mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.14.2

This commit is contained in:
DavidXanatos 2024-06-17 13:23:57 +02:00
parent 6266f18ebe
commit 1badefbef1
12 changed files with 288 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -18,6 +18,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- Add new option "AllowCoverTaskbar" for [#3975](https://github.com/sandboxie-plus/Sandboxie/issues/3975) - Add new option "AllowCoverTaskbar" for [#3975](https://github.com/sandboxie-plus/Sandboxie/issues/3975)
- added RPC Port message filter mechanism to block unsafe RDP calls via the driver [#3930](https://github.com/sandboxie-plus/Sandboxie/issues/3930) - added RPC Port message filter mechanism to block unsafe RDP calls via the driver [#3930](https://github.com/sandboxie-plus/Sandboxie/issues/3930)
- Usage: "RpcPortFilter=Port,ID,Label" label is optional - Usage: "RpcPortFilter=Port,ID,Label" label is optional
- added "Job Object" Options page to colelct all job object related options
### Changed ### Changed
- Extend "Temp Template" to make it could delete local template section. - Extend "Temp Template" to make it could delete local template section.
@ -36,6 +37,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.14.1 / 5.69.1] - 2024-06-06 ## [1.14.1 / 5.69.1] - 2024-06-06
### Added ### Added

374
SandboxiePlus/SandMan/Forms/OptionsWindow.ui
View File

@ -1572,49 +1572,31 @@
</item> </item>
</layout> </layout>
</widget> </widget>
<widget class="QWidget" name="tabPrivileges"> <widget class="QWidget" name="tabJob">
<property name="font">
<font>
<weight>50</weight>
<bold>false</bold>
<kerning>true</kerning>
</font>
</property>
<attribute name="title"> <attribute name="title">
<string>Advanced Security</string> <string>Job Object</string>
</attribute> </attribute>
<layout class="QGridLayout" name="gridLayout_26"> <layout class="QGridLayout" name="gridLayout_51">
<item row="0" column="1"> <item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_2"> <layout class="QGridLayout" name="gridLayout_50">
<item row="10" column="2" colspan="2"> <item row="6" column="1" colspan="2">
<widget class="QLabel" name="label_74"> <widget class="QLabel" name="label_86">
<property name="text"> <property name="text">
<string>Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens.</string> <string>Total Processes Number Limit:</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property> </property>
</widget> </widget>
</item> </item>
<item row="2" column="1" colspan="3"> <item row="1" column="1" colspan="4">
<widget class="QCheckBox" name="chkRestrictServices"> <widget class="QCheckBox" name="chkAddToJob">
<property name="text"> <property name="text">
<string>Do not start sandboxed services using a system token (recommended)</string> <string>Add sandboxed processes to job objects (recommended)</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="1" column="1" colspan="3"> <item row="0" column="0">
<widget class="QCheckBox" name="chkProtectSCM"> <widget class="QLabel" name="lblJob">
<property name="text">
<string>Allow only privileged processes to access the Service Control Manager</string>
</property>
</widget>
</item>
<item row="6" column="0">
<widget class="QLabel" name="lblFence">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
@ -1627,31 +1609,134 @@
</property> </property>
</widget> </widget>
</item> </item>
<item row="9" column="1" colspan="4"> <item row="5" column="1" colspan="2">
<widget class="QCheckBox" name="chkSbieLogon"> <widget class="QLabel" name="label_56">
<property name="text"> <property name="text">
<string>Use a Sandboxie login instead of an anonymous token</string> <string>Total Processes Memory Limit:</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="0" column="0"> <item row="4" column="1" colspan="2">
<widget class="QLabel" name="lblPrivilege"> <widget class="QLabel" name="label_53">
<property name="text">
<string>Single Process Memory Limit:</string>
</property>
</widget>
</item>
<item row="4" column="3">
<widget class="QLineEdit" name="lineSingleMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="5" column="3">
<widget class="QLineEdit" name="lineTotalMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="6" column="3">
<widget class="QLineEdit" name="lineTotalNumber">
<property name="placeholderText">
<string>Leave it blank to disable the setting</string>
</property>
</widget>
</item>
<item row="2" column="2" colspan="3">
<widget class="QCheckBox" name="chkNestedJobs">
<property name="text">
<string>Allow use of nested job objects (works on Windows 8 and later)</string>
</property>
</widget>
</item>
<item row="7" column="4">
<spacer name="horizontalSpacer_23">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="7" column="0">
<spacer name="verticalSpacer_45">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_63">
<property name="sizePolicy">
<sizepolicy hsizetype="Fixed" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>16</width>
<height>0</height>
</size>
</property>
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="3" column="0" colspan="2">
<widget class="QLabel" name="lblLimit">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
</property> </property>
<property name="toolTip"> <property name="toolTip">
<string>Protect the sandbox integrity itself</string> <string>Protect the system from sandboxed processes</string>
</property> </property>
<property name="text"> <property name="text">
<string>Privilege isolation</string> <string>Limit restrictions</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="11" column="2"> </layout>
</item>
</layout>
</widget>
<widget class="QWidget" name="tabPrivileges">
<property name="font">
<font>
<bold>false</bold>
<kerning>true</kerning>
</font>
</property>
<attribute name="title">
<string>Advanced Security</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_26">
<item row="0" column="1">
<layout class="QGridLayout" name="gridLayout_2">
<item row="5" column="1" colspan="3">
<widget class="QCheckBox" name="chkDropPrivileges">
<property name="text">
<string>Drop critical privileges from processes running with a SYSTEM token</string>
</property>
</widget>
</item>
<item row="9" column="2">
<spacer name="horizontalSpacer_13"> <spacer name="horizontalSpacer_13">
<property name="orientation"> <property name="orientation">
<enum>Qt::Horizontal</enum> <enum>Qt::Horizontal</enum>
@ -1664,10 +1749,20 @@
</property> </property>
</spacer> </spacer>
</item> </item>
<item row="7" column="1" colspan="2"> <item row="1" column="1" colspan="3">
<widget class="QCheckBox" name="chkAddToJob"> <widget class="QCheckBox" name="chkProtectSCM">
<property name="text"> <property name="text">
<string>Add sandboxed processes to job objects (recommended)</string> <string>Allow only privileged processes to access the Service Control Manager</string>
</property>
</widget>
</item>
<item row="8" column="2" colspan="2">
<widget class="QLabel" name="label_74">
<property name="text">
<string>Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property> </property>
</widget> </widget>
</item> </item>
@ -1675,7 +1770,6 @@
<widget class="QLabel" name="label_65"> <widget class="QLabel" name="label_65">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
@ -1685,7 +1779,37 @@
</property> </property>
</widget> </widget>
