diff --git a/CHANGELOG.md b/CHANGELOG.md
index a1238934..332ca724 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,19 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
+## [0.2.2 / 5.41.2] - 2020-06-19
+
+### Added
+- added option SeparateUserFolders=n to no longer have the user profile files stored separately in the sandbox
+- added SandboxieLogon=y it makes processes run under the SID of the "Sandboxie" user instead of the Anonymous user
+-- Note: the global option AllowSandboxieLogon=y must be enabled, the "Sandboxie" user account must be manually created first and the driver reloaded, else process start will fail
+- improved debugging around process creation errors in the driver
+
+### Fixed
+- fixed some log messages going lost after driver reload
+- found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5
+
+
## [0.2.1 / 5.41.1] - 2020-06-18
diff --git a/Sandboxie/common/my_version.h b/Sandboxie/common/my_version.h
index 690c2607..e9ecd49a 100644
--- a/Sandboxie/common/my_version.h
+++ b/Sandboxie/common/my_version.h
@@ -22,7 +22,7 @@
#define MY_VERSION_BINARY 5,41
#define MY_VERSION_STRING "5.41"
-#define MY_VERSION_STRING_EX "5.41.1"
+#define MY_VERSION_STRING_EX "5.41.2"
// These #defines are used by either Resource Compiler, or by NSIC installer
#define SBIE_INSTALLER_PATH "..\\Bin\\"
@@ -36,6 +36,8 @@
#define SANDBOXIE L"Sandboxie"
#define SBIE L"SBIE"
+#define SANDBOXIE_USER L"Sandboxie"
+
#define SBIE_BOXED_ SBIE L"_BOXED_"
#define SBIE_BOXED_LEN (4 + 7)
diff --git a/Sandboxie/core/dll/file.c b/Sandboxie/core/dll/file.c
index a08a62ff..d09e5683 100644
--- a/Sandboxie/core/dll/file.c
+++ b/Sandboxie/core/dll/file.c
@@ -368,6 +368,7 @@ _FX NTSTATUS File_GetName(
static const ULONG _ShareLen = 7;
static const WCHAR *_Drive = L"\\drive\\";
static const ULONG _DriveLen = 7;
+
static const WCHAR *_User = L"\\user";
static const ULONG _UserLen = 5;
static const WCHAR *_UserAll = L"\\user\\all";
@@ -376,7 +377,7 @@ _FX NTSTATUS File_GetName(
static const ULONG _UserCurrentLen = 13;
static const WCHAR *_UserPublic = L"\\user\\public";
static const ULONG _UserPublicLen = 12;
-
+
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
NTSTATUS status;
@@ -791,7 +792,8 @@ check_sandbox_prefix:
// that's ok because it hasn't been initialized yet
//
- else if (length >= _UserLen &&
+ else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) && // if we disable File_InitUsers we dont need to do it here and below
+ length >= _UserLen &&
_wcsnicmp(*OutTruePath, _User, _UserLen) == 0) {
if (File_AllUsersLen && length >= _UserAllLen &&
@@ -1045,7 +1047,8 @@ check_sandbox_prefix:
// "\user\current", respectively
//
- else if (File_AllUsersLen && length >= File_AllUsersLen &&
+ else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) &&
+ File_AllUsersLen && length >= File_AllUsersLen &&
0 == Dll_NlsStrCmp(
TruePath, File_AllUsers, File_AllUsersLen))
{
@@ -1057,7 +1060,8 @@ check_sandbox_prefix:
}
- else if (File_CurrentUserLen && length >= File_CurrentUserLen &&
+ else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) &&
+ File_CurrentUserLen && length >= File_CurrentUserLen &&
0 == Dll_NlsStrCmp(
TruePath, File_CurrentUser, File_CurrentUserLen))
{
@@ -1069,7 +1073,8 @@ check_sandbox_prefix:
}
- else if (File_PublicUserLen && length >= File_PublicUserLen &&
+ else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) &&
+ File_PublicUserLen && length >= File_PublicUserLen &&
0 == Dll_NlsStrCmp(
TruePath, File_PublicUser, File_PublicUserLen))
{
diff --git a/Sandboxie/core/dll/file_init.c b/Sandboxie/core/dll/file_init.c
