1.5.1
This commit is contained in:
DavidXanatos
parent
01a58a4e67
commit
206447a60b
|
|
@ -19,6 +19,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
- fixed issues with Privacy Enhanced box types [#2342](https://github.com/sandboxie-plus/Sandboxie/issues/2342)
|
||||
- fixed issue with boxed object directory initialization [#2342](https://github.com/sandboxie-plus/Sandboxie/issues/2342)
|
||||
- Sandboxie no longer leaves behind permanent directory objects
|
||||
- FIXED SECURITY ISSUE ID-21 AlpcConnectPortEx was not filtered by the driver [#2396](https://github.com/sandboxie-plus/Sandboxie/issues/2396)
|
||||
|
||||
|
||||
## [1.5.0 / 5.60.0] - 2022-10-19
|
||||
|
|
|
|||
|
|
@ -173,6 +173,12 @@ _FX BOOLEAN Ipc_Init(void)
|
|||
}
|
||||
}
|
||||
|
||||
if (Driver_OsVersion >= DRIVER_WINDOWS_8) {
|
||||
|
||||
if (! Syscall_Set2("AlpcConnectPortEx", Ipc_CheckPortObject))
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
//
|
||||
// register object filter callbacks on Vista SP1 and later
|
||||
//
|
||||
|
|
|
|||
|
|
@ -280,6 +280,14 @@ _FX NTSTATUS Syscall_OpenHandle(
|
|||
{
|
||||
puName = (UNICODE_STRING*)user_args[1];
|
||||
}
|
||||
else if (strcmp(syscall_entry->name, "AlpcConnectPortEx") == 0)
|
||||
{
|
||||
POBJECT_ATTRIBUTES pObj = (POBJECT_ATTRIBUTES)user_args[1];
|
||||
if (pObj && pObj->ObjectName)
|
||||
{
|
||||
puName = pObj->ObjectName;
|
||||
}
|
||||
}
|
||||
else if ((strcmp(syscall_entry->name, "CreateFile") == 0) ||
|
||||
(strcmp(syscall_entry->name, "OpenFile") == 0))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -3556,6 +3556,7 @@ ApproveWinNtSysCall=ConnectPort
|
|||
ApproveWinNtSysCall=SecureConnectPort
|
||||
ApproveWinNtSysCall=CreatePort
|
||||
ApproveWinNtSysCall=AlpcConnectPort
|
||||
ApproveWinNtSysCall=AlpcConnectPortEx
|
||||
ApproveWinNtSysCall=AlpcCreatePort
|
||||
ApproveWinNtSysCall=ImpersonateClientOfPort
|
||||
ApproveWinNtSysCall=AlpcImpersonateClientOfPort
|
||||
|
|
@ -3583,6 +3584,7 @@ ApproveWinNtSysCall=DuplicateObject
|
|||
ApproveWinNtSysCall=GetNextProcess
|
||||
ApproveWinNtSysCall=GetNextThread
|
||||
ApproveWinNtSysCall=DeviceIoControlFile
|
||||
#ApproveWinNtSysCall=FsControlFile
|
||||
ApproveWinNtSysCall=QuerySystemInformation
|
||||
|
||||
ApproveWinNtSysCall=OpenProcessToken
|
||||
|
|
@ -3615,8 +3617,6 @@ ApproveWinNtSysCall=SetInformationJobObject
|
|||
|
||||
ApproveWinNtSysCall=DeleteFile
|
||||
|
||||
ApproveWinNtSysCall=AlpcConnectPort
|
||||
ApproveWinNtSysCall=AlpcConnectPortEx
|
||||
ApproveWinNtSysCall=AlpcAcceptConnectPort
|
||||
ApproveWinNtSysCall=AlpcCreateSecurityContext
|
||||
|
||||
|
|
@ -3635,9 +3635,6 @@ ApproveWinNtSysCall=OpenSymbolicLinkObject
|
|||
ApproveWinNtSysCall=CreateUserProcess
|
||||
#ApproveWinNtSysCall=CreateThreadEx
|
||||
|
||||
ApproveWinNtSysCall=DeviceIoControlFile
|
||||
#ApproveWinNtSysCall=FsControlFile
|
||||
|
||||
ApproveWinNtSysCall=QueryAttributesFile
|
||||
ApproveWinNtSysCall=QueryFullAttributesFile
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue