mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Added ability to prevent image capture of windows in a sandbox.

This commit is contained in:
love-code-yeyixiao 2024-03-02 15:50:29 +08:00
parent ef9170b4ae
commit 5305777215
3 changed files with 205 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
Sandboxie/core/dll/gui.c
View File

@ -1629,6 +1629,8 @@ _FX LRESULT Gui_WindowProcA(
if (uMsg == WM_SETTEXT && Gui_ShouldCreateTitle(hWnd))
new_lParam = (LPARAM)Gui_CreateTitleA((UCHAR *)lParam);
if (uMsg == WM_CREATE)
ProtectScreen(hWnd);
else
new_lParam = lParam;
@ -2702,3 +2704,26 @@ _FX BOOLEAN ComDlg32_Init(HMODULE module)
return TRUE;
}
_FX VOID ProtectScreen(HWND hWnd) {
WCHAR buffer[BOXNAME_COUNT] = { L"\0" };
SbieApi_QueryProcess(GetCurrentProcess(), buffer, 0, 0, 0);
if (SbieApi_QueryConfBool(buffer, L"IsProtectScreen", FALSE)) {
OSVERSIONINFOEX os;
os.dwOSVersionInfoSize = sizeof(os);
if (GetVersionEx(&os))
{
if (os.dwMajorVersion == 6) {
HMODULE hDll = GetModuleHandleW(L"user32.dll");
if (hDll != NULL && hDll != INVALID_HANDLE_VALUE) {
typedef BOOL(*LPSETWINDOWDISPLAYAFFINITY)(HWND, DWORD);
LPSETWINDOWDISPLAYAFFINITY swda = GetProcAddress(hDll, "SetWindowDisplayAffinity");
if (swda) {
swda(hWnd, 0x00000001);
}
}
}
}
}
}

