diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index aa3ea12b..4db43560 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -73,6 +73,7 @@ jobs: echo 'tigether->together' >> dictionary.txt echo 'auxyliary->auxiliary' >> dictionary.txt echo 'squating->squatting' >> dictionary.txt + echo 'suppoter->supporter' >> dictionary.txt # Only lowercase letters are allowed in --ignore-words-list codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \ --ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage" \ diff --git a/CHANGELOG.md b/CHANGELOG.md index 6621ef35..f10382f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -48,7 +48,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). - fixed updater sometimes failing to create a temporary directory [#2615](https://github.com/sandboxie-plus/Sandboxie/issues/2615) - fixed issue with snapshot removal [#2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663) - fixed issue with symbolic links [#2606](https://github.com/sandboxie-plus/Sandboxie/issues/2606) -- fixed issues with app container-based isolation, app container tokens are now dropped by default +- fixed issues with AppContainer isolation, app container tokens are now dropped by default -- Note: this behaviour can be disabled with 'DropAppContainerTokens=program.exe,n' diff --git a/Sandboxie/common/pattern.c b/Sandboxie/common/pattern.c index 61ed40d5..98c38360 100644 --- a/Sandboxie/common/pattern.c +++ b/Sandboxie/common/pattern.c @@ -716,8 +716,8 @@ _FX BOOLEAN Pattern_MatchPathListEx(WCHAR *path_lwr, ULONG path_len, LIST *list, cur_len = Pattern_MatchPathList(path_lwr, path_len, list, &cur_level, &cur_flags, &cur_wildc, &cur_patsrc); if (cur_level <= *plevel && ( ((*pflags & MATCH_FLAG_EXACT) == 0 && (cur_flags & MATCH_FLAG_EXACT) != 0) || // an exact match overrules any non exact match - ((*pflags & MATCH_FLAG_AUX) != 0 && (cur_flags & MATCH_FLAG_AUX) == 0) || // a rule with a primary match overrules auxyliary matches - (cur_len > *pmatch_len) || // the longer the match the mroe specific teh rule, hence the highest priority it has + ((*pflags & MATCH_FLAG_AUX) != 0 && (cur_flags & MATCH_FLAG_AUX) == 0) || // a rule with a primary match overrules auxiliary matches + (cur_len > *pmatch_len) || // the longer the match, the more specific the rule and thus the higher its priority ((cur_len == *pmatch_len && cur_len > 0) && (cur_wildc < *pwildc)) // given the same match length, a rule with less wildcards wins )) { *plevel = cur_level; diff --git a/Sandboxie/core/dll/proc.c b/Sandboxie/core/dll/proc.c index d78a9f21..8a0000ba 100644 --- a/Sandboxie/core/dll/proc.c +++ b/Sandboxie/core/dll/proc.c @@ -441,10 +441,10 @@ _FX BOOLEAN Proc_Init(void) } // - // When not in Compartment mode, windows AppContainer isolation is not supported + // When not in Compartment mode, Windows AppContainer isolation is not supported // hook the CreateAppContainerToken and return a regular token - // we hook CreateAppContainerToken rather then NtCreateLowBoxToken - // as we dont what CreateAppContainerToken to fail when + // we hook CreateAppContainerToken rather than NtCreateLowBoxToken + // as we don't want CreateAppContainerToken to fail when // \Sessions\*\AppContainerNamedObjects\* is not open // diff --git a/Sandboxie/core/drv/ipc.c b/Sandboxie/core/drv/ipc.c index eab70938..33bed7f2 100644 --- a/Sandboxie/core/drv/ipc.c +++ b/Sandboxie/core/drv/ipc.c @@ -1086,8 +1086,8 @@ _FX NTSTATUS Ipc_CheckGenericObject( // // we only enforce CreateDirectoryObject/CreateDirectoryObjectEx // - // it seams that named object creation always does an additional access check - // regardless of what access is granted on the root handle so + // it seems that named object creation always does an additional access check + // regardless of what access is granted on the root handle // ACCESS_MASK RestrictedAccess = DELETE | WRITE_OWNER | WRITE_DAC; diff --git a/Sandboxie/install/Templates.ini b/Sandboxie/install/Templates.ini index 925ce437..a1bf005a 100644 --- a/Sandboxie/install/Templates.ini +++ b/Sandboxie/install/Templates.ini @@ -174,7 +174,7 @@ OpenIpcPath=\Security\LSA_AUTHENTICATION_INITIALIZED OpenIpcPath=\LsaAuthenticationPort OpenIpcPath=\NlsCacheMutant OpenIpcPath=\KernelObjects\* -# misc services +# miscellaneous services OpenIpcPath=\NLAPublicPort OpenIpcPath=\RPC Control\nlaapi OpenIpcPath=\RPC Control\tapsrvlpc @@ -200,7 +200,7 @@ OpenIpcPath=*\BaseNamedObjects*\MSUIM.