From 9f57abf9c3de539a2b6f0acf0dd9d4260006b377 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Sat, 22 Jun 2024 19:37:41 +0800
Subject: [PATCH 01/11] UI
---
SandboxiePlus/SandMan/Forms/OptionsWindow.ui | 481 +++++++++---------
.../SandMan/Windows/OptionsAdvanced.cpp | 15 +-
2 files changed, 261 insertions(+), 235 deletions(-)
diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
index 64f7a61f..36e00a35 100644
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@@ -7,7 +7,7 @@
0
0
835
- 475
+ 575
@@ -45,7 +45,7 @@
QTabWidget::North
- 1
+ 9
@@ -1095,7 +1095,7 @@
-
- 3
+ 4
@@ -1597,6 +1597,7 @@
+ 75
true
true
@@ -1700,6 +1701,7 @@
+ 75
true
true
@@ -1719,6 +1721,7 @@
+ 50
false
true
@@ -1726,146 +1729,153 @@
Advanced Security
-
-
-
-
-
-
-
-
- Drop critical privileges from processes running with a SYSTEM token
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 40
- 20
-
-
-
-
- -
-
-
- Allow only privileged processes to access the Service Control Manager
-
-
-
- -
-
-
- Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens.
-
-
- true
-
-
-
- -
-
-
-
- true
- true
-
-
-
- (Security Critical)
-
-
-
- -
-
-
-
- true
- true
-
-
-
- Protect the sandbox integrity itself
-
-
- Privilege isolation
-
-
-
- -
-
-
- Do not start sandboxed services using a system token (recommended)
-
-
-
- -
-
-
- Use a Sandboxie login instead of an anonymous token
-
-
-
- -
-
-
- Qt::Vertical
-
-
-
- 20
- 5
-
-
-
-
- -
-
-
- Start the sandboxed RpcSs as a SYSTEM process (not recommended)
-
-
-
- -
-
-
- Protect sandboxed SYSTEM processes from unprivileged processes
-
-
-
- -
-
-
-
- true
- true
-
-
-
- (Security Critical)
-
-
-
- -
-
-
-
- true
- true
-
-
-
- Protect the sandbox integrity itself
-
-
- Sandboxie token
-
-
-
-
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Protect the sandbox integrity itself
+
+
+ Privilege isolation
+
+
+
+ -
+
+
+ Allow only privileged processes to access the Service Control Manager
+
+
+
+ -
+
+
+ Do not start sandboxed services using a system token (recommended)
+
+
+
+ -
+
+
+ Start the sandboxed RpcSs as a SYSTEM process (not recommended)
+
+
+
+ -
+
+
+ Protect sandboxed SYSTEM processes from unprivileged processes
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ (Security Critical)
+
+
+
+ -
+
+
+ Drop critical privileges from processes running with a SYSTEM token
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ (Security Critical)
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Protect the sandbox integrity itself
+
+
+ Sandboxie token
+
+
+
+ -
+
+
+ Use a Sandboxie login instead of an anonymous token
+
+
+
+ -
+
+
+ Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens.
+
+
+ true
+
+
+
+ -
+
+
+ Create a new sandboxed token instead of setting down default token
+
+
+
+ -
+
+
+ Qt::Vertical
+
+
+
+ 20
+ 185
+
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 457
+ 20
+
+
+
@@ -4042,6 +4052,7 @@ The process match level has a higher priority than the specificity and describes
+ 50
false
true
@@ -4053,94 +4064,98 @@ The process match level has a higher priority than the specificity and describes
Compatibility
-
- -
-
-
-
-
-
- Apply ElevateCreateProcess Workaround (legacy behaviour)
-
-
-
- -
-
-
- When the global hotkey is pressed 3 times in short succession this exception will be ignored.
-
-
- Exclude this sandbox from being terminated when "Terminate All Processes" is invoked.
-
-
-
- -
-
-
- Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues)
-
-
-
- -
-
-
- Use desktop object workaround for all processes
-
-
-
- -
-
-
- Qt::Vertical
-
-
-
- 20
- 40
-
-
-
-
- -
-
-
-
- true
- true
-
-
-
- Compatibility
-
-
-
- -
-
-
- Force usage of custom dummy Manifest files (legacy behaviour)
-
-
-
- -
-
-
- Emulate sandboxed window station for all processes
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 40
- 20
-
-
-
-
-
+
+ -
+
+
+ When the global hotkey is pressed 3 times in short succession this exception will be ignored.