index 3e6eb3f2..d5360253 100644
--- a/Sandboxie/core/dll/file_init.c
+++ b/Sandboxie/core/dll/file_init.c
@@ -144,8 +144,10 @@ _FX BOOLEAN File_Init(void)
if (! File_InitDrives(0xFFFFFFFF))
return FALSE;
- if (! File_InitUsers())
- return FALSE;
+ if (SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE)) {
+ if (!File_InitUsers())
+ return FALSE;
+ }
File_InitRecoverFolders();
diff --git a/Sandboxie/core/dll/gui.c b/Sandboxie/core/dll/gui.c
index bf20269d..c26759cc 100644
--- a/Sandboxie/core/dll/gui.c
+++ b/Sandboxie/core/dll/gui.c
@@ -952,11 +952,6 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
rc = (ULONG_PTR)NtCurrentThread();
- // OpenBox1 BEGIN
- if (SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
- rc = 0;
- else
- // OpenBox1 END
if (__sys_NtSetInformationThread)
{
rc = __sys_NtSetInformationThread(NtCurrentThread(),
diff --git a/Sandboxie/core/dll/proc.c b/Sandboxie/core/dll/proc.c
index cedc074c..70cfdbda 100644
--- a/Sandboxie/core/dll/proc.c
+++ b/Sandboxie/core/dll/proc.c
@@ -1085,6 +1085,11 @@ _FX BOOL Proc_CreateProcessInternalW_RS5(
lpApplicationName = TlsData->proc_image_path;
}
+ if (Dll_OsBuild >= 17763) {
+ // Fix-Me: this is a workaround for the MSI installer to work properly
+ lpProcessAttributes = NULL;
+ }
+
ok = __sys_CreateProcessInternalW_RS5(
NULL, lpApplicationName, lpCommandLine,
lpProcessAttributes, lpThreadAttributes, bInheritHandles,
@@ -1106,9 +1111,6 @@ _FX BOOL Proc_CreateProcessInternalW_RS5(
err = GetLastError();
}
- // OpenBox1 BEGIN
- if (!SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
- // OpenBox1 END
if (ok) {
//
diff --git a/Sandboxie/core/dll/scm_create.c b/Sandboxie/core/dll/scm_create.c
index 7df25cd1..0e97df62 100644
--- a/Sandboxie/core/dll/scm_create.c
+++ b/Sandboxie/core/dll/scm_create.c
@@ -1305,9 +1305,6 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
}
if (_wcsicmp(ServiceName, Scm_MsiServer) == 0) {
- if (Dll_OsBuild >= 17763 && SbieApi_QueryConfBool(NULL, L"AnonymousLogon", TRUE) == TRUE) {
- SbieApi_Log(2194, L"");
- }
Scm_IsMsiServer = TRUE;
}
diff --git a/Sandboxie/core/drv/SboxDrv.vcxproj b/Sandboxie/core/drv/SboxDrv.vcxproj
index 60f54022..ddb7ddce 100644
--- a/Sandboxie/core/drv/SboxDrv.vcxproj
+++ b/Sandboxie/core/drv/SboxDrv.vcxproj
@@ -105,7 +105,7 @@
Native
- ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;%(AdditionalDependencies)
+ ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;Ksecdd.lib;%(AdditionalDependencies)
DriverEntry
@@ -135,7 +135,7 @@
Native
- ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;%(AdditionalDependencies)
+ ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;Ksecdd.lib;%(AdditionalDependencies)
DriverEntry
@@ -173,7 +173,7 @@
Native
- ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;%(AdditionalDependencies)
+ ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;Ksecdd.lib;%(AdditionalDependencies)
DriverEntry
@@ -201,7 +201,7 @@
Native
- ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;%(AdditionalDependencies)
+ ntoskrnl.lib;hal.lib;wmilib.lib;fltmgr.lib;Ksecdd.lib;%(AdditionalDependencies)
DriverEntry
diff --git a/Sandboxie/core/drv/process.c b/Sandboxie/core/drv/process.c
index e5cffa12..3320f648 100644
--- a/Sandboxie/core/drv/process.c
+++ b/Sandboxie/core/drv/process.c
@@ -1166,7 +1166,7 @@ _FX void Process_NotifyImage(
{
static const WCHAR *_Ntdll32 = L"\\syswow64\\ntdll.dll"; // 19 chars
PROCESS *proc;
- BOOLEAN ok;
+ ULONG fail = 0;
//
// the notify routine is invoked for any image mapped for any purpose.