* OpenIpcPath=*\BaseNamedObjects*\CtfmonInstMutex* OpenIpcPath=*\BaseNamedObjects*\CiceroSharedMemDefault* OpenIpcPath=*\BaseNamedObjects*\CicLoadWinStaWinSta* -# sysinternals dbgview +# Sysinternals DebugView (dbgview) OpenIpcPath=*\BaseNamedObjects*\DBWinMutex OpenIpcPath=*\BaseNamedObjects*\DBWIN_BUFFER OpenIpcPath=*\BaseNamedObjects*\DBWIN_BUFFER_READY @@ -232,34 +232,34 @@ OpenIpcPath=*\BaseNamedObjects*\D3D9CheckFullscreenSemaphore OpenIpcPath=*\BaseNamedObjects*\WinMMConsoleAudioEvent # AudioDg OpenIpcPath=*\BaseNamedObjects*\SYSTEM_AUDIO_STREAM_* +# multimedia (Vista) +OpenIpcPath=\MmcssApiPort +OpenIpcPath=\RPC Control\AudioClientRpc # following resource is needed on Windows Vista and later, # but also provided by the SRS Audio Sandbox program OpenIpcPath=*\BaseNamedObjects*\AudioEngineDuplicateHandleApiPort* -# nComputing audio server/driver ? +# NComputing audio server/driver ? OpenIpcPath=\RPC Control\NCWTSAudioServer # printer OpenIpcPath=\RPC Control\spoolss OpenIpcPath=*\BaseNamedObjects*\EPSON-PrgMtr-* OpenIpcPath=*\BaseNamedObjects*\RouterPreInitEvent -# sandboxie service +# Sandboxie service OpenIpcPath=\RPC Control\SbieSvcPort OpenIpcPath=*\BaseNamedObjects*\Sandboxie_StartMenu_WorkArea_* # objects in an unnamed directory OpenIpcPath=\...\* -# misc services (vista) +# miscellaneous services (Vista) # licensing OpenIpcPath=\RPC Control\SLCTransportEndpoint-* # parental controls OpenIpcPath=\RPC Control\wpcsvc -#firewall +# Windows Firewall OpenIpcPath=*\BaseNamedObjects*\BFE_Notify_Event_* -# multimedia (vista) +# Windows Aero OpenIpcPath=\UxSmsApiPort -OpenIpcPath=\MmcssApiPort -# aero OpenIpcPath=*\BaseNamedObjects*\Dwm-*-ApiPort-* OpenIpcPath=*\BaseNamedObjects*\DwmDxBltEvent* -OpenIpcPath=\RPC Control\AudioClientRpc # _WIN64 # 64-bit spooler for 32-bit programs OpenIpcPath=*\BaseNamedObjects*\WinSpl64To32Mutex*_0 @@ -278,7 +278,7 @@ OpenIpcPath=\RPC Control\umpo OpenIpcPath=*\BaseNamedObjects*\FlipEx* OpenIpcPath=*\BaseNamedObjects*\FontCachePort OpenIpcPath=*\BaseNamedObjects*\FntCache-* -# windows8 +# Windows 8 OpenIpcPath=\Windows\Theme* OpenIpcPath=\Sessions\*\Windows\Theme* OpenIpcPath=\Sessions\*\Windows\DwmApiPort @@ -289,10 +289,10 @@ OpenIpcPath=*\BaseNamedObjects*\WinSpl64To32Mutex*_2000 OpenIpcPath=\RPC Control\splwow64_*_2000 OpenIpcPath=\RPC Control\umpdproxy_*_2000 # -# windows10 +# Windows 10 OpenIpcPath=*\BaseNamedObjects*\CoreMessagingRegistrar OpenIpcPath=*\BaseNamedObjects\[CoreUI]-* -# open paths 11 +# open paths Windows 11 # 22449.1000 accesses this before sbiedll load OpenIpcPath=*\BaseNamedObjects\SM*:WilStaging_* # _M_ARM64 22621.819 used by emulated processes @@ -311,7 +311,7 @@ OpenWinClass=PrintTray_Notify_WndClass OpenWinClass=CicLoaderWndClass OpenWinClass=CicMarshalWndClass OpenWinClass=Credential Dialog Xaml Host -# windows 7 +# Windows 7 OpenWinClass=Sandbox:*:ConsoleWindowClass OpenWinClass=MSTaskSwWClass @@ -353,7 +353,7 @@ OpenWinClass=devldr # # Network access rules -# depending on preset either the "Open" or the "Close" directives are applied +# depending on the preset, either the "Open" or the "Close" directives are applied # [TemplateNetworkPaths] @@ -407,7 +407,7 @@ NormalFilePath=\Device\KsecDD NormalFilePath=\Device\MountPointManager NormalFilePath=\Device\Ndis NormalFilePath=\Device\PcwDrv -#Smart App Control +# Smart App Control NormalFilePath=\Device\SrpDevice # diff --git a/Sandboxie/msgs/Text-Russian-1049.txt b/Sandboxie/msgs/Text-Russian-1049.txt index 9a5034a2..d86d76fd 100644 --- a/Sandboxie/msgs/Text-Russian-1049.txt +++ b/Sandboxie/msgs/Text-Russian-1049.txt @@ -3890,7 +3890,7 @@ Sandboxie без действительного сертификата подд . 7990;txt;01 -Пожалуйста, скопируйте весь сертификат Suppoter в буфер обмена и нажмите OK. +Пожалуйста, скопируйте весь сертификат Supporter в буфер обмена и нажмите OK. . 7991;txt;01 diff --git a/Sandboxie/msgs/Text-SimpChinese-2052.txt b/Sandboxie/msgs/Text-SimpChinese-2052.txt index 2e622009..6d1de170 100644 --- a/Sandboxie/msgs/Text-SimpChinese-2052.txt +++ b/Sandboxie/msgs/Text-SimpChinese-2052.txt @@ -3849,7 +3849,7 @@ Sandboxie 的默认设置已经提供了完整的防护,您也可以从 Sandbo . 7990;txt;01 -请将整个 Suppoter 凭据复制到剪贴板上,然后按 OK。 +请将整个 Supporter 凭据复制到剪贴板上,然后按 OK。 . 7991;txt;01