</item> </item>
<item row="11" column="1"> <item row="0" column="0">
<widget class="QLabel" name="lblPrivilege">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="toolTip">
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Privilege isolation</string>
</property>
</widget>
</item>
<item row="2" column="1" colspan="3">
<widget class="QCheckBox" name="chkRestrictServices">
<property name="text">
<string>Do not start sandboxed services using a system token (recommended)</string>
</property>
</widget>
</item>
<item row="7" column="1" colspan="4">
<widget class="QCheckBox" name="chkSbieLogon">
<property name="text">
<string>Use a Sandboxie login instead of an anonymous token</string>
</property>
</widget>
</item>
<item row="9" column="1">
<spacer name="verticalSpacer"> <spacer name="verticalSpacer">
<property name="orientation"> <property name="orientation">
<enum>Qt::Vertical</enum> <enum>Qt::Vertical</enum>
@ -1716,7 +1840,6 @@
<widget class="QLabel" name="label_64"> <widget class="QLabel" name="label_64">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
@ -1726,18 +1849,10 @@
</property> </property>
</widget> </widget>
</item> </item>
<item row="5" column="1" colspan="3"> <item row="6" column="0" colspan="2">
<widget class="QCheckBox" name="chkDropPrivileges">
<property name="text">
<string>Drop critical privileges from processes running with a SYSTEM token</string>
</property>
</widget>
</item>
<item row="8" column="0" colspan="2">
<widget class="QLabel" name="lblToken"> <widget class="QLabel" name="lblToken">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
@ -3927,7 +4042,6 @@ The process match level has a higher priority than the specificity and describes
<widget class="QTabWidget" name="tabsOther"> <widget class="QTabWidget" name="tabsOther">
<property name="font"> <property name="font">
<font> <font>
<weight>50</weight>
<bold>false</bold> <bold>false</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
@ -3949,49 +4063,31 @@ The process match level has a higher priority than the specificity and describes
</property> </property>
</widget> </widget>
</item> </item>
<item row="0" column="1">
<widget class="QCheckBox" name="chkNoPanic">
<property name="toolTip">
<string>When the global hotkey is pressed 3 times in short succession this exception will be ignored.</string>
</property>
<property name="text">
<string>Exclude this sandbox from being terminated when &quot;Terminate All Processes&quot; is invoked.</string>
</property>
</widget>
</item>
<item row="6" column="1"> <item row="6" column="1">
<widget class="QCheckBox" name="chkUseSbieWndStation">
<property name="text">
<string>Emulate sandboxed window station for all processes</string>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="lblCompatibility">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Compatibility</string>
</property>
</widget>
</item>
<item row="7" column="1">
<widget class="QCheckBox" name="chkComTimeout"> <widget class="QCheckBox" name="chkComTimeout">
<property name="text"> <property name="text">
<string>Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues)</string> <string>Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues)</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="2" column="1"> <item row="4" column="1">
<widget class="QCheckBox" name="chkPreferExternalManifest">
<property name="text">
<string>Force usage of custom dummy Manifest files (legacy behaviour)</string>
</property>
</widget>
</item>
<item row="5" column="1">
<widget class="QCheckBox" name="chkUseSbieDeskHack"> <widget class="QCheckBox" name="chkUseSbieDeskHack">
<property name="text"> <property name="text">
<string>Use desktop object workaround for all processes</string> <string>Use desktop object workaround for all processes</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="8" column="0"> <item row="7" column="0">
<spacer name="verticalSpacer_28"> <spacer name="verticalSpacer_28">
<property name="orientation"> <property name="orientation">
<enum>Qt::Vertical</enum> <enum>Qt::Vertical</enum>
@ -4004,121 +4100,35 @@ The process match level has a higher priority than the specificity and describes
</property> </property>
</spacer> </spacer>
</item> </item>
<item row="8" column="1"> <item row="1" column="0">
<spacer name="horizontalSpacer_12"> <widget class="QLabel" name="lblCompatibility">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="4" column="1">
<widget class="QCheckBox" name="chkNestedJobs">
<property name="text">
<string>Allow use of nested job objects (works on Windows 8 and later)</string>
</property>
</widget>
</item>
<item row="0" column="1">
<widget class="QCheckBox" name="chkNoPanic">
<property name="toolTip">
<string>When the global hotkey is pressed 3 times in short succession this exception will be ignored.</string>
</property>
<property name="text">
<string>Exclude this sandbox from being terminated when &quot;Terminate All Processes&quot; is invoked.</string>
</property>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
<widget class="QWidget" name="lblLimit_2">
<attribute name="title">
<string>Process Limits</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_51">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_50">
<item row="4" column="0">
<spacer name="verticalSpacer_44">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="0">
<widget class="QLabel" name="lblLimit">
<property name="font"> <property name="font">
<font> <font>
<weight>75</weight>
<bold>true</bold> <bold>true</bold>
<kerning>true</kerning> <kerning>true</kerning>
</font> </font>
</property> </property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text"> <property name="text">
<string>Limit restrictions</string> <string>Compatibility</string>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QLineEdit" name="lineTotalMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="3" column="2">
<widget class="QLineEdit" name="lineTotalNumber">
<property name="placeholderText">
<string>Leave it blank to disable the setting</string>
</property>
</widget>
</item>
<item row="1" column="2">
<widget class="QLineEdit" name="lineSingleMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QLabel" name="label_86">
<property name="text">
<string>Total Processes Number Limit:</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="2" column="1"> <item row="2" column="1">
<widget class="QLabel" name="label_56"> <widget class="QCheckBox" name="chkPreferExternalManifest">
<property name="text"> <property name="text">
<string>Total Processes Memory Limit:</string> <string>Force usage of custom dummy Manifest files (legacy behaviour)</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="1" column="1"> <item row="5" column="1">
<widget class="QLabel" name="label_53"> <widget class="QCheckBox" name="chkUseSbieWndStation">
<property name="text"> <property name="text">
<string>Single Process Memory Limit:</string> <string>Emulate sandboxed window station for all processes</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="4" column="1" colspan="2"> <item row="7" column="1">
<spacer name="horizontalSpacer_22"> <spacer name="horizontalSpacer_12">
<property name="orientation"> <property name="orientation">
<enum>Qt::Horizontal</enum> <enum>Qt::Horizontal</enum>
</property> </property>