@@ -1216,56 +1216,58 @@ _FX void Process_NotifyImage(
// create the sandbox space
//
- ok = TRUE;
-
if (!proc->bHostInject)
{
- if (ok)
- ok = File_CreateBoxPath(proc);
+ if (!fail && !File_CreateBoxPath(proc))
+ fail = 0x01;
- if (ok)
- ok = Ipc_CreateBoxPath(proc);
+ if (!fail && !Ipc_CreateBoxPath(proc))
+ fail = 0x02;
- if (ok)
- ok = Key_MountHive(proc);
+ if (!fail && !Key_MountHive(proc))
+ fail = 0x03;
//
// initialize the filtering components
//
- if (ok)
- ok = File_InitProcess(proc);
+ if (!fail && !File_InitProcess(proc))
+ fail = 0x04;
- if (ok)
- ok = Key_InitProcess(proc);
+ if (!fail && !Key_InitProcess(proc))
+ fail = 0x05;
- if (ok)
- ok = Ipc_InitProcess(proc);
+ if (!fail && !Ipc_InitProcess(proc))
+ fail = 0x06;
- if (ok)
- ok = Gui_InitProcess(proc);
+ if (!fail && !Gui_InitProcess(proc))
+ fail = 0x07;
- if (ok)
- ok = Process_Low_InitConsole(proc);
+ if (!fail && !Process_Low_InitConsole(proc))
+ fail = 0x08;
- if (ok)
- ok = Token_ReplacePrimary(proc);
+ if (!fail && !Token_ReplacePrimary(proc))
+ fail = 0x09;
- if (ok)
- ok = Thread_InitProcess(proc);
+ if (!fail && !Thread_InitProcess(proc))
+ fail = 0x0A;
}
//
// terminate process if initialization failed
//
- if (ok) {
+ if (!fail) {
proc->initialized = TRUE;
} else {
+ Log_Status_Ex_Session(
+ MSG_1231, fail, STATUS_UNSUCCESSFUL, NULL, proc->box->session_id);
+
proc->terminated = TRUE;
+ proc->reason = 0xA0 + fail;
Process_CancelProcess(proc);
}
diff --git a/Sandboxie/core/drv/syscall_open.c b/Sandboxie/core/drv/syscall_open.c
index c3e63255..8e06c3b7 100644
--- a/Sandboxie/core/drv/syscall_open.c
+++ b/Sandboxie/core/drv/syscall_open.c
@@ -644,9 +644,9 @@ _FX NTSTATUS Syscall_DuplicateHandle_2(
// thread_token.c has a function for this specific case.
