This commit is contained in:
DavidXanatos 2024-06-16 14:35:38 +02:00
parent e7ddd1dadd
commit 41df619712
5 changed files with 54 additions and 38 deletions

View File

@ -1356,7 +1356,7 @@ _FX HWND Gui_CreateWindowExW(
// replace parent
//
if (Gui_BlockInterferenceControl && !SbieApi_QueryConfBool(NULL, L"AllowCoverTaskbar", FALSE)) {
if (Gui_DontAllowCoverTaskbar) {
typedef BOOL(*P_SystemParametersInfoA)(UINT uiAction, UINT uiParam, PVOID pvParam, UINT fWinIni);
static P_SystemParametersInfoA SystemParametersInfoA = NULL;
@ -1975,7 +1975,7 @@ _FX BOOL Gui_MoveWindow(
return FALSE;
}
if (Gui_BlockInterferenceControl && !SbieApi_QueryConfBool(NULL, L"AllowCoverTaskbar", FALSE)) {
if (Gui_DontAllowCoverTaskbar) {
typedef BOOL (*P_SystemParametersInfoA)(UINT uiAction, UINT uiParam, PVOID pvParam, UINT fWinIni);
static P_SystemParametersInfoA SystemParametersInfoA = NULL;
@ -2027,7 +2027,7 @@ _FX BOOL Gui_SetWindowPos(
// use SbieSvc GUI Proxy if hWnd is accessible but outside the sandbox
//
if (Gui_BlockInterferenceControl&&!SbieApi_QueryConfBool(NULL,L"AllowCoverTaskbar",FALSE)) {
if (Gui_DontAllowCoverTaskbar) {
if (hWndInsertAfter == HWND_TOPMOST || hWndInsertAfter == HWND_TOP)
hWndInsertAfter = HWND_DESKTOP;

View File

@ -508,6 +508,7 @@ extern BOOLEAN Gui_UseProtectScreen;
extern BOOLEAN Gui_UseBlockCapture;
extern BOOLEAN Gui_BlockInterferenceControl;
extern BOOLEAN Gui_DontAllowCoverTaskbar;
extern BOOLEAN Gui_UseProxyService;

View File

@ -172,6 +172,8 @@ static HANDLE Gui_DummyInputDesktopHandle = NULL;
BOOLEAN Gui_BlockInterferenceControl = FALSE;
BOOLEAN Gui_DontAllowCoverTaskbar = FALSE;
//---------------------------------------------------------------------------
// Gui_InitMisc
@ -183,6 +185,8 @@ _FX BOOLEAN Gui_InitMisc(HMODULE module)
if (! Gui_OpenAllWinClasses) {
Gui_BlockInterferenceControl = SbieApi_QueryConfBool(NULL, L"BlockInterferenceControl", FALSE);
if(Gui_BlockInterferenceControl)
Gui_DontAllowCoverTaskbar = !SbieApi_QueryConfBool(NULL, L"AllowCoverTaskbar", FALSE);
SBIEDLL_HOOK_GUI(SetParent);
if (Gui_UseProxyService) {

