https://bugs.winehq.org/show_bug.cgi?id=53981
Bug ID: 53981 Summary: Chromium broken sandbox due to GetSecurityInfo giving access denied Product: Wine Version: 7.21 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: dark.shadow4@web.de Distribution: ---
Created attachment 73562 --> https://bugs.winehq.org/attachment.cgi?id=73562 Hack to make it run
Chromium added some changes that break under wine. Bisected to https://github.com/chromium/chromium/commit/334d609732bfa22da7e5dd5e3543949c...
Callstack: https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... broker_services.cc: ResultCode BrokerServicesBase::CreateAlternateDesktop(Desktop desktop) ResultCode result = alt_winstation_->Initialize(true); ResultCode result = alt_desktop_->Initialize(false);
https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... alternate_desktop.cc: ResultCode AlternateDesktop::Initialize(bool alternate_winstation) ResultCode result = CreateAltWindowStation(&winstation_);
https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... window.cc: ResultCode CreateAltWindowStation(HWINSTA* winsta) if (!GetSecurityAttributes(current_winsta, &attributes))
https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... window.cc: bool GetSecurityAttributes(HANDLE handle, SECURITY_ATTRIBUTES* attributes) GetSecurityInfo
Then we enter "GetSecurityInfo" inside Wine. That calls into NtQuerySecurityObject And inside wineserver we call struct object *get_handle_obj( struct process *process, obj_handle_t handle, unsigned int access, const struct object_ops *ops ) which returns STATUS_ACCESS_DENIED
Attaching a hack to remove that check, that makes chrome run.