diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 34e9e937..92e7b500 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -125,5 +125,5 @@ jobs: echo 'tailing->trailing' >> dictionary_code.txt # Only lowercase letters are allowed in --ignore-words-list codespell --dictionary=dictionary.txt --dictionary=dictionary_rare.txt --dictionary=dictionary_code.txt \ - --ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage,woh,tne,typpos,enew,shft,seh,ser,servent,socio-economic,rime,falt,infor" \ - --skip="./.git,./.github/workflows/codespell.yml,./dictionary*.txt,./Sandboxie/msgs/Text-*-*.txt,./Sandboxie/msgs/report/Report-*.txt,./SandboxiePlus/SandMan/*.ts,./Installer/Languages.iss,./Installer/isl/*.isl,./Sandboxie/common/Detours/Makefile,./Sandboxie/common/Detours/disasm.cpp,./Sandboxie/install/build.bat,./SandboxieTools/ImBox/dc/crypto_fast/xts_fast.c,./Sandboxie/apps/control/TreePropSheet.h,./Sandboxie/apps/control/PropPageFrame.h,./Sandboxie/apps/control/PropPageFrameDefault.h,./SandboxiePlus/SandMan/Troubleshooting/lang_*.json" + --ignore-words-list="wil,unknwn,tolen,pevent,doubleclick,parm,parms,etcp,ois,ba,ptd,modell,namesd,stdio,uint,errorstring,ontext,atend,deque,ecounter,nmake,namess,inh,daa,varient,lite,uis,emai,ws,slanguage,woh,tne,typpos,enew,shft,seh,ser,servent,socio-economic,rime,falt,infor,vor,lets,od,fo,aas," \ + --skip="./.git,./.github/workflows/codespell.yml,./dictionary*.txt,./Sandboxie/msgs/Text-*-*.txt,./Sandboxie/msgs/report/Report-*.txt,./SandboxiePlus/SandMan/*.ts,./Installer/Languages.iss,./Installer/isl/*.isl,./SandboxiePlus/SandMan/Troubleshooting/lang_*.json,./Sandboxie/install/build.bat,./SandboxieTools/ImBox/dc/crypto_fast/xts_fast.c" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 84f595ac..e3d42416 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -164,7 +164,7 @@ jobs: - name: Upload installer assets #if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' - uses: actions/upload-artifact@v4.3.3 + uses: actions/upload-artifact@v4.3.4 with: name: Assets path: | @@ -173,7 +173,7 @@ jobs: - name: Upload Sandboxie x64 #if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' - uses: actions/upload-artifact@v4.3.3 + uses: actions/upload-artifact@v4.3.4 with: name: Sandboxie_x64 path: | @@ -267,7 +267,7 @@ jobs: - name: Upload Sandboxie ARM64 #if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' - uses: actions/upload-artifact@v4.3.3 + uses: actions/upload-artifact@v4.3.4 with: name: Sandboxie_ARM64 path: | @@ -336,7 +336,7 @@ jobs: - name: Upload Sandboxie x86 #if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' - uses: actions/upload-artifact@v4.3.3 + uses: actions/upload-artifact@v4.3.4 with: name: Sandboxie_x86 path: | diff --git a/CHANGELOG.md b/CHANGELOG.md index 4e6e6874..b9a08a30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,17 @@ This project adheres to [Semantic Versioning](http://semver.org/). - added an optional context menu option to make folder/file forced quickly - You can also use "Sandman.exe /add_force program_path" to do it +## [1.14.4 / 5.69.4] - 2024-07-13 + +### Changed +- improved removal of leftovers [#4050](https://github.com/sandboxie-plus/Sandboxie/pull/4050) + +### Fixed +- fixed The Start Restrictions tab's layout is broken [#4045](https://github.com/sandboxie-plus/Sandboxie/issues/4045) +- fixed Administrators cannot change the sandbox configuration [#4057](https://github.com/sandboxie-plus/Sandboxie/issues/4057) [#4068](https://github.com/sandboxie-plus/Sandboxie/issues/4068) + +### Added +- added hwid display ## [1.14.3 / 5.69.3] - 2024-07-01 @@ -31,33 +42,34 @@ This project adheres to [Semantic Versioning](http://semver.org/). ### Added - added SbieIni option to modify password-protected configs [#3903](https://github.com/sandboxie-plus/Sandboxie/issues/3903) - usage: set|append|insert|delete [/passwd:********]
- - Note: use /passwd without the password to have SbieIni prompot for the password on the console, this hides the password from view and from bing captured with the command line + - Note: use /passwd without the password to have SbieIni prompt for the password on the console, this hides the password from view and from being captured with the command line - added checkbox for "PromptForInternetAccess" option to the New Box Wizard - added option "HideNonSystemProcesses" to hide processes not in a sandbox from processes lists for sandboxed processes - added option "HideSbieProcesses" to hide Sandboxie Work Process (SbieSvc, SandboxieRpcSs, etc.) - added option "HideFirmwareInfo" - - when it is set, the programs that try getting fireware information will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirmwareValue + - when it is set, the programs that try getting firmware information will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirmwareValue - added template "BlockAccessWMI" to prevent sandboxed processes from accessing system information through WMI -- added template "BlockLocalConnect" to prevent sandboxed processes from sending network packs to localhost to breakout sandbox +- added template "BlockLocalConnect" to prevent sandboxed processes from sending network packets to localhost to breakout sandbox - added new option "AllowCoverTaskbar" for [#3975](https://github.com/sandboxie-plus/Sandboxie/issues/3975) - added RPC Port message filter mechanism to block unsafe RDP calls via the driver [#3930](https://github.com/sandboxie-plus/Sandboxie/issues/3930) - Usage: "RpcPortFilter=Port,ID,Label" label is optional - added "Job Object" Options page to colelct all job object related options + ### Changed -- Extend "Temp Template" to make it could delete local template section +- extend "Temp Template" to make it could delete local template section ### Fixed - fixed security issue with the newly introduced experimental "UseCreateToken=y" mechanism - fixed issue with "UseCreateToken=y" when using a MSFT online account - fixed Export sandbox not containing hidden files [#3980](https://github.com/sandboxie-plus/Sandboxie/issues/3980) (thanks L4cache) - fixed Chrome stopped printing [#3926](https://github.com/sandboxie-plus/Sandboxie/issues/3926) - - Sandboxie will add CustomChromiumFlags=--disable-features=PrintCompositorLPAC to chrome based browsers command line - - Note: Less Privileged App Container (LPAC) don't work with sandboxie currently + - Sandboxie will add CustomChromiumFlags=--disable-features=PrintCompositorLPAC to Chromium-based browsers command line + - Note: Less Privileged App Container (LPAC) don't work with Sandboxie currently - fixed Problem accessing a relative symlink with a target that starts with a dot [#3981](https://github.com/sandboxie-plus/Sandboxie/issues/3981) - fixed Can't open a sandbox's properties window via double-click in System Tray context window [#3861](https://github.com/sandboxie-plus/Sandboxie/issues/3861) - fixed Delay in launching forced programs after version 1.12.9 [#3868](https://github.com/sandboxie-plus/Sandboxie/issues/3868) - - this issue was introdiced in 1.13.0 and may have broadly affected other usecases and cause variosue problems + - this issue was introduced in 1.13.0 and may have broadly affected other use cases and cause various problems - fixed issue with Misc Options list - improved compatibility with steam running sandboxed @@ -68,7 +80,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). ### Added - added "Sandboxie\All Sandboxes" SID into token with SandboxieLogon [#3191](https://github.com/sandboxie-plus/Sandboxie/issues/3191) - to use this feature "SandboxieAllGroup=y" must be enabled - - Note: this fundamentaly changes the mechanism Sbie uses for token creation, the new mechanism can be enabled separately with "UseCreateToken=y" + - Note: this fundamentally changes the mechanism Sbie uses for token creation, the new mechanism can be enabled separately with "UseCreateToken=y" - added "EditAdminOnly=y" can now be configured per box - added UI for CoverBoxedWindows in NewBoxWizard - added UI option to start unsandboxed process but force child processes in SelectBoxWindow @@ -93,21 +105,21 @@ This project adheres to [Semantic Versioning](http://semver.org/). ## [1.14.0 / 5.69.0] - 2024-05-17 ### Added -- added option to limit the memory of sandboxed process and the number of process in single sandbox through job object (thanks Yeyixiao) +- added option to limit the memory of sandboxed processes and the number of processes in single sandbox through job object (thanks Yeyixiao) - use "TotalMemoryLimit" (Number, limit whole sandbox, Byte) and "ProcessMemoryLimit" (Number, limit single process, Byte) to set memory limit - use "ProcessNumberLimit" (Number) to set process number limit - added ability to modified sandboxed process logic speed (reduced fixed latency, modified single-player speed, etc.) (thanks Yeyixiao) - use "UseChangeSpeed=y" to open this feature, use "AddTickSpeed" / "AddSleepSpeed" / "AddTimerSpeed" / "LowTickSpeed" / "LowSleepSpeed" / "LowTimerSpeed" (Number) to set - when set to "AddSleepSpeed=0", all sleep function calls will be skipped -- added /fcp /force_children commandline option to start.exe it allows to start a program unsandboxed but have all its children sandboxed -- added ability to fore sandboxed processes to use a pre defined socks 5 proxy +- added /fcp /force_children command line option to start.exe it allows to start a program unsandboxed but have all its children sandboxed +- added ability to force sandboxed processes to use a pre-defined SOCKS5 proxy - added ability to intercept DNS queries so that they can be logged and/or redirected - added support for SOCKS5 proxy authentication based on RFC1928 (thanks Deezzir) - added Test Dialog UI for SOCKS5 proxy (thanks Deezzir) -- added ability to automatically removes template references that begin with “Template_Temp_” in the sandbox +- added ability to automatically removes template references that begin with "Template_Temp_" in the sandbox ### Changed -- validated compatibility with windows build 26217 and updated dyn data +- validated compatibility with Windows build 26217 and updated DynData ### Fixed - fixed an issue with an early batch of Large Supporter certificates diff --git a/Installer/Sandboxie-Plus.iss b/Installer/Sandboxie-Plus.iss index c65303e1..2b29fba7 100644 --- a/Installer/Sandboxie-Plus.iss +++ b/Installer/Sandboxie-Plus.iss @@ -52,7 +52,7 @@ Name: "RefreshBuild"; Description: "{cm:RefreshBuild}"; MinVersion: 0.0,5.0; Che [Files] ; Both portable and install. Source: ".