BIN
SandboxiePlus/SandMan/Resources/Actions/Job.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
SandboxiePlus/SandMan/Resources/Actions/Job2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
SandboxiePlus/SandMan/Resources/Actions/Job3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.1 KiB

BIN
SandboxiePlus/SandMan/Resources/Actions/Job4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

4
SandboxiePlus/SandMan/Resources/SandMan.qrc
View File

@ -182,6 +182,10 @@
<file>Actions/TaskBar.png</file> <file>Actions/TaskBar.png</file>
<file>Actions/Desktop.png</file> <file>Actions/Desktop.png</file>
<file>Actions/Pause.png</file> <file>Actions/Pause.png</file>
<file>Actions/Job.png</file>
<file>Actions/Job2.png</file>
<file>Actions/Job4.png</file>
<file>Actions/Job3.png</file>
</qresource> </qresource>
<qresource prefix="/Boxes"> <qresource prefix="/Boxes">
<file alias="Busy">Boxes/BusyOverlay.png</file> <file alias="Busy">Boxes/BusyOverlay.png</file>

41
SandboxiePlus/SandMan/Windows/OptionsAccess.cpp
View File

@ -13,11 +13,11 @@
void COptionsWindow::CreateAccess() void COptionsWindow::CreateAccess()
{ {
// Resource Access // Resource Access
connect(ui.chkPrivacy, SIGNAL(clicked(bool)), this, SLOT(OnAccessChanged())); connect(ui.chkPrivacy, SIGNAL(clicked(bool)), this, SLOT(OnAccessChangedEx()));
connect(ui.chkUseSpecificity, SIGNAL(clicked(bool)), this, SLOT(OnAccessChanged())); connect(ui.chkUseSpecificity, SIGNAL(clicked(bool)), this, SLOT(OnAccessChangedEx()));
connect(ui.chkBlockWMI, SIGNAL(clicked(bool)), this, SLOT(OnAccessChanged())); connect(ui.chkBlockWMI, SIGNAL(clicked(bool)), this, SLOT(OnAccessChangedEx()));
connect(ui.chkCloseForBox, SIGNAL(clicked(bool)), this, SLOT(OnAccessChanged())); connect(ui.chkCloseForBox, SIGNAL(clicked(bool)), this, SLOT(OnAccessChangedEx()));
connect(ui.chkNoOpenForBox, SIGNAL(clicked(bool)), this, SLOT(OnAccessChanged())); connect(ui.chkNoOpenForBox, SIGNAL(clicked(bool)), this, SLOT(OnAccessChangedEx()));
// //
connect(ui.btnAddFile, SIGNAL(clicked(bool)), this, SLOT(OnAddFile())); connect(ui.btnAddFile, SIGNAL(clicked(bool)), this, SLOT(OnAddFile()));
@ -54,8 +54,8 @@ void COptionsWindow::CreateAccess()
connect(ui.tabsAccess, SIGNAL(currentChanged(int)), this, SLOT(OnAccessTab())); connect(ui.tabsAccess, SIGNAL(currentChanged(int)), this, SLOT(OnAccessTab()));
} }
void COptionsWindow::OnAccessChanged() void COptionsWindow::OnAccessChangedEx()
{ {
if (sender() == ui.chkPrivacy || sender() == ui.chkUseSpecificity) { if (sender() == ui.chkPrivacy || sender() == ui.chkUseSpecificity) {
if (ui.chkPrivacy->isChecked() || (ui.chkUseSpecificity->isEnabled() && ui.chkUseSpecificity->isChecked())) if (ui.chkPrivacy->isChecked() || (ui.chkUseSpecificity->isEnabled() && ui.chkUseSpecificity->isChecked()))
theGUI->CheckCertificate(this); theGUI->CheckCertificate(this);
@ -67,7 +67,14 @@ void COptionsWindow::OnAccessChanged()
ui.chkUseSpecificity->setChecked(m_pBox->GetBool("UseRuleSpecificity", false)); ui.chkUseSpecificity->setChecked(m_pBox->GetBool("UseRuleSpecificity", false));
} }
m_AccessChanged = true; OnAccessChanged();
}
void COptionsWindow::OnAccessChanged()
{
UpdateJobOptions();
m_AccessChanged = true;
OnOptChanged(); OnOptChanged();
} }
@ -105,8 +112,7 @@ void COptionsWindow::SetAccessEntry(EAccessType Type, const QString& Program, EA
{ {
if (GetAccessEntry(Type, Program, Mode, Path) != NULL) if (GetAccessEntry(Type, Program, Mode, Path) != NULL)
return; // already set return; // already set
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
AddAccessEntry(Type, Mode, Program, Path); AddAccessEntry(Type, Mode, Program, Path);
} }
@ -115,8 +121,7 @@ void COptionsWindow::DelAccessEntry(EAccessType Type, const QString& Program, EA
if(QTreeWidgetItem* pItem = GetAccessEntry(Type, Program, Mode, Path)) if(QTreeWidgetItem* pItem = GetAccessEntry(Type, Program, Mode, Path))
{ {
delete pItem; delete pItem;
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
} }
} }
@ -365,8 +370,7 @@ void COptionsWindow::OnBrowseFile()
AddAccessEntry(eFile, eOpen, "", Value); AddAccessEntry(eFile, eOpen, "", Value);
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
} }
void COptionsWindow::OnBrowseFolder() void COptionsWindow::OnBrowseFolder()
@ -377,8 +381,7 @@ void COptionsWindow::OnBrowseFolder()
AddAccessEntry(eFile, eOpen, "", Value); AddAccessEntry(eFile, eOpen, "", Value);
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
} }
QString COptionsWindow::ExpandPath(EAccessType Type, const QString& Path) QString COptionsWindow::ExpandPath(EAccessType Type, const QString& Path)
@ -586,8 +589,7 @@ void COptionsWindow::CloseAccessEdit(QTreeWidgetItem* pItem, bool bSave)
pItem->setText(3, ExpandPath(Type, Path)); pItem->setText(3, ExpandPath(Type, Path));
pItem->setData(3, Qt::UserRole, Path); pItem->setData(3, Qt::UserRole, Path);
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
} }
pTree->setItemWidget(pItem, 1, NULL); pTree->setItemWidget(pItem, 1, NULL);
@ -675,8 +677,7 @@ void COptionsWindow::OnAccessChanged(QTreeWidgetItem* pItem, int Column)
if (Column != 0) if (Column != 0)
return; return;
m_AccessChanged = true; OnAccessChanged();
OnOptChanged();
} }
void COptionsWindow::DeleteAccessEntry(QTreeWidgetItem* pItem, int Column) void COptionsWindow::DeleteAccessEntry(QTreeWidgetItem* pItem, int Column)