//
- // OpenBox2 BEGIN
+ // OpenToken BEGIN
if (!(Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)))
- // OpenBox2 END
+ // OpenToken END
status = Thread_CheckTokenObject(
proc, OpenedObject, HandleInfo.GrantedAccess);
}
diff --git a/Sandboxie/core/drv/thread_token.c b/Sandboxie/core/drv/thread_token.c
index 892ad583..f8b7f5fe 100644
--- a/Sandboxie/core/drv/thread_token.c
+++ b/Sandboxie/core/drv/thread_token.c
@@ -1243,9 +1243,9 @@ _FX NTSTATUS Thread_SetInformationThread_ImpersonationToken(
MyTokenHandle, TOKEN_IMPERSONATE,
*SeTokenObjectType, UserMode, &TokenObject, NULL);
- // OpenBox2 BEGIN
+ // OpenToken BEGIN
if (!(Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)))
- // OpenBox2 END
+ // OpenToken END
if (NT_SUCCESS(status)) {
status = Thread_CheckTokenForImpersonation(
diff --git a/Sandboxie/core/drv/token.c b/Sandboxie/core/drv/token.c
index 0466b772..39af060e 100644
--- a/Sandboxie/core/drv/token.c
+++ b/Sandboxie/core/drv/token.c
@@ -24,6 +24,7 @@
#include "process.h"
#include "conf.h"
#include "api.h"
+#include "util.h"
#include "common/my_version.h"
@@ -142,6 +143,15 @@ static UCHAR AnonymousLogonSid[12] = {
SECURITY_ANONYMOUS_LOGON_RID,0,0,0 // SubAuthority
};
+static UCHAR SandboxieLogonSid[SECURITY_MAX_SID_SIZE] = { 0 }; // SbieLogin
+
+static UCHAR SystemLogonSid[12] = {
+ 1, // Revision
+ 1, // SubAuthorityCount
+ 0,0,0,0,0,5, // SECURITY_NT_AUTHORITY // IdentifierAuthority
+ SECURITY_LOCAL_SYSTEM_RID,0,0,0 // SubAuthority
+};
+
UCHAR Sbie_Token_SourceName[5] = { 's', 'b', 'o', 'x', 0 };
#define ProcessMitigationPolicy 52
@@ -204,6 +214,32 @@ _FX BOOLEAN Token_Init(void)
#undef MySetGroup
+ //
+ // find the sid of the sandboxie user if present
+ //
+
+ // SbieLogin BEGIN
+ if (Conf_Get_Boolean(NULL, L"AllowSandboxieLogon", 0, FALSE))
+ {
+ WCHAR AccountBuffer[64]; // DNLEN + 1 + sizeof(SANDBOXIE_USER) + reserve
+ UNICODE_STRING AccountName = { 0, sizeof(AccountBuffer), AccountBuffer }; // Note: max valid length is (DNLEN (15) + 1) * sizeof(WCHAR), length is in bytes leave half empty
+ if (GetRegString(RTL_REGISTRY_ABSOLUTE, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Control\\ComputerName\\ActiveComputerName", L"ComputerName", &AccountName) && AccountName.Length < 64)
+ {
+ wcscpy(AccountName.Buffer + (AccountName.Length / sizeof(WCHAR)), L"\\" SANDBOXIE_USER);
+ AccountName.Length += (1 + wcslen(SANDBOXIE_USER)) * sizeof(WCHAR);
+ //DbgPrint("Sbie, AccountName: %S\n", AccountName.Buffer);
+
+ SID_NAME_USE use;
+ ULONG userSize = sizeof(SandboxieLogonSid), domainSize = 0;
+ WCHAR DomainBuff[20]; // doesn't work without this
+ UNICODE_STRING DomainName = { 0, sizeof(DomainBuff), DomainBuff };
+
+ SecLookupAccountName(&AccountName, &userSize, (PSID)SandboxieLogonSid, &use, &domainSize, &DomainName);
+ //DbgPrint("Sbie, SecLookupAccountName: %x; size:%d %d\n", status, userSize, domainSize);
+ }
+ }
+ // SbieLogin END
+
//
// find SepFilterToken for Token_RestrictHelper1
//
@@ -433,11 +469,11 @@ _FX void *Token_FilterPrimary(PROCESS *proc, void *ProcessObject)
return NULL;
}
- // OpenBox2 BEGIN
+ // OpenToken BEGIN
if (Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)) {
return PrimaryToken;
}
- // OpenBox2 END
+ // OpenToken END