View File

@ -1,6 +1,6 @@
/*
* Copyright 2004-2020 Sandboxie Holdings, LLC
* Copyright 2020-2021 David Xanatos, xanasoft.com
* Copyright 2020-2023 David Xanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -306,13 +306,16 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
WCHAR boxname[BOXNAME_COUNT];
BOOL hideOther = SbieApi_QueryConfBool(NULL, L"HideOtherBoxes", TRUE);
BOOL hideNonSys = SbieApi_QueryConfBool(NULL, L"HideNonSystemProcesses", FALSE);
BOOL hideSbie = SbieApi_QueryConfBool(NULL, L"HideSbieProcesses", FALSE);
WCHAR* hiddenProcesses = NULL;
WCHAR* hiddenProcessesPtr = NULL;
ULONG hiddenProcessesLen = 100 * 110; // we can hide up to 100 processes, should be enough
WCHAR hiddenProcess[110];
ULONG tempSession = 0;
WCHAR tempSid[96] = {0};
ULONG tempSession = 0;
for (ULONG index = 0; ; ++index) {
NTSTATUS status = SbieApi_QueryConfAsIs(NULL, L"HideHostProcess", index, hiddenProcess, 108 * sizeof(WCHAR));
@ -346,22 +349,31 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
next = (SYSTEM_PROCESS_INFORMATION *) (((UCHAR *)curr) + curr->NextEntryOffset);
if (next == curr)
break;
WCHAR* imageFileName = NULL;
SbieApi_QueryProcess(next->UniqueProcessId, boxname, imageFileName, tempSid, &tempSession);
BOOL hideProcess = FALSE;
if(_wcsnicmp(tempSid, L"S-1-5-18",8) != 0 && _wcsnicmp(tempSid, L"S-1-5-80",8) != 0 && _wcsnicmp(tempSid, L"S-1-5-20", 8) != 0 && _wcsnicmp(tempSid, L"S-1-5-6", 7) != 0 && SbieApi_QueryConfBool(NULL, L"HideNonSystemProcesses", FALSE) && !*boxname) {
hideProcess = TRUE;
} else if (hideOther && *boxname && _wcsicmp(boxname, Dll_BoxName) != 0) {
hideProcess = TRUE;
}
else if (SbieApi_QueryConfBool(NULL, L"HideSbieProcesses", FALSE)&&*imageFileName&&(wcsstr(imageFileName, L"Sandboxie") != NULL ||wcsstr(imageFileName, L"Sbie") != NULL)) {
hideProcess = TRUE;
}
else if(hiddenProcesses && next->ImageName.Buffer) {
WCHAR* imagename = wcschr(next->ImageName.Buffer, L'\\');
WCHAR* imagename = NULL;
if (next->ImageName.Buffer) {
imagename = wcschr(next->ImageName.Buffer, L'\\');
if (imagename) imagename += 1; // skip L'\\'
else imagename = next->ImageName.Buffer;
}
SbieApi_QueryProcess(next->UniqueProcessId, boxname, NULL, tempSid, &tempSession);
BOOL hideProcess = FALSE;
if (hideNonSys && !*boxname
&& _wcsnicmp(tempSid, L"S-1-5-18", 8) != 0
&& _wcsnicmp(tempSid, L"S-1-5-80", 8) != 0
&& _wcsnicmp(tempSid, L"S-1-5-20", 8) != 0
&& _wcsnicmp(tempSid, L"S-1-5-6", 7) != 0) {
hideProcess = TRUE;
}
else if (hideOther && *boxname && _wcsicmp(boxname, Dll_BoxName) != 0) {
hideProcess = TRUE;
}
else if (hideSbie && imagename && (_wcsnicmp(imagename, L"Sandboxie", 9) == 0 || _wcsnicmp(imagename, L"Sbie", 4) == 0)) {
hideProcess = TRUE;
}
else if(hiddenProcesses && imagename) {
if (!*boxname || _wcsnicmp(imagename, L"Sandboxie", 9) == 0) {
for (hiddenProcessesPtr = hiddenProcesses; *hiddenProcessesPtr != L'\0'; hiddenProcessesPtr += wcslen(hiddenProcessesPtr) + 1) {
if (_wcsicmp(imagename, hiddenProcessesPtr) == 0) {

View File

@ -4631,7 +4631,6 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
<widget class="QWidget" name="tabHideProc">
<property name="font">
<font>
<weight>50</weight>
<bold>false</bold>
<kerning>true</kerning>
</font>
@ -4654,23 +4653,6 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QPushButton" name="btnAddProcess">
<property name="text">
<string>Add Process</string>
</property>
</widget>
</item>
<item row="3" column="0" colspan="2">
<widget class="QLabel" name="label_24">
<property name="text">
<string>Hide host processes from processes running in the sandbox.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="5" column="1">
<spacer name="verticalSpacer_16">
<property name="orientation">
@ -4698,7 +4680,24 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
</property>
</widget>
</item>
<item row="5" column="0" rowspan="3">
<item row="3" column="0">
<widget class="QLabel" name="label_24">
<property name="text">
<string>Hide host processes from processes running in the sandbox.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="QPushButton" name="btnAddProcess">
<property name="text">
<string>Add Process</string>
</property>
</widget>
</item>
<item row="4" column="0" rowspan="4">
<widget class="QTreeWidget" name="treeHideProc">
<property name="sortingEnabled">
<bool>true</bool>