\Release\{#MyAppSrc}\*"; DestDir: "{app}"; MinVersion: 0.0,5.0; Flags: recursesubdirs ignoreversion; Excludes: "*.pdb" -; include the driver pdb +; Include the .pdb files. Source: ".\Release\{#MyAppSrc}\SbieDrv.pdb"; DestDir: "{app}"; MinVersion: 0.0,5.0; Flags: ignoreversion Source: ".\Release\{#MyAppSrc}\SbieDll.pdb"; DestDir: "{app}"; MinVersion: 0.0,5.0; Flags: ignoreversion @@ -79,11 +79,15 @@ Filename: "{app}\{#MyAppName}.ini"; Section: "Options"; Key: "UiLanguage"; Strin [InstallDelete] -; Remove deprecated files at install time. +; Delete obsolete files as the first step of installation. Type: filesandordirs; Name: "{app}\translations" Type: files; Name: "{app}\SbieDrv.sys.w10" Type: files; Name: "{app}\SbieDrv.sys.rc4" Type: files; Name: "{app}\SbieIni.exe.sig" +Type: files; Name: "{app}\libcrypto-1_1-x64.dll" +Type: files; Name: "{app}\libssl-1_1-x64.dll" +; Delete existing .pdb files before installing new ones. +Type: files; Name: "{app}\*.pdb" [Registry] @@ -463,7 +467,7 @@ begin end; begin - + // Return the path to use for the value of IniPath. if RegQueryStringValue(HKLM, 'SYSTEM\CurrentControlSet\Services\SbieDrv', 'IniPath', IniPath) then begin @@ -667,7 +671,7 @@ begin exit; end; - // remove shell integration. + // Remove shell integration. ShellUninstall(); end; diff --git a/README.md b/README.md index c5df999e..2066a2c5 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,11 @@ Sandboxie Plus has a modern Qt-based UI, which supports all new features that ha * Protections of sandboxes against the host, including the prevention of taking screenshots * A trigger system to perform actions, when a sandbox goes through different stages, like initialization, box start, termination or file recovery * Make a process not sandboxed, but its child processes sandboxed + * Sandboxing as a unit of control to force programs to automatically use the SOCKS5 proxy + * DNS resolution control with sandboxing as control granularity + * Limit the number of processes in the sandbox and the total amount of memory space they can occupy, and You can limit the total number of sandboxed processes per box + * A completely different token creation mechanism from Sandboxie's pre-open-source version makes sandboxes more independent in the system + * Encrypted Sandbox - an AES-based reliable data storage solution. More features can be spotted by finding the sign `=` through the shortcut key Ctrl+F in the [CHANGELOG.md](./CHANGELOG.md) file. diff --git a/Sandboxie/common/my_version.h b/Sandboxie/common/my_version.h index d96e2991..0d09cf2f 100644 --- a/Sandboxie/common/my_version.h +++ b/Sandboxie/common/my_version.h @@ -26,7 +26,7 @@ #define VERSION_MJR 5 #define VERSION_MIN 69 -#define VERSION_REV 3 +#define VERSION_REV 4 #define VERSION_UPD 0 #if VERSION_UPD > 0 diff --git a/Sandboxie/core/dll/proc.c b/Sandboxie/core/dll/proc.c index 4ac427b9..e26eb7ad 100644 --- a/Sandboxie/core/dll/proc.c +++ b/Sandboxie/core/dll/proc.c @@ -1653,14 +1653,15 @@ _FX BOOL Proc_AlternateCreateProcess( void *lpCurrentDirectory, LPPROCESS_INFORMATION lpProcessInformation, BOOL *ReturnValue) { - //if (SbieApi_QueryConfBool(NULL, L"BlockSoftwareUpdaters", TRUE)) - if (Proc_IsSoftwareUpdateW(lpApplicationName ? lpApplicationName : lpCommandLine)) { + if (SbieApi_QueryConfBool(NULL, L"BlockSoftwareUpdaters", TRUE)) { + if (Proc_IsSoftwareUpdateW(lpApplicationName ? lpApplicationName : lpCommandLine)) { - SetLastError(ERROR_ACCESS_DENIED); - *ReturnValue = FALSE; + SetLastError(ERROR_ACCESS_DENIED); + *ReturnValue = FALSE; - SbieApi_MonitorPutMsg(MONITOR_OTHER, L"Blocked start of an updater"); - return TRUE; // exit CreateProcessInternal + SbieApi_MonitorPutMsg(MONITOR_OTHER, L"Blocked start of an updater"); + return TRUE; // exit CreateProcessInternal + } } #ifndef _WIN64 diff --git a/Sandboxie/core/svc/sbieiniserver.cpp b/Sandboxie/core/svc/sbieiniserver.cpp index 815e6bf0..ef6eda23 100644 --- a/Sandboxie/core/svc/sbieiniserver.cpp +++ b/Sandboxie/core/svc/sbieiniserver.cpp @@ -728,7 +728,7 @@ ULONG SbieIniServer::IsCallerAuthorized(HANDLE hToken, const WCHAR *Password, co if (SbieApi_QueryConfBool(Section, L"EditAdminOnly", FALSE)) { - if (! TokenIsAdmin(hToken, true)) { + if (! TokenIsAdmin(hToken)) { CloseHandle(hToken); return STATUS_LOGON_NOT_GRANTED; } diff --git a/Sandboxie/install/SandboxieVS.nsi b/Sandboxie/install/SandboxieVS.nsi index 22c8d130..3f27c403 100644 --- a/Sandboxie/install/SandboxieVS.nsi +++ b/Sandboxie/install/SandboxieVS.nsi @@ -954,6 +954,10 @@ NoTrendMicro: Upgrade: + ; Delete obsolete files + Delete "$INSTDIR\${SBIEDRV_SYS}.rc4" + Delete "$INSTDIR\${SBIEDRV_SYS}.w10" + Delete "$INSTDIR\${SBIEINI_EXE}.sig" Call DeleteProductKey Call DeleteSystemKeys Call DeleteShortCuts @@ -1141,7 +1145,7 @@ WriteOk: SkipCopyInstaller: ; - ; Delete old files + ; Delete obsolete files ; Delete "$DESKTOP\${PRODUCT_NAME} Quick Launch.lnk" @@ -1180,8 +1184,9 @@ Function DeleteProgramFiles Delete "$INSTDIR\${SBIEMSG_DLL}" Delete "$INSTDIR\${SBIEDRV_SYS}" - Delete "$INSTDIR\${SBIEDRV_SYS}.rc4" ; leftover - Delete "$INSTDIR\${SBIEDRV_SYS}.w10" ; leftover + ; Delete obsolete files + Delete "$INSTDIR\${SBIEDRV_SYS}.rc4" + Delete "$INSTDIR\${SBIEDRV_SYS}.w10" Delete "$INSTDIR\KmdUtil.exe" Delete "$INSTDIR\UpdUtil.exe" @@ -1210,7 +1215,8 @@ Function DeleteProgramFiles Delete "$INSTDIR\Manifest2.txt" Delete "$INSTDIR\${SBIEINI_EXE}" - Delete "$INSTDIR\${SBIEINI_EXE}.sig" ; leftover + ; Delete obsolete file + Delete "$INSTDIR\${SBIEINI_EXE}.sig" Delete "$INSTDIR\whatsnew.html" diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui index 36e00a35..4b99832a 100644 --- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui +++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui @@ -6,8 +6,8 @@ 0 0 - 835 - 575 + 674 + 475 @@ -1729,121 +1729,46 @@ Advanced Security - - - - - - 75 - true - true - - - - Protect the sandbox integrity itself - - - Privilege isolation - - - - - - - Allow only privileged processes to access the Service Control Manager - - - - - - - Do not start sandboxed services using a system token (recommended) - - - - - - - Start the sandboxed RpcSs as a SYSTEM process (not recommended) - - - - - - - Protect sandboxed SYSTEM processes from unprivileged processes - - - - - - - - 75 - true - true - - - - (Security Critical) - - - - - - - Drop critical privileges from processes running with a SYSTEM token - - - - - - - - 75 - true - true - - - - (Security Critical) - - - - - - - - 75 - true - true - - - - Protect the sandbox integrity itself - - - Sandboxie token - - - - - - - Use a Sandboxie login instead of an anonymous token - - - - - - - Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. - - - true - - - + + + + + + + Drop critical privileges from processes running with a SYSTEM token + + + + + + + Qt::Horizontal + + + + 40 + 20 + + + + + + + + Allow only privileged processes to access the Service Control Manager + + + + + + + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. + + + true + + + @@ -1851,31 +1776,110 @@ - - - - Qt::Vertical - - - - 20 - 185 - - - - - - - - Qt::Horizontal - - - - 457 - 20 - - - + + + + + 75 + true + true + + + + (Security Critical) + + + + + + + + 75 + true + true + + + + Protect the sandbox integrity itself + + + Privilege isolation + + + + + + + Do not start sandboxed services using a system token (recommended) + + + + + + + Use a Sandboxie login instead of an anonymous token + + + + + + + Qt::Vertical + + + + 20 + 5 + + + + + + + + Start the sandboxed RpcSs as a SYSTEM process (not recommended) + + + + + + + Protect sandboxed SYSTEM processes from unprivileged processes + + + + + + + + 75 + true + true + + + + (Security Critical) + + + + + + + + 75 + true + true + + + + Protect the sandbox integrity itself + + + Sandboxie token + + + + @@ -2477,119 +2481,113 @@ Start Restrictions - - - - 9 - 9 - 751 - 493 - - - - - - - 0 - - - - - * Note: Programs installed to this sandbox won't be