Running ping under Wine will give a warning that it will fail unless running as root. This is because the Linux kernel restricts the ability to create raw sockets.

This wasn't the case on Windows, and as such there are a few "normal" Windows programs that create raw sockets for legitimate reasons. The most common example is ping. Note this was a security issue, and consequently Microsoft limited the use of raw sockets in XP SP 2 and later, except for server OSes. The danger was mainly that malicious software would spread outward through the network (or cause a DDOS) even if it couldn't compromise the local machine.

MSDN article on raw sockets: http://msdn.microsoft.com/en-us/library/ms740548%28VS.85%29.aspx

Affected programs

Anything that uses IPX networking (mostly old games), traffic analysis tools similar to Ping.

Linux Capabilities possible solution:

While not a POSIX standard, on Linux systems you can give a program permission to create raw sockets without actually running as root.

sudo setcap CAP_NET_RAW=ep foo.exe

Wine will not actually use this properly however. Wine has no code to detect when it's running with capabilities, which will at best generate spurious error reports about the need for root. Furthermore, running the program with wine start foo.exe will launch it with the /usr/bin/wine capabilities rather than the foo.exe capabilities. Wineserver also has no way of determining which process is creating a request for a socket, and wineserver itself would need to inherit the capabilities (which is a problem if wineserver is already running).

Here is a relevant tutorial on capabilities, including ways to programatically test for them: http://www.friedhoff.org/posixfilecaps.html

Bugs affected

• Bug 20854
• Bug 19029