349
SandboxiePlus/SandMan/Forms/OptionsWindow.ui
View File

@ -45,7 +45,7 @@
<enum>QTabWidget::North</enum>
</property>
<property name="currentIndex">
<number>10</number>
<number>1</number>
</property>
<widget class="QWidget" name="tabGeneral">
<attribute name="title">
@ -1004,7 +1004,7 @@
<item row="0" column="0">
<widget class="QTabWidget" name="tabsSecurity">
<property name="currentIndex">
<number>0</number>
<number>2</number>
</property>
<widget class="QWidget" name="tabHarden">
<attribute name="title">
@ -1346,176 +1346,179 @@
<attribute name="title">
<string>Box Protection</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_83">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_82">
<item row="1" column="2">
<spacer name="horizontalSpacer_19">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="7" column="3">
<widget class="QPushButton" name="btnHostProcessDeny">
<property name="text">
<string>Deny Process</string>
</property>
</widget>
</item>
<item row="8" column="3">
<spacer name="verticalSpacer_31">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="10" column="3">
<widget class="QPushButton" name="btnDelHostProcess">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="11" column="0" colspan="4">
<widget class="QCheckBox" name="chkNotifyProtect">
<property name="text">
<string>Issue message 1318/1317 when a host process tries to access a sandboxed process/the box root</string>
</property>
</widget>
</item>
<item row="6" column="0" rowspan="5" colspan="3">
<widget class="QTreeWidget" name="treeHostProc">
<property name="sortingEnabled">
<bool>true</bool>
</property>
<column>
<property name="text">
<string>Process</string>
</property>
</column>
<column>
<property name="text">
<string>Action</string>
</property>
</column>
<column>
<property name="text">
<string/>
</property>
</column>
</widget>
</item>
<item row="4" column="3">
<spacer name="verticalSpacer_40">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="9" column="3">
<widget class="QCheckBox" name="chkShowHostProcTmpl">
<property name="text">
<string>Show Templates</string>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="lblBoxProtection">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="toolTip">
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Box Protection</string>
</property>
</widget>
</item>
<item row="0" column="0" colspan="4">
<widget class="QLabel" name="label_52">
<property name="text">
<string>Sandboxie-Plus is able to create confidential sandboxes that provide robust protection against unauthorized surveillance or tampering by host processes. By utilizing an encrypted sandbox image, this feature delivers the highest level of operational confidentiality, ensuring the safety and integrity of sandboxed processes.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="6" column="3">
<widget class="QPushButton" name="btnHostProcessAllow">
<property name="text">
<string>Allow Process</string>
</property>
</widget>
</item>
<item row="5" column="0" colspan="3">
<widget class="QLabel" name="label_5">
<property name="text">
<string>Protect processes in this box from being accessed by specified unsandboxed host processes.</string>
</property>
<property name="wordWrap">
<bool>false</bool>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QLabel" name="label_47">
<property name="minimumSize">
<size>
<width>20</width>
<height>0</height>
</size>
</property>
<property name="maximumSize">
<size>
<width>20</width>
<height>16777215</height>
</size>
</property>
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="3" column="2" colspan="2">
<widget class="QCheckBox" name="chkLessConfidential">
<property name="text">
<string>Allow useful Windows processes access to protected processes</string>
</property>
</widget>
</item>
<item row="2" column="1" colspan="3">
<widget class="QCheckBox" name="chkConfidential">
<property name="text">
<string>Protect processes within this box from host processes</string>
</property>
</widget>
</item>
</layout>
<layout class="QGridLayout" name="gridLayout_15">
<item row="0" column="0" colspan="4">
<widget class="QLabel" name="label_52">
<property name="text">
<string>Sandboxie-Plus is able to create confidential sandboxes that provide robust protection against unauthorized surveillance or tampering by host processes. By utilizing an encrypted sandbox image, this feature delivers the highest level of operational confidentiality, ensuring the safety and integrity of sandboxed processes.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="2" column="1" colspan="2">
<widget class="QCheckBox" name="chkConfidential">
<property name="text">
<string>Protect processes within this box from host processes</string>
</property>
</widget>
</item>
<item row="7" column="3">
<widget class="QPushButton" name="btnHostProcessDeny">
<property name="text">
<string>Deny Process</string>
</property>
</widget>
</item>
<item row="11" column="0" colspan="3">
<widget class="QCheckBox" name="chkNotifyProtect">
<property name="text">
<string>Issue message 1318/1317 when a host process tries to access a sandboxed process/the box root</string>
</property>
</widget>
</item>
<item row="3" column="2">
<widget class="QCheckBox" name="chkLessConfidential">
<property name="text">
<string>Allow useful Windows processes access to protected processes</string>
</property>
</widget>
</item>
<item row="1" column="2">
<spacer name="horizontalSpacer_19">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>471</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="4" column="3">
<spacer name="verticalSpacer_40">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="8" column="3">
<spacer name="verticalSpacer_31">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>76</height>
</size>
</property>
</spacer>
</item>
<item row="10" column="3">
<widget class="QPushButton" name="btnDelHostProcess">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="6" column="3">
<widget class="QPushButton" name="btnHostProcessAllow">
<property name="text">
<string>Allow Process</string>
</property>
</widget>
</item>
<item row="5" column="0" colspan="3">
<widget class="QLabel" name="label_5">
<property name="text">
<string>Protect processes in this box from being accessed by specified unsandboxed host processes.</string>
</property>
<property name="wordWrap">
<bool>false</bool>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QLabel" name="label_47">
<property name="minimumSize">
<size>
<width>20</width>
<height>0</height>
</size>
</property>
<property name="maximumSize">
<size>
<width>20</width>
<height>16777215</height>
</size>
</property>
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="9" column="3">
<widget class="QCheckBox" name="chkShowHostProcTmpl">
<property name="text">
<string>Show Templates</string>
</property>
</widget>
</item>
<item row="6" column="0" rowspan="5" colspan="3">
<widget class="QTreeWidget" name="treeHostProc">
<property name="sortingEnabled">
<bool>true</bool>
</property>
<column>
<property name="text">
<string>Process</string>
</property>
</column>
<column>
<property name="text">
<string>Action</string>
</property>
</column>
<column>
<property name="text">
<string/>
</property>
</column>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="lblBoxProtection">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="toolTip">
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Box Protection</string>
</property>
</widget>
</item>
<item row="4" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectWindow">
<property name="text">
<string>Prevents getting an image of the window in the sandbox.</string>
</property>
</widget>
</item>
</layout>
</widget>
@ -4505,7 +4508,7 @@ instead of &quot;*&quot;.</string>
<rect>
<x>0</x>
<y>0</y>
<width>92</width>
<width>75</width>
<height>16</height>
</rect>
</property>

4
SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
View File

@ -104,6 +104,7 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkShowHostProcTmpl, SIGNAL(clicked(bool)), this, SLOT(OnShowHostProcTmpl()));
connect(ui.chkConfidential, SIGNAL(clicked(bool)), this, SLOT(OnConfidentialChanged()));
connect(ui.chkLessConfidential, SIGNAL(clicked(bool)), this, SLOT(OnLessConfidentialChanged()));
connect(ui.chkProtectWindow, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkNotifyProtect, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.treeInjectDll, SIGNAL(itemChanged(QTreeWidgetItem *, int)), this, SLOT(OnToggleInjectDll(QTreeWidgetItem *, int)));
@ -260,6 +261,7 @@ void COptionsWindow::LoadAdvanced()
ui.chkLessConfidential->setChecked(m_BoxTemplates.contains("LessConfidentialBox"));
ui.chkNotifyProtect->setChecked(m_pBox->GetBool("NotifyBoxProtected", false));
ui.chkProtectWindow->setChecked(m_pBox->GetBool("IsProtectScreen"));
QStringList Users = m_pBox->GetText("Enabled").split(",");
ui.lstUsers->clear();
@ -463,6 +465,8 @@ void COptionsWindow::SaveAdvanced()
WriteAdvancedCheck(ui.chkConfidential, "ConfidentialBox", "y", "");
WriteAdvancedCheck(ui.chkNotifyProtect, "NotifyBoxProtected", "y", "");
WriteAdvancedCheck(ui.chkProtectWindow, "IsProtectScreen", "y", "n");
QStringList Users;
for (int i = 0; i < ui.lstUsers->count(); i++)
Users.append(ui.lstUsers->item(i)->text());