diff --git a/SandboxiePlus/SandMan/sandman_zh_TW.ts b/SandboxiePlus/SandMan/sandman_zh_TW.ts
index 9fe49a87..548168a7 100644
--- a/SandboxiePlus/SandMan/sandman_zh_TW.ts
+++ b/SandboxiePlus/SandMan/sandman_zh_TW.ts
@@ -2114,7 +2114,7 @@ Note: The update check is often behind the latest GitHub release to ensure that
Document
-
+ 文件
@@ -2133,23 +2133,23 @@ Note: The update check is often behind the latest GitHub release to ensure that
Select Document Directory
-
+ 選取文件目錄Please enter Document File Extension.
-
+ 請選取文件副檔名。For security reasons it it not permitted to create entirely wildcard BreakoutDocument presets.For security reasons it it not permitted to create entierly wildcard BreakoutDocument presets.
-
+ 由於安全原因,不允許建立完全通用字元的分離文件預設。For security reasons the specified extension %1 should not be broken out.
-
+ 由於安全原因,指定的副檔名 %1 不應被設定分離規則。
@@ -2963,7 +2963,7 @@ Full path: %4
No Files selected!
-
+ 未選取任何檔案!
@@ -7344,7 +7344,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an
Import without encryption
-
+ 匯入但不加密
@@ -7861,7 +7861,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an
<b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security, as can the use of <a href="sbie://docs/breakoutdocument">BreakoutDocument</a> allowing any * or insecure (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) extensions. Please review the security section for each option in the documentation before use.
- <b><font color='red'>安全性建議</font>: </b>使用 <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 和/或 <a href=" sbie://docs/breakoutprocess">BreakoutProcess</a> 與 Open[File/Pipe]Path 指令結合使用可能會損害安全性,使用 <a href="sbie://docs/breakoutdocument">BreakoutDocument< /a > 將允許任何 * 或不安全的 (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) 副檔名。使用前請查看文件中每個選項的「安全性」區段。
+ <b><font color='red'>安全性建議</font>: </b>使用 <a href="sbie://docs/breakoutfolder">分離資料夾</a> 和/或 <a href=" sbie://docs/breakoutprocess">分離處理程序</a> 與「開啟[檔案/管道]路徑」指令結合使用可能會損害安全性,使用 <a href="sbie://docs/breakoutdocument">分離文件< /a > 將允許任何 * 或不安全的 (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) 副檔名。使用前請查看文件中每個選項的「安全性」區段。
@@ -8076,7 +8076,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.
Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page.
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.
- Sandboxie 的資源存取規則通常對位於沙箱內的二進位程式具有歧視性。「開啟檔案路徑」和「開啟機碼路徑」只對主機上的原生程式 (安裝在主機上的) 有效。為了定義沒有此類限制的規則,則必須使用「開啟管線路徑」和「開啟組態路徑」。同樣的,透過否定來定義所有的「封閉(檔案|機碼|IPC)路徑」指令例如:'ClosedFilePath=! iexplore.exe,C:Users*' 將限制沙箱內的程式存取相應資源。這兩種限制原則都可以透過「存取原則」頁面來停用。
+ Sandboxie 的資源存取規則通常對位於沙箱內的二進位程式具有歧視性。「開啟檔案路徑」和「開啟機碼路徑」只對主機上的原生程式 (安裝在主機上的) 有效。為了定義沒有此類限制的規則,則必須使用「開啟管道路徑」和「開啟組態路徑」。同樣的,透過否定來定義所有的「封閉(檔案|機碼|IPC)路徑」指令例如:'ClosedFilePath=! iexplore.exe,C:Users*' 將限制沙箱內的程式存取相應資源。這兩種限制原則都可以透過「存取原則」頁面來停用。
這樣做是為了防止沙箱內的流氓處理程序建立自己的重新命名複本並存取受保護的資源。另一個漏洞載體是將一個動態連結程式庫注入到一個被授權處理程序中,以取得對被授權處理程序所允許存取的一切資源的存取權。使用主機映像保護,可以透過阻止在沙箱內執行的應用程式 (安裝在主機上的) 載入來自沙箱的動態連結程式庫來防止此類現象。
@@ -8206,7 +8206,7 @@ Partially checked: No groups will be added to the newly created sandboxed token.
<b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use.
- <b><font color='red'>安全性建議</font>:</b> 使用 <a href="sbie://docs/breakoutfolder">分離資料夾</a> 和/或 <a href=" sbie://docs/breakoutprocess">分離處理程序</a> 與「開啟[檔案/管線]路徑」指令結合使用可能會損害安全性。使用前請檢查說明文件中每個選項的「安全性」區段。
+ <b><font color='red'>安全性建議</font>:</b> 使用 <a href="sbie://docs/breakoutfolder">分離資料夾</a> 和/或 <a href=" sbie://docs/breakoutprocess">分離處理程序</a> 與「開啟[檔案/管道]路徑」指令結合使用可能會損害安全性。使用前請檢查說明文件中每個選項的「安全性」區段。
@@ -8249,7 +8249,7 @@ Partially checked: No groups will be added to the newly created sandboxed token.
Configure which processes can access Files, Folders and Pipes.
'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab.
- 設定哪些處理程序可以存取檔案、資料夾和管線。
+ 設定哪些處理程序可以存取檔案、資料夾和管道。
「開放」存取權限只適用於位於沙箱之外的程式二進位檔,您可以使用「完全開放」來對所有程式開放所有權限,或者在「原則」頁籤中改變這一行為。
@@ -8448,7 +8448,7 @@ To specify a process use '$:program.exe' as path.
Allow sandboxed processes to open files protected by EFS
-
+ 允許沙箱化處理程序開啟被 EFS (加密檔案系統) 保護的檔案
@@ -8468,18 +8468,18 @@ To specify a process use '$:program.exe' as path.
Open access to Proxy Configurations
-
+ 開啟對 Proxy 組態設定的存取File ACLs
-
+ 檔案存取管理清單 (ACL)Use original Access Control Entries for boxed Files and Folders (for MSIServer enable exemptions)Use original Access Control Entries for boxed Files and Folders (for MSIServer enable excemptions)
-
+ 對沙箱化檔案和資料夾使用原始存取管理條目 (Access Control Entries) (對 MSIServer 啟用豁免)
@@ -8499,7 +8499,7 @@ To specify a process use '$:program.exe' as path.
Breakout Document
-
+ 分離文件
@@ -8738,7 +8738,7 @@ The process match level has a higher priority than the specificity and describes
Start the sandboxed RpcSs as a SYSTEM process (not recommended)
- 以系統處理程序啟動沙箱化服務 RpcSs (不推薦)
+ 以系統處理程序啟動沙箱化 RPC 系統服務 (不推薦)
@@ -9036,7 +9036,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
Pipe Trace
- 管線追蹤
+ 管道追蹤
@@ -9259,7 +9259,7 @@ Please note that this values are currently user specific and saved globally for
Limit restrictions
- 上限限制
+ 取用限制Leave it blank to disable the setting(Unit:KB)
@@ -10376,12 +10376,12 @@ Unlike the preview channel, it does not include untested, potentially breaking,
This feature protects the sandbox by restricting access, preventing other users from accessing the folder. Ensure the root folder path contains the %USER% macro so that each user gets a dedicated sandbox folder.
-
+ 此功能透過存取限制保護沙箱,阻止其他使用者存取資料夾。保證根資料夾路徑包含 %USER% 巨集,以確保每個使用者取得其專用的沙箱資料夾。Restrict box root folder access to the the user whom created that sandbox
-
+ 限制僅建立沙箱的使用者可存取對應沙箱的根資料夾