85
SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
View File

@ -129,7 +129,9 @@ void COptionsWindow::LoadAdvanced()
ui.chkPreferExternalManifest->setChecked(m_pBox->GetBool("PreferExternalManifest", false)); ui.chkPreferExternalManifest->setChecked(m_pBox->GetBool("PreferExternalManifest", false));
ui.chkElevateCreateProcessFix->setChecked(m_pBox->GetBool("ApplyElevateCreateProcessFix", false)); ui.chkElevateCreateProcessFix->setChecked(m_pBox->GetBool("ApplyElevateCreateProcessFix", false));
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
ui.chkNestedJobs->setChecked(m_pBox->GetBool("AllowBoxedJobs", false)); ui.chkNestedJobs->setChecked(m_pBox->GetBool("AllowBoxedJobs", false));
ui.chkUseSbieDeskHack->setChecked(m_pBox->GetBool("UseSbieDeskHack", true)); ui.chkUseSbieDeskHack->setChecked(m_pBox->GetBool("UseSbieDeskHack", true));
ui.chkUseSbieWndStation->setChecked(m_pBox->GetBool("UseSbieWndStation", true)); ui.chkUseSbieWndStation->setChecked(m_pBox->GetBool("UseSbieWndStation", true));
@ -302,6 +304,8 @@ void COptionsWindow::LoadAdvanced()
if (!ui.chkOpenCredentials->isEnabled()) ui.chkOpenCredentials->setChecked(true); if (!ui.chkOpenCredentials->isEnabled()) ui.chkOpenCredentials->setChecked(true);
m_AdvancedChanged = false; m_AdvancedChanged = false;
UpdateJobOptions();
} }
void COptionsWindow::OnPSTChanged() void COptionsWindow::OnPSTChanged()
@ -553,16 +557,16 @@ void COptionsWindow::OnIsolationChanged()
ui.chkNoOpenForBox->setChecked(m_pBox->GetBool("DontOpenForBoxed", true)); ui.chkNoOpenForBox->setChecked(m_pBox->GetBool("DontOpenForBoxed", true));
} }
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::UpdateBoxIsolation() void COptionsWindow::UpdateBoxIsolation()
{ {
ui.chkNoSecurityFiltering->setEnabled(ui.chkNoSecurityIsolation->isChecked()); ui.chkNoSecurityFiltering->setEnabled(ui.chkNoSecurityIsolation->isChecked());
ui.chkAddToJob->setEnabled(!IsAccessEntrySet(eWnd, "", eOpen, "*") && !ui.chkNoSecurityIsolation->isChecked()); //ui.chkNotUntrusted->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
ui.chkNestedJobs->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
UpdateJobOptions();
ui.chkOpenDevCMApi->setEnabled(!ui.chkNoSecurityIsolation->isChecked()); ui.chkOpenDevCMApi->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
ui.chkOpenSamEndpoint->setEnabled(!ui.chkNoSecurityIsolation->isChecked()); ui.chkOpenSamEndpoint->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
@ -592,13 +596,9 @@ void COptionsWindow::UpdateBoxIsolation()
if (ui.chkNoSecurityIsolation->isChecked()) { if (ui.chkNoSecurityIsolation->isChecked()) {
ui.chkCloseForBox->setChecked(false); ui.chkCloseForBox->setChecked(false);
ui.chkNoOpenForBox->setChecked(false); ui.chkNoOpenForBox->setChecked(false);
if (!IsAccessEntrySet(eWnd, "", eOpen, "*"))
ui.chkAddToJob->setChecked(false);
ui.chkSbieLogon->setChecked(false); ui.chkSbieLogon->setChecked(false);
} }
else { else {
if (!IsAccessEntrySet(eWnd, "", eOpen, "*"))
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
ReadGlobalCheck(ui.chkSbieLogon, "SandboxieLogon", false); ReadGlobalCheck(ui.chkSbieLogon, "SandboxieLogon", false);
} }
} }
@ -606,8 +606,7 @@ void COptionsWindow::UpdateBoxIsolation()
void COptionsWindow::OnSysSvcChanged() void COptionsWindow::OnSysSvcChanged()
{ {
ui.chkElevateRpcss->setDisabled(ui.chkNoSecurityIsolation->isChecked() && (!ui.chkRestrictServices->isChecked() || ui.chkMsiExemptions->isChecked())); ui.chkElevateRpcss->setDisabled(ui.chkNoSecurityIsolation->isChecked() && (!ui.chkRestrictServices->isChecked() || ui.chkMsiExemptions->isChecked()));
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnConfidentialChanged() void COptionsWindow::OnConfidentialChanged()
@ -623,10 +622,25 @@ void COptionsWindow::OnLessConfidentialChanged()
void COptionsWindow::OnAdvancedChanged() void COptionsWindow::OnAdvancedChanged()
{ {
UpdateJobOptions();
m_AdvancedChanged = true; m_AdvancedChanged = true;
OnOptChanged(); OnOptChanged();
} }
void COptionsWindow::UpdateJobOptions()
{
bool IsAllWndOpen = ui.chkNoSecurityIsolation->isChecked() || IsAccessEntrySet(eWnd, "", eOpen, "*");
ui.chkAddToJob->setEnabled(!IsAllWndOpen);
bool bUseJobObject = !IsAllWndOpen && ui.chkAddToJob->isChecked();
ui.chkNestedJobs->setEnabled(bUseJobObject);
ui.lineSingleMemory->setEnabled(bUseJobObject);
ui.lineTotalMemory->setEnabled(bUseJobObject);
ui.lineTotalNumber->setEnabled(bUseJobObject);
}
void COptionsWindow::CheckOpenCOM() void COptionsWindow::CheckOpenCOM()
{ {
bool bComIpcOpen = IsAccessEntrySet(eIPC, "", eOpen, "\\RPC Control\\epmapper") || IsAccessEntrySet(eIPC, "", eOpen, "*"); bool bComIpcOpen = IsAccessEntrySet(eIPC, "", eOpen, "\\RPC Control\\epmapper") || IsAccessEntrySet(eIPC, "", eOpen, "*");
@ -808,8 +822,7 @@ void COptionsWindow::OnAddOption()
void COptionsWindow::OnDelOption() void COptionsWindow::OnDelOption()
{ {
DeleteAccessEntry(ui.treeOptions->currentItem()); DeleteAccessEntry(ui.treeOptions->currentItem());
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnOptionItemDoubleClicked(QTreeWidgetItem* pItem, int Column) void COptionsWindow::OnOptionItemDoubleClicked(QTreeWidgetItem* pItem, int Column)
@ -880,8 +893,7 @@ void COptionsWindow::OnOptionChanged(QTreeWidgetItem* pItem, int Column)
if (Column != 0) if (Column != 0)
return; return;
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::CloseOptionEdit(bool bSave) void COptionsWindow::CloseOptionEdit(bool bSave)
@ -923,8 +935,7 @@ void COptionsWindow::CloseOptionEdit(QTreeWidgetItem* pItem, bool bSave)
pItem->setText(2, pValue->currentText()); pItem->setText(2, pValue->currentText());
pItem->setData(2, Qt::UserRole, pValue->currentText()); pItem->setData(2, Qt::UserRole, pValue->currentText());
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
ui.treeOptions->setItemWidget(pItem, 1, NULL); ui.treeOptions->setItemWidget(pItem, 1, NULL);
@ -979,8 +990,7 @@ void COptionsWindow::OnAddAutoRun()
return; return;
AddTriggerItem(Value, eOnStartCmd); AddTriggerItem(Value, eOnStartCmd);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnAddAutoSvc() void COptionsWindow::OnAddAutoSvc()
@ -990,8 +1000,7 @@ void COptionsWindow::OnAddAutoSvc()
return; return;
AddTriggerItem(Value, eOnStartSvc); AddTriggerItem(Value, eOnStartSvc);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnAddAutoExec() void COptionsWindow::OnAddAutoExec()
@ -1001,8 +1010,7 @@ void COptionsWindow::OnAddAutoExec()
return; return;
AddTriggerItem(Value, eAutoExec); AddTriggerItem(Value, eAutoExec);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnAddDeleteCmd() void COptionsWindow::OnAddDeleteCmd()
@ -1012,8 +1020,7 @@ void COptionsWindow::OnAddDeleteCmd()
return; return;
AddTriggerItem(Value, eDeleteCmd); AddTriggerItem(Value, eDeleteCmd);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnAddTerminateCmd() void COptionsWindow::OnAddTerminateCmd()
@ -1023,8 +1030,7 @@ void COptionsWindow::OnAddTerminateCmd()
return; return;
AddTriggerItem(Value, eTerminateCmd); AddTriggerItem(Value, eTerminateCmd);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnAddRecoveryCheck() void COptionsWindow::OnAddRecoveryCheck()
@ -1034,15 +1040,13 @@ void COptionsWindow::OnAddRecoveryCheck()
return; return;
AddTriggerItem(Value, eRecoveryCheck); AddTriggerItem(Value, eRecoveryCheck);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnDelAuto() void COptionsWindow::OnDelAuto()
{ {
DeleteAccessEntry(ui.treeTriggers->currentItem()); DeleteAccessEntry(ui.treeTriggers->currentItem());
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
// //
@ -1054,15 +1058,13 @@ void COptionsWindow::OnAddProcess()
AddHiddenProcEntry(Process); AddHiddenProcEntry(Process);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnDelProcess() void COptionsWindow::OnDelProcess()
{ {
DeleteAccessEntry(ui.treeHideProc->currentItem()); DeleteAccessEntry(ui.treeHideProc->currentItem());
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnHostProcessAllow() void COptionsWindow::OnHostProcessAllow()
@ -1073,8 +1075,7 @@ void COptionsWindow::OnHostProcessAllow()
AddHostProcEntry(Process, false); AddHostProcEntry(Process, false);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnHostProcessDeny() void COptionsWindow::OnHostProcessDeny()
@ -1085,15 +1086,13 @@ void COptionsWindow::OnHostProcessDeny()
AddHostProcEntry(Process, true); AddHostProcEntry(Process, true);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnDelHostProcess() void COptionsWindow::OnDelHostProcess()
{ {
DeleteAccessEntry(ui.treeHostProc->currentItem()); DeleteAccessEntry(ui.treeHostProc->currentItem());
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::ShowHiddenProcTmpl(bool bUpdate) void COptionsWindow::ShowHiddenProcTmpl(bool bUpdate)
@ -1234,8 +1233,7 @@ void COptionsWindow::OnAddUser()
ui.lstUsers->addItems(Users); ui.lstUsers->addItems(Users);
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnDelUser() void COptionsWindow::OnDelUser()
@ -1243,8 +1241,7 @@ void COptionsWindow::OnDelUser()
foreach(QListWidgetItem* pItem, ui.lstUsers->selectedItems()) foreach(QListWidgetItem* pItem, ui.lstUsers->selectedItems())
delete pItem; delete pItem;
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::CreateDebug() void COptionsWindow::CreateDebug()

