diff --git a/SandboxiePlus/SandMan/SbiePlusAPI.cpp b/SandboxiePlus/SandMan/SbiePlusAPI.cpp index a8485b5a..17fb623b 100644 --- a/SandboxiePlus/SandMan/SbiePlusAPI.cpp +++ b/SandboxiePlus/SandMan/SbiePlusAPI.cpp @@ -125,6 +125,7 @@ CSandBoxPlus::CSandBoxPlus(const QString& BoxName, class CSbieAPI* pAPI) : CSand m_bPrivacyEnhanced = false; m_bApplicationCompartment = false; m_iUnsecureDebugging = 0; + m_bRootAccessOpen = false; m_TotalSize = theConf->GetValue("SizeCache/" + m_Name, -1).toLongLong(); @@ -147,8 +148,7 @@ void CSandBoxPlus::UpdateDetails() //m_bLogApiFound = GetTextList("OpenPipePath", false).contains("\\Device\\NamedPipe\\LogAPI"); m_bLogApiFound = false; QStringList InjectDlls = GetTextList("InjectDll", false); - foreach(const QString & InjectDll, InjectDlls) - { + foreach(const QString & InjectDll, InjectDlls) { if (InjectDll.contains("logapi", Qt::CaseInsensitive)) { m_bLogApiFound = true; break; @@ -156,15 +156,13 @@ void CSandBoxPlus::UpdateDetails() } m_bINetBlocked = false; - foreach(const QString& Entry, GetTextList("ClosedFilePath", false)) - { + foreach(const QString& Entry, GetTextList("ClosedFilePath", false)) { if (Entry == "!,InternetAccessDevices") { m_bINetBlocked = true; break; } } - foreach(const QString& Entry, GetTextList("AllowNetworkAccess", false)) - { + foreach(const QString& Entry, GetTextList("AllowNetworkAccess", false)) { if (Entry == "!,n") { m_bINetBlocked = true; break; @@ -176,6 +174,16 @@ void CSandBoxPlus::UpdateDetails() m_bDropRights = GetBool("DropAdminRights", false); + m_bRootAccessOpen = false; + foreach(const QString& Setting, QString("OpenFilePath|OpenKeyPath|OpenIpcPath").split("|")) { + foreach(const QString& Entry, GetTextList(Setting, false)) { + if (Entry == "*" || Entry == "\\") { + m_bRootAccessOpen = true; + break; + } + } + } + if (CheckUnsecureConfig()) m_iUnsecureDebugging = 1; else if(GetBool("ExposeBoxedSystem", false) || GetBool("UnrestrictedSCM", false) /*|| GetBool("RunServicesAsSystem", false)*/) @@ -298,7 +306,9 @@ QString CSandBoxPlus::GetStatusStr() const //if (m_IsEmpty) // Status.append(tr("Empty")); - if (m_bApplicationCompartment) + if (m_bRootAccessOpen) + Status.append(tr("OPEN Root Access")); + else if (m_bApplicationCompartment) Status.append(tr("Application Compartment")); else if (m_iUnsecureDebugging == 1) Status.append(tr("NOT SECURE")); @@ -326,6 +336,9 @@ QString CSandBoxPlus::GetStatusStr() const CSandBoxPlus::EBoxTypes CSandBoxPlus::GetTypeImpl() const { + if (m_bRootAccessOpen) + return eOpen; + if (m_bApplicationCompartment && m_bPrivacyEnhanced) return eAppBoxPlus; if (m_bApplicationCompartment) diff --git a/SandboxiePlus/SandMan/SbiePlusAPI.h b/SandboxiePlus/SandMan/SbiePlusAPI.h index db6957da..6e027deb 100644 --- a/SandboxiePlus/SandMan/SbiePlusAPI.h +++ b/SandboxiePlus/SandMan/SbiePlusAPI.h @@ -158,6 +158,7 @@ protected: bool m_bPrivacyEnhanced; bool m_bApplicationCompartment; int m_iUnsecureDebugging; + bool m_bRootAccessOpen; quint64 m_TotalSize;