From 35fa3135024972a40176eb32be1819b328b62fad Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Sun, 2 Jun 2024 15:50:35 +0800
Subject: [PATCH] Add UI for Limit.
---
SandboxiePlus/SandMan/Forms/OptionsWindow.ui | 251 +++++++++++-------
.../SandMan/Windows/OptionsGeneral.cpp | 17 +-
2 files changed, 171 insertions(+), 97 deletions(-)
diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
index 7cde8a5b..fdd5988e 100644
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@@ -6,7 +6,7 @@
0
0
- 787
+ 835
588
@@ -31,8 +31,8 @@
SandboxiePlus Options
-
- -
+
+
-
-
@@ -45,7 +45,7 @@
QTabWidget::North
- 1
+ 0
@@ -55,7 +55,7 @@
-
- 0
+ 3
@@ -672,8 +672,8 @@
Restrictions
-
-
-
+
+
-
@@ -690,14 +690,93 @@
- -
-
+
-
+
- Open Windows Credentials Store (user mode)
+ Block access to the printer spooler
- -
+
-
+
+
+ Remove spooler restriction, printers can be installed outside the sandbox
+
+
+
+ -
+
+
+
+ 0
+ 0
+
+
+
+ Allow the print spooler to print to files outside the sandbox
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Protect the system from sandboxed processes
+
+
+ Limit restrictions
+
+
+
+ -
+
+
+ Single Process Memory Limit:
+
+
+
+ -
+
+
+ Leave it blank to disable the setting(Unit:KB)
+
+
+
+ -
+
+
+ Total Processes Memory Limit:
+
+
+
+ -
+
+
+ Leave it blank to disable the setting(Unit:KB)
+
+
+
+ -
+
+
+ Total Processes Number Limit:
+
+
+
+ -
+
+
+ Leave it blank to disable the setting
+
+
+
+ -
@@ -714,85 +793,14 @@
- -
-
-
- Allow to read memory of unsandboxed processes (not recommended)
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 556
- 20
-
-
-
-
- -
-
-
- This feature does not block all means of obtaining a screen capture, only some common ones.
-
-
- Prevent sandboxed processes from capturing window images (Experimental, may cause UI glitches)
-
-
-
- -
+
-
Open System Protected Storage
- -
-
-
-
- 0
- 0
-
-
-
- Allow the print spooler to print to files outside the sandbox
-
-
-
- -
-
-
- Block access to the printer spooler
-
-
-
- -
-
-
- Remove spooler restriction, printers can be installed outside the sandbox
-
-
-
- -
-
-
- Block read access to the clipboard
-
-
-
- -
-
-
- Issue message 2111 when a process access is denied
-
-
-
- -
+
-
@@ -811,14 +819,62 @@
- -
+
-
+
+
+ Open Windows Credentials Store (user mode)
+
+
+
+ -
+
+
+ Block read access to the clipboard
+
+
+
+ -
+
+
+ Allow to read memory of unsandboxed processes (not recommended)
+
+
+
+ -
+
+
+ Issue message 2111 when a process access is denied
+
+
+
+ -
Prevent sandboxed processes from interfering with power operations (Experimental)
- -
+
-
+
+
+ Prevent move mouse, bring in front, and similar operations, this is likely to cause issues with games.
+
+
+ Prevent interference with the user interface (Experimental)
+
+
+
+ -
+
+
+ This feature does not block all means of obtaining a screen capture, only some common ones.
+
+
+ Prevent sandboxed processes from capturing window images (Experimental, may cause UI glitches)
+
+
+
+ -
Qt::Vertical
@@ -831,15 +887,18 @@
- -
-
-
- Prevent move mouse, bring in front, and similar operations, this is likely to cause issues with games.
+
-
+
+
+ Qt::Horizontal
-
- Prevent interference with the user interface (Experimental)
+
+
+ 556
+ 20
+
-
+
@@ -1088,7 +1147,7 @@
-
- 0
+ 1
@@ -4967,8 +5026,8 @@ instead of "*".
0
0
- 98
- 28
+ 75
+ 16
diff --git a/SandboxiePlus/SandMan/Windows/OptionsGeneral.cpp b/SandboxiePlus/SandMan/Windows/OptionsGeneral.cpp
index 102b62d2..c2afdc9a 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsGeneral.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsGeneral.cpp
@@ -281,6 +281,10 @@ void COptionsWindow::LoadGeneral()
ui.chkOpenSpooler->setChecked(m_pBox->GetBool("OpenPrintSpooler", false));
ui.chkPrintToFile->setChecked(m_pBox->GetBool("AllowSpoolerPrintToFile", false));
+ ui.lineSingleMemory->setText(m_pBox->GetText("ProcessMemoryLimit", ""));
+ ui.lineTotalMemory->setText(m_pBox->GetText("TotalMemoryLimit", ""));
+ ui.lineTotalNumber->setText(m_pBox->GetText("TotalNumberLimit", ""));
+
//ui.chkOpenProtectedStorage->setChecked(m_pBox->GetBool("OpenProtectedStorage", false));
ui.chkOpenProtectedStorage->setChecked(m_BoxTemplates.contains("OpenProtectedStorage"));
ui.chkOpenCredentials->setChecked(!ui.chkOpenCredentials->isEnabled() || m_pBox->GetBool("OpenCredentials", false));
@@ -420,6 +424,13 @@ void COptionsWindow::SaveGeneral()
WriteAdvancedCheck(ui.chkOpenSpooler, "OpenPrintSpooler", "y", "");
WriteAdvancedCheck(ui.chkPrintToFile, "AllowSpoolerPrintToFile", "y", "");
+ if (!ui.lineSingleMemory->text().isEmpty())
+ WriteText("ProcessMemoryLimit", ui.lineSingleMemory->text());
+ if (!ui.lineTotalMemory->text().isEmpty())
+ WriteText("TotalMemoryLimit", ui.lineTotalMemory->text());
+ if (!ui.lineTotalNumber->text().isEmpty())
+ WriteText("ProcessNumberLimit", ui.lineTotalNumber->text());
+
//WriteAdvancedCheck(ui.chkOpenProtectedStorage, "OpenProtectedStorage", "y", "");
SetTemplate("OpenProtectedStorage", ui.chkOpenProtectedStorage->isChecked());
if (ui.chkOpenCredentials->isEnabled())
@@ -797,7 +808,11 @@ void COptionsWindow::OnGeneralChanged()
ui.chkOpenSpooler->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityIsolation->isChecked());
ui.chkPrintToFile->setEnabled(!ui.chkBlockSpooler->isChecked() && !ui.chkNoSecurityFiltering->isChecked());
-
+
+ ui.lineSingleMemory->setEnabled(ui.chkAddToJob->isChecked());
+ ui.lineTotalMemory->setEnabled(ui.chkAddToJob->isChecked());
+ ui.lineTotalNumber->setEnabled(ui.chkAddToJob->isChecked());
+
ui.chkOpenCredentials->setEnabled(!ui.chkOpenProtectedStorage->isChecked());
if (!ui.chkOpenCredentials->isEnabled()) ui.chkOpenCredentials->setChecked(true);