24
SandboxiePlus/SandMan/Windows/OptionsGeneral.cpp
View File

@ -283,11 +283,8 @@ void COptionsWindow::LoadGeneral()
ui.chkPrintToFile->setChecked(m_pBox->GetBool("AllowSpoolerPrintToFile", false)); ui.chkPrintToFile->setChecked(m_pBox->GetBool("AllowSpoolerPrintToFile", false));
ui.lineSingleMemory->setText(m_pBox->GetText("ProcessMemoryLimit", "")); ui.lineSingleMemory->setText(m_pBox->GetText("ProcessMemoryLimit", ""));
ui.lineSingleMemory->setEnabled(true);
ui.lineTotalMemory->setText(m_pBox->GetText("TotalMemoryLimit", "")); ui.lineTotalMemory->setText(m_pBox->GetText("TotalMemoryLimit", ""));
ui.lineTotalMemory->setEnabled(true);
ui.lineTotalNumber->setText(m_pBox->GetText("TotalNumberLimit", "")); ui.lineTotalNumber->setText(m_pBox->GetText("TotalNumberLimit", ""));
ui.lineTotalNumber->setEnabled(true);
//ui.chkOpenProtectedStorage->setChecked(m_pBox->GetBool("OpenProtectedStorage", false)); //ui.chkOpenProtectedStorage->setChecked(m_pBox->GetBool("OpenProtectedStorage", false));
ui.chkOpenProtectedStorage->setChecked(m_BoxTemplates.contains("OpenProtectedStorage")); ui.chkOpenProtectedStorage->setChecked(m_BoxTemplates.contains("OpenProtectedStorage"));
@ -429,12 +426,12 @@ void COptionsWindow::SaveGeneral()
WriteAdvancedCheck(ui.chkOpenSpooler, "OpenPrintSpooler", "y", ""); WriteAdvancedCheck(ui.chkOpenSpooler, "OpenPrintSpooler", "y", "");
WriteAdvancedCheck(ui.chkPrintToFile, "AllowSpoolerPrintToFile", "y", ""); WriteAdvancedCheck(ui.chkPrintToFile, "AllowSpoolerPrintToFile", "y", "");
if (!ui.lineSingleMemory->text().isEmpty()) if (!ui.lineSingleMemory->text().isEmpty()) WriteText("ProcessMemoryLimit", ui.lineSingleMemory->text());
WriteText("ProcessMemoryLimit", ui.lineSingleMemory->text()); else m_pBox->DelValue("ProcessMemoryLimit");
if (!ui.lineTotalMemory->text().isEmpty()) if (!ui.lineTotalMemory->text().isEmpty()) WriteText("TotalMemoryLimit", ui.lineTotalMemory->text());
WriteText("TotalMemoryLimit", ui.lineTotalMemory->text()); else m_pBox->DelValue("TotalMemoryLimit");
if (!ui.lineTotalNumber->text().isEmpty()) if (!ui.lineTotalNumber->text().isEmpty()) WriteText("ProcessNumberLimit", ui.lineTotalNumber->text());
WriteText("ProcessNumberLimit", ui.lineTotalNumber->text()); else m_pBox->DelValue("ProcessNumberLimit");
//WriteAdvancedCheck(ui.chkOpenProtectedStorage, "OpenProtectedStorage", "y", ""); //WriteAdvancedCheck(ui.chkOpenProtectedStorage, "OpenProtectedStorage", "y", "");
SetTemplate("OpenProtectedStorage", ui.chkOpenProtectedStorage->isChecked()); SetTemplate("OpenProtectedStorage", ui.chkOpenProtectedStorage->isChecked());
@ -815,10 +812,6 @@ void COptionsWindow::OnGeneralChanged()
ui.chkOpenSpooler->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityIsolation->isChecked()); ui.chkOpenSpooler->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityIsolation->isChecked());
ui.chkPrintToFile->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityFiltering->isChecked()); ui.chkPrintToFile->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityFiltering->isChecked());
ui.lineSingleMemory->setEnabled(ui.chkAddToJob->isChecked());
ui.lineTotalMemory->setEnabled(ui.chkAddToJob->isChecked());
ui.lineTotalNumber->setEnabled(ui.chkAddToJob->isChecked());
ui.chkCoverBar->setEnabled(ui.chkUserOperation->isChecked()); ui.chkCoverBar->setEnabled(ui.chkUserOperation->isChecked());
ui.chkOpenCredentials->setEnabled(!ui.chkOpenProtectedStorage->isChecked()); ui.chkOpenCredentials->setEnabled(!ui.chkOpenProtectedStorage->isChecked());
@ -866,7 +859,7 @@ void COptionsWindow::OnSecurityMode()
m_GeneralChanged = true; m_GeneralChanged = true;
OnOptChanged(); OnOptChanged();
OnAccessChanged(); // for rule specificity OnAccessChangedEx(); // for rule specificity
} }
void COptionsWindow::OnUseIcon(bool bUse) void COptionsWindow::OnUseIcon(bool bUse)
@ -1142,8 +1135,7 @@ void COptionsWindow::OnVmRead()
SetAccessEntry(eIPC, "", eReadOnly, "$:*"); SetAccessEntry(eIPC, "", eReadOnly, "$:*");
else else
DelAccessEntry(eIPC, "", eReadOnly, "$:*"); DelAccessEntry(eIPC, "", eReadOnly, "$:*");
m_AdvancedChanged = true; OnAdvancedChanged();
OnOptChanged();
} }
void COptionsWindow::OnDiskChanged() void COptionsWindow::OnDiskChanged()