able to start at all. - - - true - - - - - - - Allow all programs to start in this sandbox. - - - - - - - Allow only selected programs to start in this sandbox. * - - - - - - - Prevent selected programs from starting in this sandbox. - - - - - - - - - true - - - - Name + + + + + + + 0 - - - - - - - Add Program - - - - - - - Qt::Vertical - - - - 20 - 299 - - - - - - - - Show Templates - - - - - - - Remove - - - - - - - Issue message 1308 when a program fails to start - - - - - - - This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. - - - Display a pop-up warning before starting a process in the sandbox from an external source - - - - - + + + + * Note: Programs installed to this sandbox won't be able to start at all. + + + true + + + + + + + Allow all programs to start in this sandbox. + + + + + + + Allow only selected programs to start in this sandbox. * + + + + + + + Prevent selected programs from starting in this sandbox. + + + + + + + + + Add Program + + + + + + + Qt::Vertical + + + + 20 + 299 + + + + + + + + Show Templates + + + + + + + Remove + + + + + + + Issue message 1308 when a program fails to start + + + + + + + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. + + + Display a pop-up warning before starting a process in the sandbox from an external source + + + + + + + true + + + + Name + + + + + + + @@ -4064,98 +4062,102 @@ The process match level has a higher priority than the specificity and describes Compatibility - - - - - When the global hotkey is pressed 3 times in short succession this exception will be ignored. - - - Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - - - - - - - - 75 - true - true - - - - Compatibility - - - - - - - Force usage of custom dummy Manifest files (legacy behaviour) - - - - - - - Apply ElevateCreateProcess Workaround (legacy behaviour) - - - - - - - Use desktop object workaround for all processes - - - - - - - Emulate sandboxed window station for all processes - - - - - - - Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) - - - - + + + + + + + Apply ElevateCreateProcess Workaround (legacy behaviour) + + + + + + + When the global hotkey is pressed 3 times in short succession this exception will be ignored. + + + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. + + + + + + + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) + + + + + + + Use desktop object workaround for all processes + + + + Restart force process before they begin to execute - - - - Qt::Vertical - - - - 20 - 263 - - - - - - - - Qt::Horizontal - - - - 667 - 20 - - - + + + + Qt::Vertical + + + + 20 + 40 + + + + + + + + + 75 + true + true + + + + Compatibility + + + + + + + Force usage of custom dummy Manifest files (legacy behaviour) + + + + + + + Emulate sandboxed window station for all processes + + + + + + + Qt::Horizontal + + + + 40 + 20 + + + + + diff --git a/SandboxiePlus/SandMan/sandman_de.ts b/SandboxiePlus/SandMan/sandman_de.ts index 2cad00f9..bc9f6cdf 100644 --- a/SandboxiePlus/SandMan/sandman_de.ts +++ b/SandboxiePlus/SandMan/sandman_de.ts @@ -6629,13 +6629,13 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac - - + + Protect the system from sandboxed processes Schütze das System vor Prozessen in der Sandbox - + Block network files and folders, unless specifically opened. Blockiere Netzwerkdateien und Ordner, außer diese wurden explizit geöffnet. @@ -6656,18 +6656,18 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac - - - - - - - - - - - - + + + + + + + + + + + + Name Name @@ -6679,28 +6679,28 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Entfernen @@ -6756,7 +6756,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Lässt Programme denken, sie würden mit erhöhten Rechten laufen (Erlaubt das sichere Ausführen von Installern) - + Network restrictions Netzwerkbeschränkungen @@ -6781,83 +6781,83 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Frage Benutzer bei Migration von großen Dateien - + Program Groups Programmgruppen - + Add Group Gruppe hinzufügen - - - - - + + + + + Add Program Programm hinzufügen - + Force Folder Erzwungene Ordner - - - + + + Path Pfad - + Force Program Erzwungenes Programm - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Zeige Vorlagen - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programme die hier gelistet sind oder von den angegebenen Ordnern gestartet werden, werden automatisch in dieser Sandbox ausgeführt, solange sie nicht explizit in einer anderen Sandbox gestartet werden. - - + + Stop Behaviour Stoppverhalten - - - - - - - + + + + + + + Type Typ @@ -6932,7 +6932,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Druckerbeschränkungen - + Prevent change to network and firewall parameters (user mode) Verhindere Änderungen an Netzwerk und Firewall-Parametern (Nutzermodus) @@ -6942,17 +6942,17 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Füge Programm hinzu - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Sie können Programme gruppieren und ihnen einen Gruppennamen geben. Programmgruppen können in einigen Einstellungen an Stelle der Programmnamen genutzt werden. Gruppen, welche für eine Box definiert werden, übergehen Gruppen die in Vorlagen definiert wurden. - + Start Restrictions Starteinschränkungen - + Issue message 1308 when a program fails to start Gebe Nachricht 1308 aus, wenn ein Programmstart fehlschlägt @@ -6977,131 +6977,131 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac * Notiz: Programme, welche in dieser Sandbox installiert werden, werden nicht in der Lage sein zu starten. - + Process Restrictions Prozessbeschränkungen - + Issue message 1307 when a program is denied internet access Gebe Nachricht 1307 aus, wenn einem Programm der Internetzugriff verweigert wurde - + Note: Programs installed to this sandbox won't be able to access the internet at all. Hinweis: Programme, welche in dieser Sandbox installiert werden, werden nicht in der Lage sein auf das Internet zuzugreifen. - + Prompt user whether to allow an exemption from the blockade. Den Nutzer fragen, ob er eine Ausnahme von dieser Blockade erlauben will. - + Resource Access Ressourcenzugriff - - - - - - - - - + + + + + + + + + Program Programm - - - - - - + + + + + + Access Zugriff - + Add Reg Key Füge Registry-Schlüssel hinzu - + Add File/Folder Füge Datei/Ordner hinzu - + Add Wnd Class Füge Fensterklasse hinzu - + Add COM Object Füge COM-Objekt hinzu - + Add IPC Path Füge IPC-Pfad hinzu - + File Recovery Dateiwiederherstellung - + Add Folder Füge Ordner hinzu - + Ignore Extension Ignoriere Erweiterungen - + Ignore Folder Ignoriere Ordner - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Aktivere Sofortwiederherstellungsabfrage, um alle Dateien sofort wiederherzustellen, sobald sie erzeugt werden. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Sie können Ordner und Dateitypen (oder Dateierweiterungen) von der Sofortwiederherstellung ausnehmen. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Wenn die Schnellwiederherstellungsfunktion aufgerufen wird, werden die folgenden Ordner in der Sandbox auf Inhalte geprüft. - + Immediate Recovery Sofortwiederherstellung - + Advanced Options Erweiterte Optionen - + Miscellaneous Diverses - + Do not start sandboxed services using a system token (recommended) Sandgeboxte Dienste nicht mit einem Systemtoken starten (empfohlen) @@ -7111,7 +7111,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Blockiere Lesezugriff auf die Zwischenablage - + Force usage of custom dummy Manifest files (legacy behaviour) Erzwinge die Verwendung von eigenen dummy Manifestdateien (veraltetes Verhalten) @@ -7121,7 +7121,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Füge sandgeboxte Prozesse zu Job-Objekten hinzu (empfohlen) - + Allow only privileged processes to access the Service Control Manager Beschränke Zugriff auf emulierte Dienstkontrollmanager ausschließlich auf privilegierte Prozesse @@ -7131,7 +7131,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Öffne systemgeschützten Speicherort - + Don't alter window class names created by sandboxed programs Fensterklassen von sandgeboxten Programmen nicht ändern @@ -7139,16 +7139,16 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac - - - - + + + + Protect the sandbox integrity itself Die Sandboxintegrität selbst schützen - - + + Compatibility Kompatibilität @@ -7158,7 +7158,7 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac ACHTUNG: Bei Ausführung unter dem eingebauten Administrator, können Prozesse ihre administrativen Rechten nicht abgeben. - + Emulate sandboxed window station for all processes Emuliere sandgeboxte 'Window Stations' für alle Prozesse @@ -7168,42 +7168,42 @@ Wenn Sie bereits ein Great Supporter auf Patreon sind, kann Sandboxie online nac Öffne Zugriff auf Windows Security Account Manager - + Hide Processes Verstecke Prozesse - + Add Process Prozess hinzufügen - + Hide host processes from processes running in the sandbox. Verstecke Host-Prozesse vor Prozessen in der Sandbox. - + Don't allow sandboxed processes to see processes running in other boxes Nicht erlauben, dass sandgeboxte Prozesse die Prozesse in anderen Boxen sehen können - + Users Benutzer - + Restrict Resource Access monitor to administrators only Beschränke den Ressourcenzugriffsmonitor auf Administratoren - + Add User Benutzer hinzufügen - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -7212,22 +7212,22 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Notiz: Erzwungene Programme und Ordner für eine Sandbox finden keine Anwendung auf Konten, die diese Sandbox nicht nutzen können. - + Tracing Rückverfolgung - + Log all SetError's to Trace log (creates a lot of output) Protokolliere alle SetError ins Rückverfolgungsprotokoll (Erzeugt große Ausgabemenge) - + Pipe Trace Pipe-Rückverfolgung - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -7246,88 +7246,88 @@ Sie können die Protokollierung in der INI anpassen, indem Sie wie folgt wählen an Stelle von "*". - + Access Tracing Zugriffsrückverfolgung - + GUI Trace GUI-Rückverfolgung - + DNS Filter DNS-Filter - + Add Filter Filter hinzufügen - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. Mit dem DNS-Filter können individuelle Domänen, je Prozess blockiert werden. Lassen Sie die IP-Spalte leer zum Blockieren oder geben Sie eine IP ein zum Umleiten. - + Domain Domäne - + Internet Proxy Internetproxy - + Add Proxy Füge Proxy hinzu - + Test Proxy Proxy testen - + Auth Authentifizierung - + Login Login - + Password Passwort - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Sandgeboxte Programme können dazu gezwungen werden einen vorgegebenen SOCKS5-Proxy zu verwenden. - + Resolve hostnames via proxy Hostnamen durch den Proxy auflösen - + Limit restrictions Limit-Beschränkungen - - + + Leave it blank to disable the setting(Unit:KB) Leer lassen, um die Einstellung zu deaktivieren (Einheit: KB) - + Leave it blank to disable the setting Leer lassen, um die Einstellung zu deaktivieren @@ -7337,142 +7337,142 @@ an Stelle von "*". Limit Gesamtzahl an Prozessen: - + Total Processes Memory Limit: Speicherlimit aller Prozesse zusammen: - + Single Process Memory Limit: Speicherlimit einzelner Prozess: - + On Box Terminate Beim Box Beenden - + Don't allow sandboxed processes to see processes running outside any boxes Nicht erlauben, dass sandgeboxte Prozesse die Prozesse außerhalb der Boxen sehen können - + Prevent sandboxed processes from accessing system details through WMI Hindere sandgeboxte Prozesse daran, über WMI auf Systemdetails zuzugreifen - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Einige Programme rufen Systemdetails über WMI (Windows Management Instrumentation), eine integrierte Windows-Datenbank, ab, anstatt herkömmliche Methoden zu verwenden. Zum Beispiel kann 'tasklist.exe' auf eine komplette Liste von Prozessen zugreifen, auch wenn 'HideOtherBoxes' aktiviert ist. Aktivieren Sie diese Option, um ein solches Verhalten zu verhindern. - + API call Trace (traces all SBIE hooks) API-Aufrufrückverfolgung (verfolgt alle SBIE-Hooks) - + Key Trace Schlüsselrückverfolgung - + File Trace Dateirückverfolgung - + IPC Trace IPC-Rückverfolgung - + Log Debug Output to the Trace Log Protokolliere Debug-Ausgabe in das Rückverfolgungsprotokoll - + DNS Request Logging DNS-Anfragenprotokollierung - + COM Class Trace COM-Klassenrückverfolgung - + Debug Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! WARNUNG, diese Optionen können Kernsicherheitsgarantien deaktivieren und die Sandboxsicherheit zerstören!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Diese Optionen sind nur zur Fehlersuche bei Kompatibilitätsproblemen gedacht, bitte nicht im produktiven Einsatz verwenden. - + App Templates Programmvorlagen - + Filter Categories Filterkategorien - + Text Filter Textfilter - + Add Template Füge Vorlage hinzu - + Category Kategorie - + This list contains a large amount of sandbox compatibility enhancing templates Diese Liste enthält eine große Menge an Vorlagen, welche die Kompatibilität der Sandbox verbessern - + Set network/internet access for unlisted processes: Setze Netzwerk-/Internetzugriff für nicht aufgeführte Prozesse: - + Test Rules, Program: Testregeln, Programm: - + Port: Port: - + IP: IP: - + Protocol: Protokoll: - + X X @@ -7493,13 +7493,13 @@ an Stelle von "*". - + Move Up Nach oben verschieben - + Move Down Nach unten verschieben @@ -7529,89 +7529,89 @@ an Stelle von "*". Zugriffsisolation - + Image Protection Abbildschutz - + Issue message 1305 when a program tries to load a sandboxed dll Gebe Nachricht 1305 aus, wenn ein Programm versucht eine sandgeboxte DLL zu laden - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Hindere sandgeboxte Programme, die auf dem Hostsystem installiert sind, daran, DLLs aus der Sandbox zu laden - + Dlls && Extensions DLLs && Erweiterungen - + Description Beschreibung - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Sandboxies Ressourcenzugriffsregeln benachteiligen häufiger Programme in der Sandbox. OpenFilePath und OpenKeyPath funktionieren nur für Programme, die sich auf dem Host befinden. Um eine Regel ohne diese Beschränkungen zu definieren, müssen OpenPipePath oder OpenConfPath verwendet werden. Ebenso werden alle Closed(File|Key|Ipc)Path Anweisungen, welche durch eine Negation definiert werden, z.B. ‘ClosedFilePath=! iexplore.exe,C:Users*’, immer für Programmdateien (Binaries), die sich innerhalb einer Sandbox befinden, geschlossen sein. Beide Beschränkungen lassen sich auf der “Zugriffsrichtlinien”-Seite ausschalten. Dies wird gemacht um bösartige Prozesse in einer Sandbox daran zu hindern, eine umbenannte Kopie von sich selbst zu erstellen, um so auf geschützte Ressourcen zuzugreifen. Ein anderes Einfallstor ist die Injektion einer Programmbibliothek in einen befugten Prozess um Zugang zu allem zu erhalten, auf das dieser Prozess Zugriff hat. Mit der Verwendung des Abbildschutzes (Host Image Protection), kann dies verhindert werden, durch die Blockierung des Ladens von Programmbibliotheken innerhalb der Sandbox in Programme (installiert auf dem Hostrechner) die in einer Sandbox laufen. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Die Funktionalität von Sandboxie kann durch die Verwendung optionaler DLLs erweitert werden, die beim Start in jeden sandgeboxten Prozess durch die Datei SbieDll.dll geladen werden können. Der Erweiterungsmanager in den globalen Einstellungen bietet ein paar nützliche Erweiterungen, die, nachdem diese installiert wurden, hier für die aktuelle Box aktiviert werden können. - + Advanced Security Erweiterte Sicherheit - + Other isolation Andere Isolation - + Privilege isolation Privilegien Isolation - + Sandboxie token Sandboxie Token - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Die Verwendung eines eigenen Sandboxie Tokens erlaubt die bessere Isolation individueller Sandboxen zu einander und es zeigt in der Nutzerspalte des Taskmanagers den Namen der Box an zu der ein Prozess gehört. Einige Drittanbietersicherheitslösungen könnten jedoch Probleme mit den eigenen Tokens haben. - + Force Programs Erzwungene Programme - + Disable forced Process and Folder for this sandbox Deaktiviere erzwungene Prozesse und Ordner für diese Sandbox - + Breakout Programs Breakout Programme - + Breakout Program Breakout Programm - + Breakout Folder Breakout Ordner @@ -7661,189 +7661,189 @@ Dies wird gemacht um bösartige Prozesse in einer Sandbox daran zu hindern, eine Job-Objekt - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programme die hier eingegeben werden, wird erlaubt aus dieser Box auszubrechen, wenn diese starten, sodass Sie diese in einer anderen Box einfangen können. Zum Beispiel um Ihren Browser immer in einer dafür gewidmeten Box zu öffnen. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>SICHERHEITSHINWEIS</font>:</b> Die Verwendung von <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> und/oder <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in Kombination mit Open[File/Pipe]Path-Anweisungen kann die Sicherheit beeinträchtigen. Bitte lesen Sie die Sicherheitshinweise für jede Option in der Dokumentation, bevor Sie diese verwenden. - + Lingering Programs Verweilende Programme - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Verweilende Programme werden automatisch beendet, wenn diese noch laufen, nachdem alle anderen Prozesse bereits beendet wurden. - + Leader Programs Primäre Programme - + If leader processes are defined, all others are treated as lingering processes. Falls primäre Programme/Prozesse definiert wurden, werden alle anderen als verweilende Prozesse behandelt. - + Stop Options Stoppoptionen - + Use Linger Leniency Verwende nachsichtiges Verweilen - + Don't stop lingering processes with windows Verweilende Programme mit Fenstern nicht beenden - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. Diese Einstellung kann dazu verwendet werden Programme daran zu hindern, ohne das Wissen und die Zustimmung des Nutzers, in der Sandbox ausgeführt zu werden. - + Display a pop-up warning before starting a process in the sandbox from an external source Zeige eine Popup-Warnung vor der Ausführung eines Prozesses, in der Sandbox, von einer externen Quelle - + Files Dateien - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Konfiguriere welche Prozesse auf Dateien, Ordner und Pipes zugreifen können. 'Offener' Zugriff findet nur auf die Programme Anwendung die sich außerhalb der Sandbox befinden, Sie können stattdessen 'Offen für Alle' verwenden damit es Anwendung auf alle Programme findet oder Sie ändern dieses Verhalten im Richtlinienreiter. - + Registry Registry - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Konfiguriere welche Prozesse auf die Registry zugreifen können. 'Offener' Zugriff findet nur auf die Programme Anwendung die sich außerhalb der Sandbox befinden, Sie können stattdessen 'Offen für Alle' verwenden damit es Anwendung auf alle Programme findet oder Sie ändern dieses Verhalten im Richtlinienreiter. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Konfiguriere welche Prozesse Zugriff auf NT IPC Objekte haben, wie ALPC-Ports und anderen Prozessspeicher und Kontext. Um einen Prozess anzugeben verwenden Sie '$:program.exe' als Pfad. - + Wnd Fenster - + Wnd Class Fensterklasse - + COM COM - + Class Id Klassen-ID - + Configure which processes can access COM objects. Konfiguriere welche Prozesse Zugriff auf COMobjekte haben. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Nicht den virtualisierten COM verwenden, offener Zugriff auf die COMinfrastruktur des Hostsystems (nicht empfohlen) - + Access Policies Zugriffsrichtlinien - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Wende 'Close...=!<program>,...' Regeln auch auf alle ausführbaren Binärcodes (Programme) innerhalb der Sandbox an. - + Network Options Netzwerkoptionen - + Add Rule Regel hinzufügen - - + + Action Aktion - - + + Port Port - - - + + + IP IP - + Protocol Protokoll - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. ACHTUNG: Die Windows Filtering Platform wird nicht durch den Treiber ermöglicht, deshalb können diese Regeln nur im Nutzerkontext angewendet und nicht erzwungen werden!!! Dies bedeutet, dass ein bösartiges Programm diese umgehen könnte. - + Quick Recovery Schnellwiederherstellung - + Various Options Verschiedene Optionen - + Allow use of nested job objects (works on Windows 8 and later) Erlaube Verwendung von verschachtelten Job-Objekten (funktioniert ab Windows 8 und neuer) @@ -7858,65 +7858,65 @@ Um einen Prozess anzugeben verwenden Sie '$:program.exe' als Pfad.Öffne Zugriff auf Windows Local Security Authority - + Program Control Programmkontrolle - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Die Regelgenauigkeit ist ein Maß wie genau eine gegebene Regel mit einem gewissen Pfad übereinstimmt; einfach gesagt ist die Genauigkeit die Länge der Zeichen vom Beginn des Pfades bis zu und inklusive des letzten übereinstimmenden Nicht-Wildcard-Zeichenkettenteils. Eine Regel, welche nur mit Dateitypen, wie "*.tmp" übereinstimmt, hätte die höchste Genauigkeit, da sie immer mit dem ganzen Pfad übereinstimmt. Der Prozessübereinstimmungslevel hat eine höhere Priorität als die Genauigkeit und beschreibt wie eine Regel für einen gewissen Prozess anzuwenden ist. Regeln welche für Prozessnamen oder Gruppen gelten haben den höchsten Übereinstimmungslevel, gefolgt von der Übereinstimmung durchr Negation (z.B. Regeln werden auf alle Prozesse angewandt, außer auf bestimmte), während globale Übereinstimmungen den geringste Übereinstimmungslevel (z.B. Regel die auf jeden Prozess zutreffen) haben. - + Prioritize rules based on their Specificity and Process Match Level Priorisiere Regeln basierend ihrer Genauigkeit und Prozessübereinstimmungslevel - + Privacy Mode, block file and registry access to all locations except the generic system ones Privatsphärenmodus, blockiere Datei und Registryzugriff zu allen Orten außer den generischen des Systems - + Access Mode Zugriffsmodus - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Wenn der Privatsphärenmodus angeschaltet ist, können sandgeboxte Prozesse nur C:\Windows\*, C:\Programme\*, und Teile der HKLM-Registry lesen, alle anderen Speicherorte benötigen die explizite Freigabe zum Lesen und/oder Schreiben. In diesem Modus ist die Regelgenauigkeit immer eingeschaltet. - + Rule Policies Regel-Richtlinien - + Apply File and Key Open directives only to binaries located outside the sandbox. Wende Datei- und Schlüsselöffnungsanweisungen nur auf ausführbaren Binärcode außerhalb der Sandbox an. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Starte die sandgeboxten RpcSs als SYSTEM-Prozess (nicht empfohlen) - + Drop critical privileges from processes running with a SYSTEM token Verwerfe kritische Privilegien von Prozessen die mit einem SYSTEM-Token laufen - - + + (Security Critical) (Sicherheitskritisch) - + Protect sandboxed SYSTEM processes from unprivileged processes Schütze sandgeboxte SYSTEM-Prozesse vor unprivilegierten Prozessen @@ -7956,7 +7956,7 @@ Der Prozessübereinstimmungslevel hat eine höhere Priorität als die Genauigkei Gebe Nachricht 2111 aus, falls ein Prozesszugriff abgelehnt wird - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Deaktiviere standardmäßig die Benutzung von RpcMgmtSetComTimeout (Dies könnte Kompatibilitätsprobleme lösen) @@ -7986,82 +7986,82 @@ Der Prozessübereinstimmungslevel hat eine höhere Priorität als die Genauigkei Die unterstehenden Optionen können sicher genutzt werden, wenn Sie keine Adminrechte gewähren. - + Triggers Auslöser - + Event Vorgang - - - - + + + + Run Command Kommando ausführen - + Start Service Dienst starten - + These events are executed each time a box is started Diese Vorgänge werden jedes Mal ausgeführt, wenn eine Box gestartet wird - + On Box Start Beim Boxstart - - + + These commands are run UNBOXED just before the box content is deleted Diese Kommandos werden NICHT-sandgeboxt ausgeführt, direkt bevor der Boxinhalt gelöscht wird - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Diese Kommandos werden nur ausgeführt wenn eine Box initialisiert wird. Um diese erneut auszuführen, muss der Boxinhalt gelöscht werden. - + On Box Init Bei Boxinitialisierung - + Here you can specify actions to be executed automatically on various box events. Hier können Sie Aktionen angeben, die automatisch bei bestimmten Boxvorgängen ausgeführt werden. - + Disable Resource Access Monitor Deaktiviere Ressourcenzugriffsmonitor - + Resource Access Monitor Ressourcenzugriffsmonitor - - + + Network Firewall Netzwerk-Firewall - + Template Folders Vorlagenordner - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8070,23 +8070,23 @@ Please note that this values are currently user specific and saved globally for Bitte beachten Sie, dass diese Werte aktuell nutzerspezifisch sind und global für alle Boxen gespeichert werden. - - + + Value Wert - + Accessibility Barrierefreiheit - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Zur Kompensation des verlorenen Schutzes, suchen Sie die Einstellungsseite der Rechteabgabe in der Gruppe der Beschränkungen auf. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Screenreader, JAWS, NVDA, Window-Eyes, Systemzugriff @@ -8226,57 +8226,57 @@ Bitte beachten Sie, dass diese Werte aktuell nutzerspezifisch sind und global f Prozess ablehnen - + Use a Sandboxie login instead of an anonymous token Verwende einen Sandboxie-Login anstelle eines anonymen Tokens - + Configure which processes can access Desktop objects like Windows and alike. Konfiguriere welche Prozesse Zugriff auf Desktopobjekte wie Fenster und dergleichen haben. - + Apply ElevateCreateProcess Workaround (legacy behaviour) Wende die ElevateCreateProcess-Problemumgehung an (veraltetes Verhalten) - + Use desktop object workaround for all processes Wende den Workaround für Desktopobjekt auf alle Prozesse an - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. Wenn der globale Hotkey 3x kurz hintereinander gedrückt wird, wird diese Ausnahme ignoriert. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Schließe diese Sandbox davon aus, dass sie beendet wird, wenn "Alle Prozesse beenden" aufgerufen wird. - + This command will be run before the box content will be deleted Dieses Kommando wird ausgeführt bevor der Boxinhalt gelöscht wird - + On File Recovery Bei Dateiwiederherstellung - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked Dieses Kommando wird ausgeführt bevor eine Datei wiederhergestellt wird und der Dateipfad wird als erstes Argument weitergegeben und falls dieses Kommando etwas anderes als den Wert 0 zurückgibt, wird die Wiederherstellung blockiert - + Run File Checker Starte Dateiprüfer - + On Delete Content Beim Löschen von Inhalten @@ -8302,87 +8302,87 @@ Bitte beachten Sie, dass diese Werte aktuell nutzerspezifisch sind und global f - + Process Prozess - + Other Options Andere Optionen - + Port Blocking Portblockade - + Block common SAMBA ports Blockiere übliche SAMBA-Ports - + Block DNS, UDP port 53 Blockiere DNS, UPD Port 53 - + Add Option Füge Option hinzu - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Hier können Sie pro Prozess Optionen konfigurieren, um die Kompatibilität zu verbessern und/oder das Sandboxverhalten zu personalisieren. - + Option Option - + These commands are run UNBOXED after all processes in the sandbox have finished. Diese Befehle werden AUẞERHALB der Sandbox ausgeführt, nachdem alle Prozesse in der Sandbox beendet wurden. - + Syscall Trace (creates a lot of output) Systemaufrufrückverfolgung (erzeugt große Ausgabemenge) - + Templates Vorlagen - + Open Template Öffne Vorlage - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Die folgenden Einstellungen ermöglichen die Verwendung von Sandboxie in Verbindung mit Barrierefreiheitssoftware. Bitte beachten Sie, dass ein gewisser Umfang des Schutzes von Sandboxie notwendigerweise verloren geht, wenn diese Einstellungen aktiv sind. - + Edit ini Section INI Sektion bearbeiten - + Edit ini INI bearbeiten - + Cancel Abbrechen - + Save Speichern diff --git a/SandboxiePlus/SandMan/sandman_en.ts b/SandboxiePlus/SandMan/sandman_en.ts index fd0d45f8..706f9b7e 100644 --- a/SandboxiePlus/SandMan/sandman_en.ts +++ b/SandboxiePlus/SandMan/sandman_en.ts @@ -6652,8 +6652,8 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - + + Protect the system from sandboxed processes @@ -6790,12 +6790,12 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Network restrictions - + Block network files and folders, unless specifically opened. @@ -6811,18 +6811,18 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - + + + + + + + + + + + + Name @@ -6839,98 +6839,98 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove - - - - - - - + + + + + + + Type - + Program Groups - + Add Group - - - - - + + + + + Add Program - + Force Folder - - - + + + Path - + Force Program - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates @@ -6980,33 +6980,33 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Prevent change to network and firewall parameters (user mode) - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. - - + + Stop Behaviour - + Start Restrictions - + Issue message 1308 when a program fails to start @@ -7031,32 +7031,32 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Process Restrictions - + Issue message 1307 when a program is denied internet access - + Prompt user whether to allow an exemption from the blockade. - + Note: Programs installed to this sandbox won't be able to access the internet at all. - - - - - - + + + + + + Access @@ -7154,13 +7154,13 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Move Up - + Move Down @@ -7216,111 +7216,111 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Use a Sandboxie login instead of an anonymous token - + Configure which processes can access Desktop objects like Windows and alike. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection - + Issue message 1305 when a program tries to load a sandboxed dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Advanced Security Adcanced Security - + Other isolation - + Privilege isolation - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. - + Program Control - + Force Programs - + Disable forced Process and Folder for this sandbox - + Breakout Programs - + Breakout Program - + Breakout Folder @@ -7374,233 +7374,233 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Lingering Programs - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. - + Leader Programs - + If leader processes are defined, all others are treated as lingering processes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + Registry - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. - + Wnd - + Wnd Class - + COM - + Class Id - + Configure which processes can access COM objects. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) - + Access Policies - + Network Options - + Set network/internet access for unlisted processes: - + Test Rules, Program: - + Port: - + IP: - + Protocol: - + X - + Add Rule - - - - - - - - - + + + + + + + + + Program - - + + Action - - + + Port - - - + + + IP - + Protocol - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. - + Resource Access - + Add File/Folder - + Add Wnd Class - + Add IPC Path @@ -7645,167 +7645,167 @@ To specify a process use '$:program.exe' as path. - + Sandboxie token - + Add Reg Key - + Add COM Object - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Other Options - + Port Blocking - + Block common SAMBA ports - + Block DNS, UDP port 53 - + File Recovery - + Quick Recovery - + Add Folder - + Immediate Recovery - + Ignore Extension - + Ignore Folder - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. - + Advanced Options - + Miscellaneous - + Don't alter window class names created by sandboxed programs - + Do not start sandboxed services using a system token (recommended) @@ -7813,83 +7813,83 @@ To specify a process use '$:program.exe' as path. - - - - + + + + Protect the sandbox integrity itself - + Drop critical privileges from processes running with a SYSTEM token - - + + (Security Critical) - + Protect sandboxed SYSTEM processes from unprivileged processes - + Force usage of custom dummy Manifest files (legacy behaviour) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. - + Prioritize rules based on their Specificity and Process Match Level - + Privacy Mode, block file and registry access to all locations except the generic system ones - + Access Mode - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. - + Rule Policies - + Apply File and Key Open directives only to binaries located outside the sandbox. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) - + Allow only privileged processes to access the Service Control Manager - - + + Compatibility @@ -7899,7 +7899,7 @@ The process match level has a higher priority than the specificity and describes - + Emulate sandboxed window station for all processes @@ -7929,7 +7929,7 @@ The process match level has a higher priority than the specificity and describes - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) @@ -7954,76 +7954,76 @@ The process match level has a higher priority than the specificity and describes - + Triggers - + Event - - - - + + + + Run Command - + Start Service - + These events are executed each time a box is started - + On Box Start - - + + These commands are run UNBOXED just before the box content is deleted - + Allow use of nested job objects (works on Windows 8 and later) - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. - + On Box Init - + Here you can specify actions to be executed automatically on various box events. - + Hide Processes - + Add Process - + Hide host processes from processes running in the sandbox. @@ -8033,48 +8033,48 @@ The process match level has a higher priority than the specificity and describes - + Various Options - + Apply ElevateCreateProcess Workaround (legacy behaviour) - + Use desktop object workaround for all processes - + This command will be run before the box content will be deleted - + On File Recovery - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked - + Run File Checker - + On Delete Content - + Don't allow sandboxed processes to see processes running in other boxes @@ -8085,80 +8085,80 @@ The process match level has a higher priority than the specificity and describes - + Process - + Users - + Restrict Resource Access monitor to administrators only - + Add User - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. - + Add Option - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. - + Option - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Tracing - + Pipe Trace - + API call Trace (traces all SBIE hooks) - + Log all SetError's to Trace log (creates a lot of output) - + Log Debug Output to the Trace Log - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8170,132 +8170,132 @@ instead of "*". - + File Trace - + Disable Resource Access Monitor - + IPC Trace - + GUI Trace - + Resource Access Monitor - + Access Tracing - + COM Class Trace - + Key Trace - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. - - + + Network Firewall - + Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. - + App Templates - + Filter Categories - + Text Filter - + Add Template - + This list contains a large amount of sandbox compatibility enhancing templates - + Category - + Template Folders - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. - - + + Value - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8305,89 +8305,89 @@ Please note that this values are currently user specific and saved globally for - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates - + Open Template - + Accessibility - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. - + Edit ini Section - + Edit ini - + Cancel - + Save diff --git a/SandboxiePlus/SandMan/sandman_es.ts b/SandboxiePlus/SandMan/sandman_es.ts index 59d41693..8a8ee7f1 100644 --- a/SandboxiePlus/SandMan/sandman_es.ts +++ b/SandboxiePlus/SandMan/sandman_es.ts @@ -7384,8 +7384,8 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por - - + + Protect the system from sandboxed processes Protejer al sistema de procesos en sandboxes @@ -7400,7 +7400,7 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Abrir Credenciales de Windows (modo usuario) - + Block network files and folders, unless specifically opened. Bloquear archivos de red y carpetas, salvo especificamente abiertos. @@ -7409,7 +7409,7 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Hace creer a las aplicaciones que son ejecutadas con permisos elevados (permite ejecutar instaladores con seguridad) - + Network restrictions Restricciones de Red @@ -7541,18 +7541,18 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por - - - - - - - - - - - - + + + + + + + + + + + + Name Nombre @@ -7569,28 +7569,28 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Eliminar @@ -7603,13 +7603,13 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Aqui puede especificar programas y/o servicios que seran iniciados automaticamente en la sandbox cuando se active - - - - - - - + + + + + + + Type Tipo @@ -7618,21 +7618,21 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Agregar Servicio - + Program Groups Grupo de Programas - + Add Group Agregar Grupo - - - - - + + + + + Add Program Agregar Programa @@ -7645,42 +7645,42 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Programas Forzados - + Force Folder Forzar Carpeta - - - + + + Path Ruta - + Force Program Forzar Programa - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Mostrar Plantillas @@ -7689,8 +7689,8 @@ Si ya eres un Gran Patrocinador en Patreon, Sandboxie puede comprobar online por Programas ingresados aqui, o programas iniciados desde ubicaciones ingresadas, seran puestos en esta sandbox automaticamente, salvo sean explicitamente iniciados en otra sandbox. - - + + Stop Behaviour Comportamiento de Detencion @@ -7715,12 +7715,12 @@ If leader processes are defined, all others are treated as lingering processes.< Si los procesos lider son definidos, todos los demas son tratados como persistentes. - + Start Restrictions Restricciones de Inicio - + Issue message 1308 when a program fails to start Mostrar mensaje 1308 cuando un programa falle al iniciar @@ -7749,12 +7749,12 @@ Si los procesos lider son definidos, todos los demas son tratados como persisten Restricciones de Internet - + Process Restrictions Restricciones de Procesos - + Issue message 1307 when a program is denied internet access Mostrar mensaje 1307 cuando un programa es denegado su acceso a internet @@ -7763,46 +7763,46 @@ Si los procesos lider son definidos, todos los demas son tratados como persisten Bloquear acceso a internet para todos los programas excepto aquellos agregados a esta lista. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Nota: Programas instalados en esta sandbox no podran acceder a internet. - + Prompt user whether to allow an exemption from the blockade. Preguntar al usuario si desea permitir excepción al bloqueo. - + Resource Access Acceso a recursos - - - - - - - - - + + + + + + + + + Program Programa - + Prevent change to network and firewall parameters (user mode) Prevenir cambiar parametros de red y cortafuegos (modo usuario) - - - - - - + + + + + + Access Acceso @@ -7823,39 +7823,39 @@ You can use 'Open for All' instead to make it apply to all programs, o Ud. puede usar 'Abrir para todos' en vez de aplicar a todos los programas, o cambiar este comportamiento en las Politicas. - + Add Reg Key Agregar clave de Registro - + Add File/Folder Agregar Archivo/Carpeta - + Add Wnd Class Agregar Wnd Class - + Add COM Object Agregar COM Object - + Add IPC Path Agregar IPC Path - + Move Up Mover Arriba - + Move Down Mover Abajo @@ -7870,22 +7870,22 @@ Note que Cerrar todos los ...=!<program>,... exclusiones tienen la misma l Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo aplicar a todos los programas. - + File Recovery Recuperación de archivos - + Add Folder Agregar Carpeta - + Ignore Extension Ignorar Extension - + Ignore Folder Ignorar Carpeta @@ -7894,22 +7894,22 @@ Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo Habilitar consulta de Recuperación Inmediata que pueda recuperar archivos al momento de crearse. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Puede excluir carpetas y tipos de archivos (o extensiones de archivos) de la Recuperación Instantánea. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Cuando la función de Recuperación Rapida es solicitada, las siguientes carpetas seran verificadas por contenido. - + Advanced Options Opciones Avanzadas - + Miscellaneous Miscelaneas @@ -7917,10 +7917,10 @@ Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo - - - - + + + + Protect the sandbox integrity itself Protejer la integridad de la sandbox @@ -7929,7 +7929,7 @@ Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo Aislamiento de Sandbox - + Do not start sandboxed services using a system token (recommended) No iniciar servicios en la sandbox usando token de sistema (recomendado) @@ -7943,23 +7943,23 @@ Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo Proteger procesos de sistema dentro de la sandbox contra procesos no privilegiados fuera de la sandbox - - + + Compatibility Compatibilidad - + Force usage of custom dummy Manifest files (legacy behaviour) Forzar el uso de archivos de manifesto de prueba (comportamiento heredado) - + Don't alter window class names created by sandboxed programs No alterar nombres de clase de ventanas creadas por programas en sandboxes - + Allow only privileged processes to access the Service Control Manager Permitir solamente procesos privilegiados acceder al Administrador de Control de Servicios @@ -7980,42 +7980,42 @@ Para acceso a archivos Ud. puede usar 'Directo Todo' en vez de hacerlo Aqui Ud. puede especificar una lista de comandos que son ejecutados cada vez que la sandbox es creada inicialmente. - + Hide Processes Esconder Procesos - + Add Process Agregar Proceso - + Hide host processes from processes running in the sandbox. Esconder procesos del anfitrion de procesos ejecutandose en la sandbox. - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked Este comando se ejecutará antes de que un archivo se recupere y la ruta del archivo se pasará como primer argumento. Si este comando devuelve algo distinto de 0, la recuperación será bloqueada - + Don't allow sandboxed processes to see processes running in other boxes No permitir que los procesos aislados vean procesos ejecutándose en otras cajas - + Users Usuarios - + Restrict Resource Access monitor to administrators only Restringir monitor de acceso a recursos solo para administradores - + Add User Agregar Usuario @@ -8032,27 +8032,27 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to u Nota: Configuración de Programas Forzados y Carpetas Forzadas para una sandbox no aplican a cuentas de usuario que no pueden usar la sandbox. - + Tracing Rastreo - + COM Class Trace Rastreo COM Class - + IPC Trace Rastreo IPC - + Key Trace Rastreo de llave - + GUI Trace Rastreo GUI @@ -8061,34 +8061,34 @@ Nota: Configuración de Programas Forzados y Carpetas Forzadas para una sandbox Políticas de Acceso a Recursos - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. La especificidad de una regla es la medida de cuan bien cierta regla coincide una ruta particular, para decirlo de otra forma la especificidad es el largo de caracteres desde el principio de la ruta hasta inclusive la ultima coincidencia sin comodin. Una regla que coincida solo los tipos de archivo como "*.tmp*" tendra la mayor especificidad ya que siempre coincidirá con la ruta completa. El proceso de nivel de coincidencia tiene mayor prioridad que la especificidad y describe como una regla aplica a un proceso dado. Reglas aplicadas a un nombre de proceso o grupo tienen mayor nivel de coincidencia, seguido por la coincidencia por negación (ej. reglas aplicadas a todos los procesos menos a uno), mientras que las coincidencias de menor nivel tiene coincidencias globales, ej. reglas que aplican a cualquier proceso. - + Prioritize rules based on their Specificity and Process Match Level Priorizar reglas basado en su especificidad y nivel de coincidencia - + Privacy Mode, block file and registry access to all locations except the generic system ones Modo privacidad, bloquea el acceso al registro y archivos a todas las ubicaciones exceptuando las genéricas del sistema - + Access Mode Modo de acceso - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Cuando el Modo Privacidad esta habilidato, los procesos en la sandbox podran solo leer C:\Windows\*, C:\Program Files\*, y partes del registro HKLM, todas las demas ubicaciones necesitan acceso explicito para poder ser leidas y/o escritas. En este modo, la Regla de Especificidad esta siempre habilitada. - + Rule Policies Políticas de reglas @@ -8097,12 +8097,12 @@ El proceso de nivel de coincidencia tiene mayor prioridad que la especificidad y Aplicar Cerrar... =! <program>,... aplica tambien a todos los archivos binarios ubicados en la sandbox. - + Apply File and Key Open directives only to binaries located outside the sandbox. Aplica a directivas de Archivo y Abrir solo sobre binarios ubicados fuera de la sandbox. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Iniciar en sandbox RpcSs como un proceso de SISTEMA (no recomendado) @@ -8111,23 +8111,23 @@ El proceso de nivel de coincidencia tiene mayor prioridad que la especificidad y Acceso abierto a infraestructura COM (no recomendado) - + Drop critical privileges from processes running with a SYSTEM token Rebajar privilegios criticos de procesos ejecutandose con autentificación de SISTEMA - - + + (Security Critical) (Crítico para la seguridad) - + Protect sandboxed SYSTEM processes from unprivileged processes Protejer procesos de SISTEMA en la sandbox de procesos no privilegiados - + Program Control Control de Programa @@ -8170,22 +8170,22 @@ El proceso de nivel de coincidencia tiene mayor prioridad que la especificidad y Rastreo de llamadas API (requiere logapi estar instalado en el directorio de sbie) - + Log all SetError's to Trace log (creates a lot of output) Registrar todos los SetErrors al Log de Rastreo (crea mucha salida de datos) - + File Trace Rastreo de archivo - + Pipe Trace Rastreo Pipe - + Access Tracing Rastreo de acceso @@ -8194,12 +8194,12 @@ El proceso de nivel de coincidencia tiene mayor prioridad que la especificidad y <- para esta lo de arriba no aplica - + Log Debug Output to the Trace Log Registrar salida de depuración al log de Rastreo - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8222,42 +8222,42 @@ en cambio de "*". Rastreo Ntdll syscall (crea mucha información de salida) - + Debug Depuracion - + WARNING, these options can disable core security guarantees and break sandbox security!!! ADVERTENCIA, estas opciones pueden deshabilitar garantias de seguridad de nucleo y romper la seguridad de la sandbox!