+
+
+ Exclude this sandbox from being terminated when "Terminate All Processes" is invoked.
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Compatibility
+
+
+
+ -
+
+
+ Force usage of custom dummy Manifest files (legacy behaviour)
+
+
+
+ -
+
+
+ Apply ElevateCreateProcess Workaround (legacy behaviour)
+
+
+
+ -
+
+
+ Use desktop object workaround for all processes
+
+
+
+ -
+
+
+ Emulate sandboxed window station for all processes
+
+
+
+ -
+
+
+ Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues)
+
+
+
+ -
+
+
+ Restart force process before they begin to execute
+
+
+
+ -
+
+
+ Qt::Vertical
+
+
+
+ 20
+ 263
+
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 667
+ 20
+
+
+
@@ -5076,8 +5091,8 @@ instead of "*".
0
0
- 98
- 28
+ 75
+ 16
diff --git a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
index a726d435..c1488674 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@@ -30,6 +30,8 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkOpenCOM, SIGNAL(clicked(bool)), this, SLOT(OnOpenCOM()));
connect(ui.chkComTimeout, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
+ connect(ui.chkForceRestart, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
+
connect(ui.chkNoSecurityIsolation, SIGNAL(clicked(bool)), this, SLOT(OnIsolationChanged()));
connect(ui.chkNoSecurityFiltering, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@@ -39,7 +41,7 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkOpenLsaEndpoint, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkSbieLogon, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
-
+ connect(ui.chkCreateToken, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
m_AdvOptions.insert("UseWin32kHooks", SAdvOption{eSpec, QStringList() << "y" << "n", tr("Enable the use of win32 hooks for selected processes. Note: You need to enable win32k syscall hook support globally first.")});
m_AdvOptions.insert("EnableMiniDump", SAdvOption{eSpec, QStringList() << "y" << "n", tr("Enable crash dump creation in the sandbox folder")});
@@ -142,6 +144,8 @@ void COptionsWindow::LoadAdvanced()
ui.chkProtectSystem->setChecked(!m_pBox->GetBool("ExposeBoxedSystem", false));
ui.chkDropPrivileges->setChecked(m_pBox->GetBool("StripSystemPrivileges", true));
+ ui.chkForceRestart->setChecked(m_pBox->GetBool("ForceRestartAll", false));
+
CheckOpenCOM();
ui.chkComTimeout->setChecked(!m_pBox->GetBool("RpcMgmtSetComTimeout", true));
@@ -373,6 +377,8 @@ void COptionsWindow::SaveAdvanced()
WriteAdvancedCheck(ui.chkComTimeout, "RpcMgmtSetComTimeout", "n", "");
+ WriteAdvancedCheck(ui.chkForceRestart, "ForceRestartAll", "y", "");
+
WriteAdvancedCheck(ui.chkNoSecurityIsolation, "NoSecurityIsolation", "y", "");
WriteAdvancedCheck(ui.chkNoSecurityFiltering, "NoSecurityFiltering", "y", "");
@@ -426,6 +432,9 @@ void COptionsWindow::SaveAdvanced()
bool bGlobalSbieLogon = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("SandboxieLogon", false);
WriteAdvancedCheck(ui.chkSbieLogon, "SandboxieLogon", bGlobalSbieLogon ? "" : "y", bGlobalSbieLogon ? "n" : "");
+ bool bGlobalSandboxGroup = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("SandboxieAllGroup", false);
+ WriteAdvancedCheck(ui.chkCreateToken, "UseCreateToken", bGlobalSandboxGroup ? "" : "y", "");
+
SaveOptionList();
bool bGlobalNoMon = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("DisableResourceMonitor", false);
@@ -595,14 +604,16 @@ void COptionsWindow::UpdateBoxIsolation()
ui.chkNoOpenForBox->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
ui.chkSbieLogon->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
-
+ ui.chkCreateToken->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
if (ui.chkNoSecurityIsolation->isChecked()) {
ui.chkCloseForBox->setChecked(false);
ui.chkNoOpenForBox->setChecked(false);
ui.chkSbieLogon->setChecked(false);
+ ui.chkCreateToken->setChecked(false)
}
else {
