diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
index 63ebfa35..9152d1b6 100644
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@@ -1198,41 +1198,22 @@
-
-
-
-
-
- Qt::Vertical
-
-
-
- 20
- 5
-
-
-
-
- -
-
+
-
+
- Various isolation features can break compatibility with some applications. If you are using this sandbox <b>NOT for Security</b> but for application portability, by changing these options you can restore compatibility by sacrificing some security.
+ Security Isolation through the usage of a heavily restricted process token is Sandboxie's primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. it’s no longer providing reliable security, just simple application compartmentalization.
true
- -
-
-
- Qt::Horizontal
+
-
+
+
+ Open access to Windows Security Account Manager
-
-
- 40
- 5
-
-
-
+
-
@@ -1241,10 +1222,43 @@
- -
-
+
-
+
- Open access to Windows Security Account Manager
+ Allow sandboxed programs to manage Hardware/Devices
+
+
+
+ -
+
+
+ Open access to Windows Local Security Authority
+
+
+
+ -
+
+
+
+ true
+ true
+
+
+
+ Protect the sandbox integrity itself
+
+
+ Desktop Isolation
+
+
+
+ -
+
+
+ Various isolation features can break compatibility with some applications. If you are using this sandbox <b>NOT for Security</b> but for application portability, by changing these options you can restore compatibility by sacrificing some security.
+
+
+ true
@@ -1265,28 +1279,10 @@
- -
-
-
- Security Isolation through the usage of a heavily restricted process token is Sandboxie's primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. it’s no longer providing reliable security, just simple application compartmentalization.
-
-
- true
-
-
-
- -
-
-
- Open access to Windows Local Security Authority
-
-
-
-
- 75
true
true
@@ -1299,11 +1295,10 @@
- -
+
-
- 75
true
true
@@ -1316,14 +1311,33 @@
- -
-
-
- Allow sandboxed programs to manage Hardware/Devices
+
-
+
+
+ Qt::Horizontal
-
+
+
+ 40
+ 5
+
+
+
- -
+
-
+
+
+ Qt::Vertical
+
+
+
+ 20
+ 5
+
+
+
+
+ -
The below options can be used safely when you don't grant admin rights.
@@ -1333,6 +1347,13 @@
+ -
+
+
+ Run Processes on an own Sandboxed Desktop
+
+
+
diff --git a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
index 3aae82a1..cbea6ff4 100644
--- a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
@@ -449,7 +449,7 @@
-
- 1
+ 0
@@ -458,17 +458,29 @@
-
-
-
-
-
- Add 'Run Un-Sandboxed' to the context menu
+
-
+
+
+ Qt::Vertical
-
+
+
+ 20
+ 0
+
+
+
- -
-
+
-
+
+
+
+ true
+ true
+
+
- Start UI with Windows
+ Start Sandbox Manager
@@ -485,77 +497,6 @@
- -
-
-
- Scan shell folders and offer links in run menu
-
-
-
- -
-
-
-
- 75
- true
- true
-
-
-
- Start Menu Integration
-
-
-
- -
-
-
- Qt::Vertical
-
-
-
- 20
- 0
-
-
-
-
- -
-
-
- -
-
-
- Add 'Run Sandboxed' to the explorer context menu
-
-
-
- -
-
-
-
- 75
- true
- true
-
-
-
- Start Sandbox Manager
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 40
- 20
-
-
-
-
-
@@ -569,11 +510,50 @@
+ -
+
+
+ Integrate with Host Desktop
+
+
+ Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
+
+
+ true
+
+
+
+ -
+
+
+ Start UI when a sandboxed process is started
+
+
+
+ -
+
+
+ Always use DefaultBox
+
+
+
+ -
+
+
+
+ true
+ true
+
+
+
+ Start Menu Integration
+
+
+
-
- 75
true
true
@@ -583,10 +563,23 @@
- -
-
+
-
+
+
+ Qt::Horizontal
+
+
+
+ 40
+ 0
+
+
+
+
+ -
+
- Always use DefaultBox
+ Start UI with Windows
@@ -603,39 +596,70 @@
- -
-
+
-
+
+
+ -
+
+
+ Add 'Run Sandboxed' to the explorer context menu
+
+
+
+ -
+
+
+
+ true
+ true
+
+
+
+ Sandboxed Desktop
+
+
+
+ -
+
Qt::Horizontal
40
- 0
+ 20
- -
-
-
- Start UI when a sandboxed process is started
-
-
-
-
- -
-
+
-
+
- Integrate with Host Desktop
+ Scan shell folders and offer links in run menu
-
- Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
+
+
+ -
+
+
+ Add 'Run Un-Sandboxed' to the context menu
-
- true
+
+
+ -
+
+
+ Switch to sandboxed desktop when starting a process
+
+
+
+ -
+
+
+ Switch to sandboxed desktop with double click
diff --git a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
index ac265b65..baf9b309 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@@ -33,6 +33,8 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkNoSecurityIsolation, SIGNAL(clicked(bool)), this, SLOT(OnIsolationChanged()));
connect(ui.chkNoSecurityFiltering, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
+ connect(ui.chkSbieDesktop, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
+
connect(ui.chkOpenDevCMApi, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
//connect(ui.chkOpenLsaSSPI, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkOpenSamEndpoint, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@@ -144,6 +146,8 @@ void COptionsWindow::LoadAdvanced()
ui.chkNoSecurityIsolation->setChecked(m_pBox->GetBool("NoSecurityIsolation", false));
ui.chkNoSecurityFiltering->setChecked(m_pBox->GetBool("NoSecurityFiltering", false));
+ ui.chkSbieDesktop->setChecked(m_pBox->GetBool("UseSandboxDesktop", false));
+
ui.chkOpenDevCMApi->setChecked(m_pBox->GetBool("OpenDevCMApi", false));
//ui.chkOpenLsaSSPI->setChecked(!m_pBox->GetBool("BlockPassword", true)); // OpenLsaSSPI
ui.chkOpenSamEndpoint->setChecked(m_pBox->GetBool("OpenSamEndpoint", false));
@@ -367,6 +371,8 @@ void COptionsWindow::SaveAdvanced()
WriteAdvancedCheck(ui.chkNoSecurityIsolation, "NoSecurityIsolation", "y", "");
WriteAdvancedCheck(ui.chkNoSecurityFiltering, "NoSecurityFiltering", "y", "");
+ WriteAdvancedCheck(ui.chkSbieDesktop, "UseSandboxDesktop", "y", "");
+
WriteAdvancedCheck(ui.chkOpenDevCMApi, "OpenDevCMApi", "y", "");
//WriteAdvancedCheck(ui.chkOpenLsaSSPI, "BlockPassword", "n", ""); // OpenLsaSSPI
WriteAdvancedCheck(ui.chkOpenSamEndpoint, "OpenSamEndpoint", "y", "");
diff --git a/SandboxiePlus/SandMan/Windows/OptionsWindow.cpp b/SandboxiePlus/SandMan/Windows/OptionsWindow.cpp
index d81b32be..0b02c86e 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsWindow.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsWindow.cpp
@@ -389,6 +389,7 @@ COptionsWindow::COptionsWindow(const QSharedPointer& pBox, const QStri
AddIconToLabel(ui.lblFence, CSandMan::GetIcon("BFance").pixmap(size,size));
AddIconToLabel(ui.lblToken, CSandMan::GetIcon("Sandbox").pixmap(size,size));
AddIconToLabel(ui.lblIsolation, CSandMan::GetIcon("Fence").pixmap(size,size));
+ AddIconToLabel(ui.lblDesktop, CSandMan::GetIcon("Monitor").pixmap(size,size));
AddIconToLabel(ui.lblAccess, CSandMan::GetIcon("NoAccess").pixmap(size,size));
AddIconToLabel(ui.lblProtection, CSandMan::GetIcon("EFence").pixmap(size,size));
AddIconToLabel(ui.lblMonitor, CSandMan::GetIcon("Monitor").pixmap(size,size));
diff --git a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
index 8326aea0..5e18fa51 100644
--- a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
+++ b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
@@ -175,6 +175,7 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
AddIconToLabel(ui.lblStartUp, CSandMan::GetIcon("Start").pixmap(size,size));
AddIconToLabel(ui.lblRunBoxed, CSandMan::GetIcon("Run").pixmap(size,size));
AddIconToLabel(ui.lblStartMenu, CSandMan::GetIcon("StartMenu").pixmap(size,size));
+ AddIconToLabel(ui.lblDesktop, CSandMan::GetIcon("Monitor").pixmap(size,size));
AddIconToLabel(ui.lblSysTray, CSandMan::GetIcon("Maintenance").pixmap(size,size));
AddIconToLabel(ui.lblInterface, CSandMan::GetIcon("GUI").pixmap(size,size));
@@ -335,6 +336,9 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
connect(ui.chkScanMenu, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbIntegrateMenu, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbIntegrateDesk, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
+
+ connect(ui.chkDeskAutoSwitch, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
+ connect(ui.chkDeskQuickSwitch, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbSysTray, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbTrayBoxes, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
@@ -945,6 +949,9 @@ void CSettingsWindow::LoadSettings()
ui.chkScanMenu->setChecked(theConf->GetBool("Options/ScanStartMenu", true));
ui.cmbIntegrateMenu->setCurrentIndex(theConf->GetInt("Options/IntegrateStartMenu", 0));
ui.cmbIntegrateDesk->setCurrentIndex(theConf->GetInt("Options/IntegrateDesktop", 0));
+
+ ui.chkDeskAutoSwitch->setChecked(theConf->GetBool("Options/AutoDesktopSwitch", true));
+ ui.chkDeskQuickSwitch->setChecked(theConf->GetBool("Options/QuickDesktopSwitch", true));
ui.cmbSysTray->setCurrentIndex(theConf->GetInt("Options/SysTrayIcon", 1));
ui.cmbTrayBoxes->setCurrentIndex(theConf->GetInt("Options/SysTrayFilter", 0));