// DbgPrint(" Process Token %08X - %d <%S>\n", PrimaryToken, proc->pid, proc->image_name);
@@ -782,14 +818,14 @@ _FX void *Token_Restrict(
TOKEN_USER *user;
void *NewTokenObject;
- // OpenBox2 BEGIN
+ // OpenToken BEGIN
if (Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnrestrictedToken", 0, FALSE)) {
SeFilterToken(TokenObject, 0, NULL, NULL, NULL, &NewTokenObject);
return NewTokenObject;
//ObReferenceObject(TokenObject);
//return TokenObject;
}
- // OpenBox2 END
+ // OpenToken END
groups = Token_Query(TokenObject, TokenGroups, proc->box->session_id);
privs = Token_Query(TokenObject, TokenPrivileges, proc->box->session_id);
@@ -904,17 +940,19 @@ _FX BOOLEAN Token_ResetPrimary(PROCESS *proc)
((ULONG_PTR)TokenObject + UserAndGroups_offset);
// Windows 8.1 update
- if (SidAndAttrsInToken->Sid == (PSID)AnonymousLogonSid)
+ if (SidAndAttrsInToken->Sid == (PSID)AnonymousLogonSid || SidAndAttrsInToken->Sid == (PSID)SandboxieLogonSid)
{
+ //DbgPrint("Sbie, restore token pointer\n");
+
SidAndAttrsInTokenOrig = *(SID_AND_ATTRIBUTES **)
((ULONG_PTR)(proc->primary_token) + UserAndGroups_offset);
SidAndAttrsInToken->Sid = SidAndAttrsInTokenOrig->Sid;
- ok = TRUE;
}
}
PsDereferencePrimaryToken(TokenObject);
+ ok = TRUE;
}
ObDereferenceObject(ProcessObject);
@@ -1163,29 +1201,52 @@ _FX void *Token_RestrictHelper1(
UCHAR *SidInToken = (UCHAR *)SidAndAttrsInToken->Sid;
if (SidInToken && SidInToken[1] >= 1) { // SubAuthorityCount >= 1
- // In windows 8.1 Sid can be in two difference places. One is relative to SidAndAttrsInToken.
- // By debugger, the offset is 0xf0 after SidAndAttrsInToken. The other one is with KB2919355,
- // Sid is not relative to SidAndAttrsInToken, it is shared with other processes and it doesn't
- // have its own memory inside the token. We can't call memcpy on this shared memory. Workaround is
- // to assign Sandbox's AnonymousLogonSid to it.
+ PSID NewSid = NULL;
- // If user sid points to the end of token's UserAndGroups, the sid is not shared.
+ // SbieLogin BEGIN
+ if (Conf_Get_Boolean(proc->box->name, L"SandboxieLogon", 0, FALSE))
+ {
+ if (SandboxieLogonSid[0] != 0)
+ NewSid = (PSID)SandboxieLogonSid;
+ else
+ status = STATUS_UNSUCCESSFUL;
+ }
+ else
+ // SbieLogin END
// debug tip. To disable anonymous logon, set AnonymousLogon=n
if (Conf_Get_Boolean(proc->box->name, L"AnonymousLogon", 0, TRUE))
{
- if (Driver_OsVersion >= DRIVER_WINDOWS_8
- && Driver_OsVersion <= DRIVER_WINDOWS_10
- && Token_IsSharedSid_W8(NewTokenObject)) {
-
- SidAndAttrsInToken->Sid = (PSID)AnonymousLogonSid;
- }
- else {
- memcpy(SidInToken, AnonymousLogonSid, sizeof(AnonymousLogonSid));
- }
+ NewSid = (PSID)AnonymousLogonSid;
}
+ if (NewSid != NULL)
+ {
+ // In windows 8.1 Sid can be in two difference places. One is relative to SidAndAttrsInToken.
+ // By debugger, the offset is 0xf0 after SidAndAttrsInToken. The other one is with KB2919355,
+ // Sid is not relative to SidAndAttrsInToken, it is shared with other processes and it doesn't
+ // have its own memory inside the token. We can't call memcpy on this shared memory. Workaround is
+ // to assign Sandbox's AnonymousLogonSid to it.
+
+ // If user sid points to the end of token's UserAndGroups, the sid is not shared.
+
+ if ((Driver_OsVersion >= DRIVER_WINDOWS_8
+ && Driver_OsVersion <= DRIVER_WINDOWS_10
+ && Token_IsSharedSid_W8(NewTokenObject))
+
+ // When trying apply the SbieLogin token to a system process there is not enough space in the SID
+ // so we need to use a workaround not unlike the one for win 8
+ || (RtlLengthSid(SidInToken) < RtlLengthSid(NewSid))
+ ) {
+
+ //DbgPrint("Sbie, hack token pointer\n");
+ SidAndAttrsInToken->Sid = (PSID)NewSid;
+ }
+ else {
+ memcpy(SidInToken, NewSid, RtlLengthSid(NewSid));
+ }
+ }
}
else
status = STATUS_UNKNOWN_REVISION;
@@ -1333,6 +1394,7 @@ _FX void *Token_RestrictHelper3(
BOOLEAN UserSidAlreadyInGroups = FALSE;
BOOLEAN AnonymousLogonSidAlreadyInGroups = FALSE;
+ // todo: should we do somethign with SandboxieLogonSid here?
n = 0;
@@ -1663,11 +1725,6 @@ _FX BOOLEAN Token_ReplacePrimary(PROCESS *proc)
NTSTATUS status;
BOOLEAN ok = FALSE;
- // OpenBox1 BEGIN
- if (Conf_Get_Boolean(proc->box->name, L"OriginalToken", 0, FALSE))
- return TRUE;
- // OpenBox1 END
-
//
// lookup the process object to get the old primary token
//
diff --git a/Sandboxie/core/drv/util.c b/Sandboxie/core/drv/util.c
index b74d0093..ba1d4bae 100644
--- a/Sandboxie/core/drv/util.c
+++ b/Sandboxie/core/drv/util.c
@@ -257,6 +257,27 @@ BOOLEAN DoesRegValueExist(ULONG RelativeTo, WCHAR *Path, WCHAR *ValueName)
return (status == STATUS_SUCCESS);
}
+
+BOOLEAN GetRegString(ULONG RelativeTo, WCHAR *Path, WCHAR *ValueName, UNICODE_STRING* pData)
+{
+ NTSTATUS status;
+ RTL_QUERY_REGISTRY_TABLE qrt[2];
+
+ memzero(qrt, sizeof(qrt));
+ qrt[0].Flags = RTL_QUERY_REGISTRY_REQUIRED |
+ RTL_QUERY_REGISTRY_DIRECT |
+ RTL_QUERY_REGISTRY_NOVALUE |
+ RTL_QUERY_REGISTRY_NOEXPAND;
+ qrt[0].Name = ValueName;
+ qrt[0].EntryContext = pData;
+ qrt[0].DefaultType = REG_NONE;
+
+ status = RtlQueryRegistryValues(
+ RelativeTo, Path, qrt, NULL, NULL);
+
+ return (status == STATUS_SUCCESS);
+}
+
void *memmem(const void *pSearchBuf,
size_t nBufSize,
const void *pPattern,
diff --git a/Sandboxie/core/drv/util.h b/Sandboxie/core/drv/util.h
index 52ab7c52..c8c37bd5 100644
--- a/Sandboxie/core/drv/util.h
+++ b/Sandboxie/core/drv/util.h
@@ -88,6 +88,7 @@ WCHAR *SearchUnicodeString(PCUNICODE_STRING pString1, PWCHAR pString2, BOOLEAN b
BOOLEAN UnicodeStringStartsWith(PCUNICODE_STRING pString1, PWCHAR pString2, BOOLEAN boolCaseInSensitive);
BOOLEAN UnicodeStringEndsWith(PCUNICODE_STRING pString1, PWCHAR pString2, BOOLEAN boolCaseInSensitive);
BOOLEAN DoesRegValueExist(ULONG RelativeTo, WCHAR *Path, WCHAR *ValueName);
+BOOLEAN GetRegString(ULONG RelativeTo, WCHAR *Path, WCHAR *ValueName, UNICODE_STRING* pData);
void *memmem(const void *pSearchBuf, size_t nBufSize, const void *pPattern, size_t nPatternSize);