ReadGlobalCheck(ui.chkSbieLogon, "SandboxieLogon", false);
+ ReadGlobalCheck(ui.chkCreateToken, "UseCreateToken", false);
}
}
From bdd96b9bcf8f8ff54e8d65a7b8c6b7ec11d4af26 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Sat, 22 Jun 2024 20:05:35 +0800
Subject: [PATCH 02/11] fix
---
SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
index c1488674..3811b5d9 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@@ -609,7 +609,7 @@ void COptionsWindow::UpdateBoxIsolation()
ui.chkCloseForBox->setChecked(false);
ui.chkNoOpenForBox->setChecked(false);
ui.chkSbieLogon->setChecked(false);
- ui.chkCreateToken->setChecked(false)
+ ui.chkCreateToken->setChecked(false);
}
else {
ReadGlobalCheck(ui.chkSbieLogon, "SandboxieLogon", false);
From fef278ad760a596ff677b0c1d829aefc4ac52f14 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Sat, 22 Jun 2024 21:54:40 +0800
Subject: [PATCH 03/11] Update CHANGELOG.md
---
CHANGELOG.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3c2f3511..e9b84357 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -26,6 +26,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- added RPC Port message filter mechanism to block unsafe RDP calls via the driver [#3930](https://github.com/sandboxie-plus/Sandboxie/issues/3930)
- Usage: "RpcPortFilter=Port,ID,Label" label is optional
- added "Job Object" Options page to colelct all job object related options
+- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow.
### Changed
- Extend "Temp Template" to make it could delete local template section.
From 721f2da0320affcd0656aac75b99d8e8742d5f0c Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Mon, 1 Jul 2024 18:43:06 +0800
Subject: [PATCH 04/11] 1.14.3
---
SandboxiePlus/QSbieAPI/SbieUtils.cpp | 36 +++++++++++++++++++
SandboxiePlus/QSbieAPI/SbieUtils.h | 4 +++
SandboxiePlus/SandMan/SandMan.cpp | 19 ++++++++++
.../SandMan/Windows/SettingsWindow.cpp | 14 ++++++--
SandboxiePlus/SandMan/main.cpp | 15 +++++++-
5 files changed, 85 insertions(+), 3 deletions(-)
diff --git a/SandboxiePlus/QSbieAPI/SbieUtils.cpp b/SandboxiePlus/QSbieAPI/SbieUtils.cpp
index 0466b92c..f176148d 100644
--- a/SandboxiePlus/QSbieAPI/SbieUtils.cpp
+++ b/SandboxiePlus/QSbieAPI/SbieUtils.cpp
@@ -487,6 +487,42 @@ void CSbieUtils::RemoveContextMenu2()
RegDeleteTreeW(HKEY_CURRENT_USER, L"software\\classes\\*\\shell\\unbox");
}
+bool CSbieUtils::HasContextMenu3()
+{
+ const wchar_t* key = L"Software\\Classes\\*\\shell\\addforce\\command";
+ const wchar_t* key2 = L"Software\\Classes\\*\\folder\\addforce\\command";
+ HKEY hkey;
+ LONG rc = RegOpenKeyEx(HKEY_CURRENT_USER, key, 0, KEY_READ, &hkey);
+ if (rc != 0)
+ return false;
+
+ RegCloseKey(hkey);
+
+
+ rc = RegOpenKeyEx(HKEY_CURRENT_USER, key2, 0, KEY_READ, &hkey);
+ if (rc != 0)
+ return false;
+
+ RegCloseKey(hkey);
+
+ return true;
+}
+
+void CSbieUtils::AddContextMenu3(const QString& StartPath, const QString& RunStr, const QString& IconPath)
+{
+ std::wstring start_path = L"\"" + StartPath.toStdWString() + L"\"";
+ std::wstring icon_path = L"\"" + (IconPath.isEmpty() ? StartPath : IconPath).toStdWString() + L"\"";
+
+ CreateShellEntry(L"*", L"addforce", RunStr.toStdWString(), icon_path, start_path + L" /add_force \"%1\" %*");
+ CreateShellEntry(L"Folder", L"addforce", RunStr.toStdWString(), icon_path, start_path + L" /add_force \"%1\" %*");
+}
+
+void CSbieUtils::RemoveContextMenu3()
+{
+ RegDeleteTreeW(HKEY_CURRENT_USER, L"software\\classes\\*\\shell\\addforce");
+ RegDeleteTreeW(HKEY_CURRENT_USER, L"software\\classes\\folder\\shell\\addforce");
+}
+
//////////////////////////////////////////////////////////////////////////////
// Shortcuts
diff --git a/SandboxiePlus/QSbieAPI/SbieUtils.h b/SandboxiePlus/QSbieAPI/SbieUtils.h
index c0c38933..c3e858f7 100644
--- a/SandboxiePlus/QSbieAPI/SbieUtils.h
+++ b/SandboxiePlus/QSbieAPI/SbieUtils.h
@@ -36,6 +36,10 @@ public:
