https://bugs.winehq.org/show_bug.cgi?id=52845
Bug ID: 52845 Summary: Recent versions of chromium have broken sandbox again Product: Wine Version: 7.6 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: dark.shadow4@web.de Distribution: ---
Somewhere between chromium-946247 (commit 4e7609b62147866fb7b226fd6efbe1ae4d2f1aca and chromium-946263 (commit 1bd694702105072e57b980512130a3212675ec19) the sandbox got changes so it doesn't work under wine anymore. Result is a black screen and soon a crash.
This affects both 32bit and 64bit chromium.
Note: chromium should be located inside the WINEPREFIX, it won't run outside!
Nightly versions to test with (chrome-win.zip) https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.ht... https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.ht...
I tried to build from source on my Win11 machine, but those versions don't run under wine at all, even if compiling the same commit as the nightly versions.
https://bugs.winehq.org/show_bug.cgi?id=52845
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |https://commondatastorage.g | |oogleapis.com/chromium-brow | |ser-snapshots/index.html?pr | |efix=Win/946263/ Keywords| |download
https://bugs.winehq.org/show_bug.cgi?id=52845
--- Comment #1 from Fabian Maurer dark.shadow4@web.de --- I personally suspect https://github.com/chromium/chromium/commit/158c5fad3ef830e95f1eedb702878697...
https://bugs.winehq.org/show_bug.cgi?id=52845
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |austinenglish@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=52845
--- Comment #2 from Fabian Maurer dark.shadow4@web.de --- (In reply to Fabian Maurer from comment #1)
I personally suspect https://github.com/chromium/chromium/commit/ 158c5fad3ef830e95f1eedb702878697e4dd0154
Bisected chromium, this is indeed the change that breaks under wine. I'll report back if I find out anything else.
https://bugs.winehq.org/show_bug.cgi?id=52845
--- Comment #3 from Fabian Maurer dark.shadow4@web.de --- To be exact, what breaks it is the changes to RevokeLogonSidFromDefaultDacl, see https://github.com/chromium/chromium/commit/158c5fad3ef830e95f1eedb702878697...
Take the following code:
absl::optionalbase::win::Sid logon_sid = query_token->LogonId(); if (!logon_sid) return ::GetLastError() == ERROR_NOT_FOUND;
if calls into
absl::optional<Sid> AccessToken::LogonId() const { std::vectorAccessToken::Group groups = GetGroupsFromToken(token_.Get(), TokenLogonSid); for (const AccessToken::Group& group : groups) { if (group.IsLogonId()) return group.GetSid().Clone(); } return absl::nullopt;
using
bool AccessToken::Group::IsLogonId() const { return (attributes_ & SE_GROUP_LOGON_ID) == SE_GROUP_LOGON_ID; }
In short, chromium expects one group of the token to belong to the logon group. If that's not the case, it errors out.
Sending in a patch soon.
https://bugs.winehq.org/show_bug.cgi?id=52845
--- Comment #4 from Alexandre Julliard julliard@winehq.org --- Hopefully fixed by dd99319cdebe783c9c3def3a39c8b6ab73689c5f.
https://bugs.winehq.org/show_bug.cgi?id=52845
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #5 from Fabian Maurer dark.shadow4@web.de --- Confirming fixed.
https://bugs.winehq.org/show_bug.cgi?id=52845
Zeb Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |dd99319cdebe783c9c3def3a39c | |8b6ab73689c5f
https://bugs.winehq.org/show_bug.cgi?id=52845
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 7.8.