//---------------------------------------------------------------------------
diff --git a/Sandboxie/core/svc/ProcessServer.cpp b/Sandboxie/core/svc/ProcessServer.cpp
index 918092c3..ad6a9b0c 100644
--- a/Sandboxie/core/svc/ProcessServer.cpp
+++ b/Sandboxie/core/svc/ProcessServer.cpp
@@ -719,19 +719,6 @@ HANDLE ProcessServer::RunSandboxedGetToken(
CloseHandle(ThreadHandle);
- // OpenBox1 BEGIN
- if (!ok && SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
- {
- ThreadHandle = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
- PipeServer::GetCallerProcessId());
-
- ok = OpenProcessToken(
- ThreadHandle, TOKEN_RIGHTS, &OldTokenHandle);
-
- CloseHandle(ThreadHandle);
- }
- // OpenBox1 END
-
if (! ok) {
SetLastError(LastError);
return NULL;
diff --git a/Sandboxie/msgs/Sbie-English-1033.txt b/Sandboxie/msgs/Sbie-English-1033.txt
index 3ebe665f..edfc2233 100644
Binary files a/Sandboxie/msgs/Sbie-English-1033.txt and b/Sandboxie/msgs/Sbie-English-1033.txt differ
diff --git a/Sandboxie/msgs/Text-German-1031.txt b/Sandboxie/msgs/Text-German-1031.txt
index 8f2ed2d4..28420187 100644
Binary files a/Sandboxie/msgs/Text-German-1031.txt and b/Sandboxie/msgs/Text-German-1031.txt differ
diff --git a/SandboxiePlus/QSbieAPI/SbieAPI.cpp b/SandboxiePlus/QSbieAPI/SbieAPI.cpp
index a006a4f2..b44f8982 100644
--- a/SandboxiePlus/QSbieAPI/SbieAPI.cpp
+++ b/SandboxiePlus/QSbieAPI/SbieAPI.cpp
@@ -159,6 +159,9 @@ SB_STATUS CSbieAPI::Connect(bool takeOver, bool andLoad)
m_SbiePath = GetSbieHome();
m->SbieMsgDll = LoadLibraryEx((m_SbiePath.toStdWString() + L"\\" SBIEMSG_DLL).c_str(), NULL, LOAD_LIBRARY_AS_DATAFILE);
+ m->lastMessageNum = 0;
+ m->lastRecordNum = 0;
+
m_bTerminate = false;
start();
diff --git a/SandboxiePlus/SandMan/Models/SbieModel.cpp b/SandboxiePlus/SandMan/Models/SbieModel.cpp
index 27d72b7f..3dc76af0 100644
--- a/SandboxiePlus/SandMan/Models/SbieModel.cpp
+++ b/SandboxiePlus/SandMan/Models/SbieModel.cpp
@@ -105,8 +105,11 @@ QList CSbieModel::Sync(const QMap& BoxList)
bool HasActive = Sync(pBox, ProcessList, New, Old, Added);
int inUse = (HasActive ? 1 : 0);
int boxType = pBoxEx && pBoxEx->HasLogApi() ? eLogApi : eNormal;
- if (pBoxEx && pBoxEx->IsOpenBox())
+ if (pBoxEx && pBoxEx->NoAnonymousLogon())
+ boxType = eCyan;
+ if (pBoxEx && pBoxEx->HasOpenToken())
boxType = eOpenBox;// : eOpenInSys;
+
if (pNode->inUse != inUse || pNode->boxType != boxType)
{
pNode->inUse = inUse;
diff --git a/SandboxiePlus/SandMan/Models/SbieModel.h b/SandboxiePlus/SandMan/Models/SbieModel.h
index 0640d4cf..f75e604f 100644
--- a/SandboxiePlus/SandMan/Models/SbieModel.h
+++ b/SandboxiePlus/SandMan/Models/SbieModel.h
@@ -67,7 +67,7 @@ private:
eNormal = eYelow,
eLogApi = eRed,
- eOpenLogApi = eCyan,
+ // = eCyan,
eOpenBox = eGreen,
// = eMagenta,