static void AddContextMenu2(const QString& StartPath, const QString& RunStr, const QString& IconPath = QString());
static void RemoveContextMenu2();
+ static bool HasContextMenu3();
+ static void AddContextMenu3(const QString& StartPath, const QString& RunStr, const QString& IconPath = QString());
+ static void RemoveContextMenu3();
+
static bool CreateShortcut(const QString& StartExe, QString LinkPath, const QString &LinkName, const QString &boxname, const QString &arguments, const QString &iconPath = QString(), int iconIndex = 0, const QString &workdir = QString(), bool bRunElevated = false);
static bool GetStartMenuShortcut(class CSbieAPI* pApi, QString &BoxName, QString &LinkPath, QString &IconPath, quint32& IconIndex, QString &WorkDir);
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index 4e7937e9..890c2ed5 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -1636,6 +1636,25 @@ void CSandMan::OnMessage(const QString& MsgData)
setWindowState(Qt::WindowActive);
SetForegroundWindow(MainWndHandle);
}
+ else if (Message.left(4) == "Add:")
+ {
+
+
+ QString respone = QInputDialog::getText(g_GUIParent, tr("Which box you want to add in?"), tr("Type the box name which you are going to set:"));
+ if(!respone.isEmpty())
+ {
+ if (theAPI->GetBoxByName(respone) != NULL) {
+ if (Message.right(1)=="\\"||!Message.contains(".", Qt::CaseInsensitive)) {
+ theAPI->GetBoxByName(respone)->AppendText("ForceFolder", Message.mid(4));
+ }
+ else {
+ theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4));
+
+ }
+ }
+ }
+
+ }
else if (Message.left(4) == "Run:")
{
QString BoxName;
diff --git a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
index 91700bd7..c2f98f8e 100644
--- a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
+++ b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
@@ -331,7 +331,8 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
connect(ui.chkShellMenu, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.chkAlwaysDefault, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.chkShellMenu2, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
-
+ connect(ui.chkShellMenu3, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
+
connect(ui.chkScanMenu, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbIntegrateMenu, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
connect(ui.cmbIntegrateDesk, SIGNAL(currentIndexChanged(int)), this, SLOT(OnOptChanged()));
@@ -891,6 +892,7 @@ void CSettingsWindow::LoadSettings()
ui.chkShellMenu->setCheckState(IsContextMenu());
ui.chkShellMenu2->setChecked(CSbieUtils::HasContextMenu2());
+ ui.chkShellMenu3->setChecked(CSbieUtils::HasContextMenu3());
ui.chkAlwaysDefault->setChecked(theConf->GetBool("Options/RunInDefaultBox", false));
ui.cmbDPI->setCurrentIndex(theConf->GetInt("Options/DPIScaling", 1));
@@ -1598,7 +1600,15 @@ void CSettingsWindow::SaveSettings()
} else
CSbieUtils::RemoveContextMenu2();
}
-
+ if (ui.chkShellMenu3->isChecked() != CSbieUtils::HasContextMenu3()) {
+ if (ui.chkShellMenu3->isChecked()) {
+ CSbieUtils::AddContextMenu3(QApplication::applicationDirPath().replace("/", "\\") + "\\SandMan.exe",
+ tr("Make Folder/File &Forced"),
+ QApplication::applicationDirPath().replace("/", "\\") + "\\Start.exe");
+ }
+ else
+ CSbieUtils::RemoveContextMenu3();
+ }
theConf->SetValue("Options/RunInDefaultBox", ui.chkAlwaysDefault->isChecked());
theConf->SetValue("Options/CheckSilentMode", ui.chkSilentMode->isChecked());
diff --git a/SandboxiePlus/SandMan/main.cpp b/SandboxiePlus/SandMan/main.cpp
index ce5d1baa..6d1f88c2 100644
--- a/SandboxiePlus/SandMan/main.cpp
+++ b/SandboxiePlus/SandMan/main.cpp
@@ -111,7 +111,14 @@ int main(int argc, char *argv[])
}
}
int DfpPos = Args.indexOf("/disable_force", Qt::CaseInsensitive);
- // the first argument wins
+ int AfpPos = Args.indexOf("/add_force", Qt::CaseInsensitive);
+
+ //Add_Force has the highest priority.
