                          DOSRUN security whitepaper
  		  by LGB (Gabor Lenart), lgb@vlug.vein.hu


* DOSRUN does NOT require root privilegies. However we can reduce memory 
  allocation with 348K by mapping memory to the right place, I think it does
  not worth. At the moment dosrun refuses working if you try to run it as
  root (or as setuid root).
  
* Dosrun can be dangerous because it's a direct gate between Linux and DOS.
  A DOS virus running at the top of an application started by dosrun can
  modify or delete user's files. Since dosrun won't run as root this problem
  not affect the system but a user's damage is enough to be stay tuned.
  Many DOS viruses hook interrupt vectors and stay resident. Current version
  of dosrun does not implement any TSR functions so hooking eg int 21h seems
  to be unnecessary for legal purposes. But this can't be standarized and
  many legal softwares hooks interrupt vectors so we must be enable this
  technique for DOS programs. Also, non-resident viruses does not use any
  interrupt hooking. So we must monitor file write and deletion accesses
  to keep secure the user's files. (dosrun only implements file functions
  through regular Linux filesystem, so there is no way to ignore unix
  permissions for a DOS application)
  
            chdir()      * dosrun can chdir() to a specified directory,
                           so you can limit file accesses.
	    simple acls  * dosrun can be configured for don't allow to
	                   open/write/delete specified files.

* So there is NO need to run dosrun as root. Bufferrun-like exploits don't
  gain any unwanted privilegies since dosrun always run with the user's
  uid. To avoid other problems dosrun DOES NOT work with setuid bit even if
  it isn't root setuid ...