31
SandboxiePlus/SandMan/Windows/OptionsWindow.cpp
View File

@ -207,14 +207,15 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
ui.tabsGeneral->setTabIcon(1, CSandMan::GetIcon("Folder")); ui.tabsGeneral->setTabIcon(1, CSandMan::GetIcon("Folder"));
ui.tabsGeneral->setTabIcon(2, CSandMan::GetIcon("Move")); ui.tabsGeneral->setTabIcon(2, CSandMan::GetIcon("Move"));
ui.tabsGeneral->setTabIcon(3, CSandMan::GetIcon("NoAccess")); ui.tabsGeneral->setTabIcon(3, CSandMan::GetIcon("NoAccess"));
ui.tabsGeneral->setTabIcon(4, CSandMan::GetIcon("Fence")); ui.tabsGeneral->setTabIcon(4, CSandMan::GetIcon("EFence"));
ui.tabsGeneral->setTabIcon(5, CSandMan::GetIcon("Run")); ui.tabsGeneral->setTabIcon(5, CSandMan::GetIcon("Run"));
ui.tabsSecurity->setCurrentIndex(0); ui.tabsSecurity->setCurrentIndex(0);
ui.tabsSecurity->setTabIcon(0, CSandMan::GetIcon("Shield7")); ui.tabsSecurity->setTabIcon(0, CSandMan::GetIcon("Shield7"));
ui.tabsSecurity->setTabIcon(1, CSandMan::GetIcon("Fence")); ui.tabsSecurity->setTabIcon(1, CSandMan::GetIcon("Fence"));
ui.tabsSecurity->setTabIcon(2, CSandMan::GetIcon("Shield15")); ui.tabsSecurity->setTabIcon(2, CSandMan::GetIcon("Shield15"));
ui.tabsSecurity->setTabIcon(3, CSandMan::GetIcon("Shield12")); ui.tabsSecurity->setTabIcon(3, CSandMan::GetIcon("Job"));
ui.tabsSecurity->setTabIcon(4, CSandMan::GetIcon("Shield12"));
ui.tabsForce->setCurrentIndex(0); ui.tabsForce->setCurrentIndex(0);
ui.tabsForce->setTabIcon(0, CSandMan::GetIcon("Force")); ui.tabsForce->setTabIcon(0, CSandMan::GetIcon("Force"));
@ -247,8 +248,7 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
ui.tabsOther->setCurrentIndex(0); ui.tabsOther->setCurrentIndex(0);
ui.tabsOther->setTabIcon(0, CSandMan::GetIcon("Presets")); ui.tabsOther->setTabIcon(0, CSandMan::GetIcon("Presets"));
ui.tabsOther->setTabIcon(1, CSandMan::GetIcon("BFance")); ui.tabsOther->setTabIcon(1, CSandMan::GetIcon("Dll"));
ui.tabsOther->setTabIcon(2, CSandMan::GetIcon("Dll"));
ui.tabsAdvanced->setCurrentIndex(0); ui.tabsAdvanced->setCurrentIndex(0);
ui.tabsAdvanced->setTabIcon(0, CSandMan::GetIcon("Presets")); ui.tabsAdvanced->setTabIcon(0, CSandMan::GetIcon("Presets"));
@ -370,6 +370,8 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
AddIconToLabel(ui.lblMigration, CSandMan::GetIcon("Move").pixmap(size,size)); AddIconToLabel(ui.lblMigration, CSandMan::GetIcon("Move").pixmap(size,size));
AddIconToLabel(ui.lblDelete, CSandMan::GetIcon("Erase").pixmap(size,size)); AddIconToLabel(ui.lblDelete, CSandMan::GetIcon("Erase").pixmap(size,size));
AddIconToLabel(ui.lblRawDisk, CSandMan::GetIcon("Disk").pixmap(size,size)); AddIconToLabel(ui.lblRawDisk, CSandMan::GetIcon("Disk").pixmap(size,size));
AddIconToLabel(ui.lblJob, CSandMan::GetIcon("Job3").pixmap(size,size));
AddIconToLabel(ui.lblLimit, CSandMan::GetIcon("Job2").pixmap(size,size));
AddIconToLabel(ui.lblSecurity, CSandMan::GetIcon("Shield5").pixmap(size,size)); AddIconToLabel(ui.lblSecurity, CSandMan::GetIcon("Shield5").pixmap(size,size));
AddIconToLabel(ui.lblElevation, CSandMan::GetIcon("Shield9").pixmap(size,size)); AddIconToLabel(ui.lblElevation, CSandMan::GetIcon("Shield9").pixmap(size,size));
AddIconToLabel(ui.lblBoxProtection, CSandMan::GetIcon("BoxConfig").pixmap(size,size)); AddIconToLabel(ui.lblBoxProtection, CSandMan::GetIcon("BoxConfig").pixmap(size,size));
@ -385,11 +387,9 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
AddIconToLabel(ui.lblPolicy, CSandMan::GetIcon("Policy").pixmap(size,size)); AddIconToLabel(ui.lblPolicy, CSandMan::GetIcon("Policy").pixmap(size,size));
AddIconToLabel(ui.lblCompatibility, CSandMan::GetIcon("Compatibility").pixmap(size,size)); AddIconToLabel(ui.lblCompatibility, CSandMan::GetIcon("Compatibility").pixmap(size,size));
AddIconToLabel(ui.lblLimit, CSandMan::GetIcon("EFence").pixmap(size,size));
//AddIconToLabel(ui.lblComRpc, CSandMan::GetIcon("Objects").pixmap(size,size)); //AddIconToLabel(ui.lblComRpc, CSandMan::GetIcon("Objects").pixmap(size,size));
AddIconToLabel(ui.lblPrivilege, CSandMan::GetIcon("Token").pixmap(size,size)); AddIconToLabel(ui.lblPrivilege, CSandMan::GetIcon("Token").pixmap(size,size));
AddIconToLabel(ui.lblFence, CSandMan::GetIcon("BFance").pixmap(size,size));
AddIconToLabel(ui.lblToken, CSandMan::GetIcon("Sandbox").pixmap(size,size)); AddIconToLabel(ui.lblToken, CSandMan::GetIcon("Sandbox").pixmap(size,size));
AddIconToLabel(ui.lblIsolation, CSandMan::GetIcon("Fence").pixmap(size,size)); AddIconToLabel(ui.lblIsolation, CSandMan::GetIcon("Fence").pixmap(size,size));
AddIconToLabel(ui.lblAccess, CSandMan::GetIcon("NoAccess").pixmap(size,size)); AddIconToLabel(ui.lblAccess, CSandMan::GetIcon("NoAccess").pixmap(size,size));
@ -1173,25 +1173,6 @@ void COptionsWindow::UpdateCurrentTab()
{ {
ui.chkVmRead->setChecked(IsAccessEntrySet(eIPC, "", eReadOnly, "$:*")); ui.chkVmRead->setChecked(IsAccessEntrySet(eIPC, "", eReadOnly, "$:*"));
} }
else if (m_pCurrentTab == ui.tabPrivileges || m_pCurrentTab == ui.tabSecurity)
{
if (IsAccessEntrySet(eWnd, "", eOpen, "*"))
{
if (!ui.chkNoSecurityIsolation->isChecked())
{
ui.chkAddToJob->setEnabled(false);
ui.chkAddToJob->setChecked(false);
}
}
else
{
if (!ui.chkNoSecurityIsolation->isChecked())
{
ui.chkAddToJob->setEnabled(true);
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
}
}
}
else if (m_pCurrentTab == ui.tabStart || m_pCurrentTab == ui.tabForce) else if (m_pCurrentTab == ui.tabStart || m_pCurrentTab == ui.tabForce)
{ {
if (IsAccessEntrySet(eIPC, "!<StartRunAccess>", eClosed, "*")) if (IsAccessEntrySet(eIPC, "!<StartRunAccess>", eClosed, "*"))