+ if (AfpPos != -1) {
+ DfpPos = -1;
+ BoxPos = -1;
+ }else
+ // the first argument wins
if (BoxPos != -1 && DfpPos != -1) {
if (BoxPos < DfpPos) DfpPos = -1;
else BoxPos = -1;
@@ -158,7 +165,13 @@ int main(int argc, char *argv[])
g_PendingMessage += "\nIn:*DFP*";
}
+ if (AfpPos != -1) {
+ LPWSTR cmdLine0 = wcsstr(GetCommandLineW(), L"/add_force");
+ if (!cmdLine0) return -1;
+ LPWSTR cmdLine = cmdLine0 + 10;
+ g_PendingMessage = "Add:" + QString::fromWCharArray(cmdLine + 1);
+ }
if (IsBoxed) {
QMessageBox::critical(NULL, "Sandboxie-Plus", CSandMan::tr("Sandboxie Manager can not be run sandboxed!"));
From 3a25dc6b114aa883b44f9cab33da760dcb262638 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Mon, 1 Jul 2024 18:51:03 +0800
Subject: [PATCH 05/11] Add warning
---
SandboxiePlus/SandMan/SandMan.cpp | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index 890c2ed5..e60189cc 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -1652,8 +1652,13 @@ void CSandMan::OnMessage(const QString& MsgData)
}
}
+ else {
+ QMessageBox::warning(g_GUIParent, tr("Sandboxie-Plus Warning"), tr("You typed a wrong box name!Nothing was changed."), QMessageBox::Ok, 0);
+ }
+ }
+ else {
+ QMessageBox::warning(g_GUIParent, tr("Sandboxie-Plus Warning"), tr("Users canceled this operation."), QMessageBox::Yes, 0);
}
-
}
else if (Message.left(4) == "Run:")
{
From 73cf3a52d0dae2e6259c762edf0664cd223882cb Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Mon, 1 Jul 2024 18:53:34 +0800
Subject: [PATCH 06/11] Update CHANGELOG.md
---
CHANGELOG.md | 2 ++
1 file changed, 2 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e9b84357..4ab048d3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- Usage: "RpcPortFilter=Port,ID,Label" label is optional
- added "Job Object" Options page to colelct all job object related options
- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow.
+- added a optional context menu option to make folder/file forced quickly.
+ - You can also use "Sandman.exe /add_force program_path" to do it.
### Changed
- Extend "Temp Template" to make it could delete local template section.
