo). So unless you run windows software with Crossover under the root account (which you shouldn't), there are very little concerns to have. What I'm saying that, although I understand your concerns, I'm not convinced they're justified. If you are that concerned, you have to consider that all software on your system has some read access to / , and I don't see why that's any better without going through Crossover.

I'll report the situation to the staff later and see their answer, but you could do the same by writing to info@codeweavers.com. Since your installation seems more fragile than mine (I can remove z drive without problems), it may even be more interesting if you did so.
Barafu
Barafu
Posted 2015-10-11 09:13
Yes, I tried it with  freeware MyHomeLib.
Unfortunately, the simple and stupid malware runs fine in Wine. You know, the Windows equivalent of "rm -rf /". And I have already seen six times during the last 7 years when the original site or update system of the application I use had been bought or compromised to insert malware. (Three times it was Lenovo preinstalled apps)
This is why I do not want Wine applications to have Windows-way access to my files. I have half-finished to wrap all up into AppArmor, and if I succeed I will think again whether  I need the license.
Stefan Dösinger
Stefan Dösinger  Staff Member
Posted 2015-10-12 03:34
I managed to catch one or two digital colds with Wine.

Note however that removing the Z:\ drive doesn't make CrossOver a sandbox in the security sense of the word. E.g. on Linux there's nothing that stops Windows software from calling int 0x80 to access Linux syscalls directly, bypassing any Wine-imposed restrictions. I don't know the equivalent syscall interface on OSX, but there's nothing that stops Windows code from using it either.

So if you're worried about malware, what you really want to do is use Linux / OSX security software to run all of CrossOver in a sandbox. Or create a separate user account.
J-P Simard
J-P Simard Omniscient Mystical Exalted Nigh-invincible Supreme Raging Atomic Dragon Turbo Chief Senior Advocate, Rank 4
Posted 2015-10-12 06:12
Or better yet, don't run what you don't trust. I've been biting my tongue on this point, but that's the truth. There shouldn't be any software out there that's worth risking your system for.

Please Note: This Forum is for non-application specific questions relating to installation/configuration of CrossOver. All application-specific posts to this Forum will be moved to their appropriate Compatibility Center Forum.

CrossOver Forums: the place to discuss running Windows applications on Mac and Linux

Please Wait...
eyJjYXJ0IjowLCJ0enMiOi01LCJjZG4iOiJodHRwczpcL1wvbWVkaWEuY29kZXdlYXZlcnMuY29tXC9wdWJcL2Nyb3Nzb3Zlclwvd2Vic2l0ZSIsImNkbnRzIjoxNTY4OTgzMzg1fQ==