25
SandboxiePlus/SandMan/Windows/OptionsWindow.h
View File

@ -159,24 +159,24 @@ private slots:
void OnAccessSelectionChanged() { CloseAccessEdit(); OnOptChanged();} void OnAccessSelectionChanged() { CloseAccessEdit(); OnOptChanged();}
void OnAccessChanged(QTreeWidgetItem* pItem, int Column); void OnAccessChanged(QTreeWidgetItem* pItem, int Column);
void OnAddFile() { AddAccessEntry(eFile, eOpen, "", ""); m_AccessChanged = true; OnOptChanged(); } void OnAddFile() { AddAccessEntry(eFile, eOpen, "", ""); OnAccessChanged(); }
void OnBrowseFile(); void OnBrowseFile();
void OnBrowseFolder(); void OnBrowseFolder();
void OnDelFile() { DeleteAccessEntry(ui.treeFiles->currentItem()); m_AccessChanged = true; OnOptChanged(); } void OnDelFile() { DeleteAccessEntry(ui.treeFiles->currentItem()); OnAccessChanged(); }
void OnShowFilesTmpl() { LoadAccessListTmpl(eFile, ui.chkShowFilesTmpl->isChecked(), true); } void OnShowFilesTmpl() { LoadAccessListTmpl(eFile, ui.chkShowFilesTmpl->isChecked(), true); }
void OnAddKey() { AddAccessEntry(eKey, eOpen, "", ""); m_AccessChanged = true; OnOptChanged(); } void OnAddKey() { AddAccessEntry(eKey, eOpen, "", ""); OnAccessChanged(); }
void OnDelKey() { DeleteAccessEntry(ui.treeKeys->currentItem()); m_AccessChanged = true; OnOptChanged(); } void OnDelKey() { DeleteAccessEntry(ui.treeKeys->currentItem()); OnAccessChanged(); }
void OnShowKeysTmpl() { LoadAccessListTmpl(eKey, ui.chkShowKeysTmpl->isChecked(), true); } void OnShowKeysTmpl() { LoadAccessListTmpl(eKey, ui.chkShowKeysTmpl->isChecked(), true); }
void OnAddIPC() { AddAccessEntry(eIPC, eOpen, "", ""); m_AccessChanged = true; OnOptChanged(); } void OnAddIPC() { AddAccessEntry(eIPC, eOpen, "", ""); OnAccessChanged(); }
void OnDelIPC() { DeleteAccessEntry(ui.treeIPC->currentItem()); m_AccessChanged = true; OnOptChanged(); } void OnDelIPC() { DeleteAccessEntry(ui.treeIPC->currentItem()); OnAccessChanged(); }
void OnShowIPCTmpl() { LoadAccessListTmpl(eIPC, ui.chkShowIPCTmpl->isChecked(), true); } void OnShowIPCTmpl() { LoadAccessListTmpl(eIPC, ui.chkShowIPCTmpl->isChecked(), true); }
void OnAddWnd() { AddAccessEntry(eWnd, eOpen, "", ""); m_AccessChanged = true; OnOptChanged(); } void OnAddWnd() { AddAccessEntry(eWnd, eOpen, "", ""); OnAccessChanged(); }
void OnDelWnd() { DeleteAccessEntry(ui.treeWnd->currentItem()); m_AccessChanged = true; OnOptChanged(); } void OnDelWnd() { DeleteAccessEntry(ui.treeWnd->currentItem()); OnAccessChanged(); }
void OnShowWndTmpl() { LoadAccessListTmpl(eWnd, ui.chkShowWndTmpl->isChecked(), true); } void OnShowWndTmpl() { LoadAccessListTmpl(eWnd, ui.chkShowWndTmpl->isChecked(), true); }
void OnAddCOM() { AddAccessEntry(eCOM, eOpen, "", ""); m_AccessChanged = true; OnOptChanged(); } void OnAddCOM() { AddAccessEntry(eCOM, eOpen, "", ""); OnAccessChanged(); }
void OnDelCOM() { DeleteAccessEntry(ui.treeCOM->currentItem()); m_AccessChanged = true; OnOptChanged(); } void OnDelCOM() { DeleteAccessEntry(ui.treeCOM->currentItem()); OnAccessChanged(); }
void OnShowCOMTmpl() { LoadAccessListTmpl(eCOM, ui.chkShowCOMTmpl->isChecked(), true); } void OnShowCOMTmpl() { LoadAccessListTmpl(eCOM, ui.chkShowCOMTmpl->isChecked(), true); }
//void OnDelAccess() { DeleteAccessEntry(ui.treeAccess->currentItem()); m_AccessChanged = true; OnOptChanged(); } //void OnDelAccess() { DeleteAccessEntry(ui.treeAccess->currentItem()); OnAccessChanged(); }
//void OnShowAccessTmpl() { LoadAccessListTmpl(true); } //void OnShowAccessTmpl() { LoadAccessListTmpl(true); }
// //
@ -249,6 +249,7 @@ private slots:
void OnINetBlockChanged() { m_INetBlockChanged = true; OnOptChanged(); } void OnINetBlockChanged() { m_INetBlockChanged = true; OnOptChanged(); }
void OnRecoveryChanged() { m_RecoveryChanged = true; OnOptChanged(); } void OnRecoveryChanged() { m_RecoveryChanged = true; OnOptChanged(); }
void OnAccessChanged(); void OnAccessChanged();
void OnAccessChangedEx();
void OnSysSvcChanged(); void OnSysSvcChanged();
void OnAdvancedChanged(); void OnAdvancedChanged();
void OnOpenCOM(); void OnOpenCOM();
@ -493,6 +494,8 @@ protected:
void UpdateAccessPolicy(); void UpdateAccessPolicy();
void UpdateJobOptions();
QTreeWidget* GetAccessTree(EAccessType Type); QTreeWidget* GetAccessTree(EAccessType Type);
// //