From 3f67d63696c2770631bef7937904d49e0a71acde Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Mon, 1 Jul 2024 18:58:14 +0800
Subject: [PATCH 07/11] Fix
---
SandboxiePlus/SandMan/Forms/SettingsWindow.ui | 375 +++++++++---------
1 file changed, 189 insertions(+), 186 deletions(-)
diff --git a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
index 5adf1103..07c9ee6b 100644
--- a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
@@ -6,8 +6,8 @@
0
0
- 747
- 524
+ 820
+ 565
@@ -455,191 +455,194 @@
Windows Shell
-
+
-
-
-
-
-
-
- Qt::Horizontal
-
-
-
- 40
- 0
-
-
-
-
- -
-
-
- Integrate with Host Start Menu
-
-
- Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
-
-
- true
-
-
-
- -
-
-
- Add 'Run Sandboxed' to the explorer context menu
-
-
-
- -
-
-
- Add 'Run Un-Sandboxed' to the context menu
-
-
-
- -
-
-
- Always use DefaultBox
-
-
-
- -
-
-
- -
-
-
- Integrate with Host Desktop
-
-
- Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
-
-
- true
-
-
-
- -
-
-
- Start UI when a sandboxed process is started
-
-
-
- -
-
-
- Scan shell folders and offer links in run menu
-
-
-
- -
-
-
- -
-
-
- Start UI with Windows
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 40
- 20
-
-
-
-
- -
-
-
-
- 75
- true
- true
-
-
-
- Start Menu Integration
-
-
-
- -
-
-
- Qt::Horizontal
-
-
-
- 40
- 20
-
-
-
-
- -
-
-
- Qt::Vertical
-
-
-
- 20
- 0
-
-
-
-
- -
-
-
-
- 20
- 16777215
-
-
-
-
-
-
-
- -
-
-
-
- 75
- true
- true
-
-
-
- Start Sandbox Manager
-
-
-
- -
-
-
-
- 75
- true
- true
-
-
-
- Run Sandboxed - Actions
-
-
-
-
+
+
+
+ 75
+ true
+ true
+
+
+
+ Start Sandbox Manager
+
+
+
+ -
+
+
+ Start UI with Windows
+
+
+
+ -
+
+
+ Start UI when a sandboxed process is started
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Run Sandboxed - Actions
+
+
+
+ -
+
+
+
+ 20
+ 16777215
+
+
+
+
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 272
+ 20
+
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 272
+ 20
+
+
+
+
+ -
+
+
+ Add 'Run Sandboxed' to the explorer context menu
+
+
+
+ -
+
+
+ Always use DefaultBox
+
+
+
+ -
+
+
+ Add 'Run Un-Sandboxed' to the context menu
+
+
+
+ -
+
+
+ Add ‘Make Folder/File Forced' to the context menu
+
+
+
+ -
+
+
+
+ 75
+ true
+ true
+
+
+
+ Start Menu Integration
+
+
+
+ -
+
+
+ Scan shell folders and offer links in run menu
+
+
+
+ -
+
+
+ Integrate with Host Start Menu
+
+
+ Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
+
+
+ true
+
+
+
+ -
+
+
+ -
+
+
+ Integrate with Host Desktop
+
+
+ Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
+
+
+ true
+
+
+
+ -
+
+
+ -
+
+
+ Qt::Vertical
+
+
+
+ 20
+ 154
+
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 272
+ 13
+
+
+
From 88c9d4fe321e0bd770c53bd0eae700f3e372cd10 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Mon, 1 Jul 2024 20:13:02 +0800
Subject: [PATCH 08/11] Fix
---
SandboxiePlus/SandMan/SandMan.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index e60189cc..12f28f15 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -1645,10 +1645,10 @@ void CSandMan::OnMessage(const QString& MsgData)
{
if (theAPI->GetBoxByName(respone) != NULL) {
if (Message.right(1)=="\\"||!Message.contains(".", Qt::CaseInsensitive)) {
- theAPI->GetBoxByName(respone)->AppendText("ForceFolder", Message.mid(4));
+ theAPI->GetBoxByName(respone)->AppendText("ForceFolder", Message.mid(4).replace("\"",""));
}
else {
- theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4));
+ theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4).replace("\"", "").mid(Message.lastIndexOf("/")));
}
}
From 72d1510517f389bd2afb1b254c86b9a80fdfd5c1 Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Tue, 2 Jul 2024 08:55:02 +0800
Subject: [PATCH 09/11] 1.14.3
---
SandboxiePlus/QSbieAPI/SbieUtils.cpp | 8 ++++----