// = eOrang,
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index 85f41cbc..2aa90213 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -285,7 +285,7 @@ CSandMan::CSandMan(QWidget *parent)
m_pToolBar->addSeparator();
- /*QWidget* pSpacer = new QWidget();
+ QWidget* pSpacer = new QWidget();
pSpacer->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding);
m_pToolBar->addWidget(pSpacer);
@@ -297,7 +297,7 @@ CSandMan::CSandMan(QWidget *parent)
pSupport->setTextInteractionFlags(Qt::TextBrowserInteraction);
connect(pSupport, SIGNAL(linkActivated(const QString&)), this, SLOT(OnAbout()));
m_pToolBar->addWidget(pSupport);
- m_pToolBar->addWidget(new QLabel(" "));*/
+ m_pToolBar->addWidget(new QLabel(" "));
diff --git a/SandboxiePlus/SandMan/SandMan.h b/SandboxiePlus/SandMan/SandMan.h
index 06fb9f66..9599cc0b 100644
--- a/SandboxiePlus/SandMan/SandMan.h
+++ b/SandboxiePlus/SandMan/SandMan.h
@@ -10,7 +10,7 @@
#define VERSION_MJR 0
#define VERSION_MIN 2
-#define VERSION_REV 1
+#define VERSION_REV 2
#define VERSION_UPD 0
diff --git a/SandboxiePlus/SandMan/SbiePlusAPI.cpp b/SandboxiePlus/SandMan/SbiePlusAPI.cpp
index c9ad6893..9c805ca5 100644
--- a/SandboxiePlus/SandMan/SbiePlusAPI.cpp
+++ b/SandboxiePlus/SandMan/SbiePlusAPI.cpp
@@ -29,7 +29,8 @@ CBoxedProcess* CSbiePlusAPI::NewBoxedProcess(quint64 ProcessId, class CSandBox*
CSandBoxPlus::CSandBoxPlus(const QString& BoxName, class CSbieAPI* pAPI) : CSandBox(BoxName, pAPI)
{
m_bLogApiFound = false;
- m_bIsOpenBox = false;
+ m_bNoAnonymousLogon = false;
+ m_bHasOpenToken = false;
}
CSandBoxPlus::~CSandBoxPlus()
@@ -41,7 +42,9 @@ void CSandBoxPlus::UpdateDetails()
QStringList List = GetTextList("OpenPipePath");
m_bLogApiFound = List.contains("\\Device\\NamedPipe\\LogAPI");
- m_bIsOpenBox = GetBool("OpenToken") || GetBool("UnrestrictedToken") || GetBool("UnfilteredToken") || GetBool("OriginalToken");
+ m_bNoAnonymousLogon = GetBool("AnonymousLogon", true) == false;
+
+ m_bHasOpenToken = GetBool("OpenToken") || GetBool("UnrestrictedToken") || GetBool("UnfilteredToken");
CSandBox::UpdateDetails();
}
\ No newline at end of file
diff --git a/SandboxiePlus/SandMan/SbiePlusAPI.h b/SandboxiePlus/SandMan/SbiePlusAPI.h
index 23a72bdf..83a9738e 100644
--- a/SandboxiePlus/SandMan/SbiePlusAPI.h
+++ b/SandboxiePlus/SandMan/SbiePlusAPI.h
@@ -31,10 +31,12 @@ public:
virtual void UpdateDetails();
virtual bool HasLogApi() const { return m_bLogApiFound; }
- virtual bool IsOpenBox() const { return m_bIsOpenBox; }
+ virtual bool NoAnonymousLogon() const { return m_bNoAnonymousLogon; }
+ virtual bool HasOpenToken() const { return m_bHasOpenToken; }
protected:
bool m_bLogApiFound;
- bool m_bIsOpenBox;
+ bool m_bNoAnonymousLogon;
+ bool m_bHasOpenToken;
};
\ No newline at end of file