SandboxiePlus/SandMan/SandMan.cpp | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/SandboxiePlus/QSbieAPI/SbieUtils.cpp b/SandboxiePlus/QSbieAPI/SbieUtils.cpp
index f176148d..5f389338 100644
--- a/SandboxiePlus/QSbieAPI/SbieUtils.cpp
+++ b/SandboxiePlus/QSbieAPI/SbieUtils.cpp
@@ -490,8 +490,8 @@ void CSbieUtils::RemoveContextMenu2()
bool CSbieUtils::HasContextMenu3()
{
const wchar_t* key = L"Software\\Classes\\*\\shell\\addforce\\command";
- const wchar_t* key2 = L"Software\\Classes\\*\\folder\\addforce\\command";
- HKEY hkey;
+ //const wchar_t* key2 = L"Software\\Classes\\*\\Folder\\addforce\\command";
+ HKEY hkey,hKey2;
LONG rc = RegOpenKeyEx(HKEY_CURRENT_USER, key, 0, KEY_READ, &hkey);
if (rc != 0)
return false;
@@ -499,11 +499,11 @@ bool CSbieUtils::HasContextMenu3()
RegCloseKey(hkey);
- rc = RegOpenKeyEx(HKEY_CURRENT_USER, key2, 0, KEY_READ, &hkey);
+ /*rc = RegOpenKeyEx(HKEY_CURRENT_USER, key2, 0, KEY_READ, &hkey2);
if (rc != 0)
return false;
- RegCloseKey(hkey);
+ RegCloseKey(hkey2);*/
return true;
}
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index 12f28f15..cf58c164 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -1648,7 +1648,7 @@ void CSandMan::OnMessage(const QString& MsgData)
theAPI->GetBoxByName(respone)->AppendText("ForceFolder", Message.mid(4).replace("\"",""));
}
else {
- theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4).replace("\"", "").mid(Message.lastIndexOf("/")));
+ theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4).replace("\"", "").mid(Message.lastIndexOf("\\")));
}
}
From 57947197b6bba45e994780ad0110a37a438b995c Mon Sep 17 00:00:00 2001
From: love-code-yeyixiao <188240888@qq.com>
Date: Tue, 2 Jul 2024 09:18:01 +0800
Subject: [PATCH 10/11] 1.14.3
---
SandboxiePlus/SandMan/SandMan.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp
index cf58c164..fc68adc8 100644
--- a/SandboxiePlus/SandMan/SandMan.cpp
+++ b/SandboxiePlus/SandMan/SandMan.cpp
@@ -1648,7 +1648,7 @@ void CSandMan::OnMessage(const QString& MsgData)
theAPI->GetBoxByName(respone)->AppendText("ForceFolder", Message.mid(4).replace("\"",""));
}
else {
- theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4).replace("\"", "").mid(Message.lastIndexOf("\\")));
+ theAPI->GetBoxByName(respone)->AppendText("ForceProcess", Message.mid(4).replace("\"", "").mid(Message.mid(4).replace("\"", "").lastIndexOf("\\")+1));
}
}
From 831d472da828d9b1d81014fa67b3232077dfcdfb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=88=B1=E7=BC=96=E7=A8=8B=E7=9A=84=E5=8F=B6=E4=B8=80?=
=?UTF-8?q?=E7=AC=91?=
<92030377+love-code-yeyixiao@users.noreply.github.com>
Date: Wed, 3 Jul 2024 19:55:23 +0800
Subject: [PATCH 11/11] Update CHANGELOG.md
Co-Authored-By: isaak654
---
CHANGELOG.md | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f54a08ce..4e6e6874 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,15 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
+## [1.1x.x / 5.xx.x] - 2024-07-0x
+
+### Added
+- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow
+- added an optional context menu option to make folder/file forced quickly
+ - You can also use "Sandman.exe /add_force program_path" to do it
+
+
+
## [1.14.3 / 5.69.3] - 2024-07-01
### Changed
@@ -34,9 +43,6 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- added RPC Port message filter mechanism to block unsafe RDP calls via the driver [#3930](https://github.com/sandboxie-plus/Sandboxie/issues/3930)
- Usage: "RpcPortFilter=Port,ID,Label" label is optional
- added "Job Object" Options page to colelct all job object related options
-- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow.
-- added a optional context menu option to make folder/file forced quickly.
- - You can also use "Sandman.exe /add_force program_path" to do it.
### Changed
- Extend "Temp Template" to make it could delete local template section