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Estas opciones son para depurar problemas de compatibilidad, por favor no las use en produccion. - + App Templates Plantillas de Aplicacion - + Filter Categories Filtros de Categorias - + Text Filter Filtro de Texto - + Category Categoria - + This list contains a large amount of sandbox compatibility enhancing templates Esta lista contiene gran cantidad de plantillas para mejorar la compatibilidad de la sandbox @@ -8312,106 +8312,106 @@ en cambio de "*". Aislamiento de acceso - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. Cuando la tecla de acceso rápido global se presione 3 veces en rápida sucesión, esta excepción será ignorada. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Excluir esta sandbox de ser finalizada cuando se invoque "Terminar Todos los Procesos". - + Image Protection Protección de Imagen - + Issue message 1305 when a program tries to load a sandboxed dll Emitir el mensaje 1305 cuando un programa intenta cargar una dll en un entorno aislado - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Evitar que los programas de sandbox instalados en el host carguen DLLs desde esta sandbox - + Dlls && Extensions DLLs y Extensiones - + Description Descripción - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Las reglas de acceso a recursos de Sandboxie a menudo discriminan contra los binarios de programas ubicados dentro de la sandbox. OpenFilePath y OpenKeyPath funcionan solo para binarios de aplicaciones ubicadas de manera nativa en el ordenador. Para definir una regla sin esta restricción, se debe usar OpenPipePath o OpenConfPath. De igual manera, todas las directivas Closed(File|Key|Ipc)Path que se definen por negación, por ejemplo, 'ClosedFilePath=! iexplore.exe,C:Users*' siempre estarán cerradas para binarios ubicados dentro de una sandbox. Ambas políticas de restricción pueden ser desactivadas en la página de "Políticas de acceso". Esto se hace para evitar que procesos maliciosos dentro de la sandbox creen una copia renombrada de sí mismos y accedan a recursos protegidos. Otro vector de explotación es la inyección de una biblioteca en un proceso autorizado para obtener acceso a todo lo que se le permite acceder. Utilizando la Protección de Imagen del Host, esto puede prevenirse bloqueando a las aplicaciones (instaladas en el host) que se ejecuten dentro de una sandbox y que carguen bibliotecas desde la propia sandbox. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. La funcionalidad de Sandboxie puede mejorarse mediante el uso de DLLs opcionales que pueden cargarse en cada proceso confinado en uns sandbox al iniciarse por el archivo SbieDll.dll. El administrador de extensiones en la configuración global ofrece un par de extensiones útiles; una vez instaladas, pueden activarse aquí para el sandbox actual. - + Other isolation Otro aislamiento - + Privilege isolation Aislamiento de privilegios - + Sandboxie token Token de Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Usar un Token personalizado de Sandboxie permite aislar mejor las sandboxes unas de otras, y muestra en la columna del usuario de los administradores de tareas el nombre de la caja a la que pertenece un proceso. Sin embargo, algunas soluciones de seguridad de terceros pueden tener problemas con tokens personalizados. - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Ud. puede agrupar programas juntos y darles un nombre de grupo. Grupos de programa pueden ser usados con algunas de las configuraciones en lugar de nombres de programas. Grupos definidos para la sandbox sobreescribe grupos definidos en plantillas/templates. - + Force Programs Forzar Programas - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programas ingresados aqui, o programas iniciados en las ubicaciones ingresadas, seran puestan en esta sandbox automaticamente, a menos que sean iniciadas especificamente en otra sandbox. - + Disable forced Process and Folder for this sandbox Desactivar el proceso forzado y la carpeta para esta sandbox - + Breakout Programs Programas Emergentes - + Breakout Program Programa Emergente - + Breakout Folder Carpeta Emergente @@ -8465,178 +8465,178 @@ Esto se hace para evitar que procesos maliciosos dentro de la sandbox creen una - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>AVISO DE SEGURIDAD</font>:</b> Usar <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> y/o <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> en combinación con las directivas Open[File/Pipe]Path puede comprometer la seguridad. Por favor, revise la sección de seguridad para cada opción en la documentación antes de su uso. - + Lingering Programs Programas persistentes - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Los programas persistentes se terminarán automáticamente si todavía están en ejecución después de que todos los demás procesos se hayan terminado. - + Leader Programs Programas Líder - + If leader processes are defined, all others are treated as lingering processes. Si se definen procesos líder, todos los demás se tratan como procesos rezagados. - + Stop Options Opciones de Detención - + Use Linger Leniency Usar Indulgencia Persistente - + Don't stop lingering processes with windows No detener procesos persistentes con ventanas - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. Este ajuste puede ser usado para evitar que se ejecuten programas en la sandbox sin el consentimiento del usuario o su conocimiento. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. Mostrar una advertencia emergente antes de iniciar un proceso en la sandbox proveniente de una fuente externa - + Files Archivos - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configure qué procesos pueden acceder a Archivos, Carpetas y Tuberías (Pipes). El acceso 'Abrir' solo se aplica a los binarios de programas ubicados fuera de la sandbox, puedes utilizar 'Abrir para Todos' en su lugar para hacer que se aplique a todos los programas, o cambiar este comportamiento en la pestaña de Políticas. - + Registry Registro - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configure qué procesos pueden acceder al Registro. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Configure qué procesos pueden acceder a objetos IPC de NT como puertos ALPC y la memoria y el contexto de otros procesos. Para especificar un proceso, utiliza '$:program.exe' como ruta. - + Wnd Wnd - + Wnd Class Clase Wnd - + COM COM - + Class Id ID de Clase - + Configure which processes can access COM objects. Configura qué procesos pueden acceder a objetos COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) No usa COM virtualizado, Abrir acceso a la infraestructura COM del ordenador (no recomendado) - + Access Policies Políticas de Acceso - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Aplicar Cerrar...=!<program>,... reglas también a todos los archivos ejecutables localizados en la sandbox. - + Network Options Opciones de Red - + Set network/internet access for unlisted processes: Setear acceso a red/internet para procesos sin listar: - + Test Rules, Program: Reglas de testeo, Programas: - + Port: Puerto: - + IP: IP: - + Protocol: Protocolo: - + X X - + Add Rule Agregar Regla - - + + Action Acción @@ -8786,17 +8786,17 @@ Para especificar un proceso, utiliza '$:program.exe' como ruta.Evitar que los procesos aislados usen métodos públicos de captura de imágenes de ventanas - + Advanced Security Seguridad Avanzada - + Use a Sandboxie login instead of an anonymous token Usar un inicio de sesión Sandboxie en vez de un token anónimo - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Los programas introducidos aquí podrán salir de esta sandbox cuando se inicien. También es posible capturarlos en otra sandbox, por ejemplo, para que tu navegador web siempre se abra en una caja dedicado. @@ -8805,75 +8805,75 @@ Para especificar un proceso, utiliza '$:program.exe' como ruta.<b><font color='red'>ADVERTENCIA DE SEGURIDAD</font>:</b> Usar <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> y/o <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> en combinación con directivas Open[File/Pipe]Path puede comprometer la seguridad, como también lo puede hacer el uso de <a href="sbie://docs/breakoutdocument">BreakoutDocument</a> permitiendo cualquier extensión * o insegura (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1; etc...). Por favor, revise la sección de seguridad para cada opción en la documentación antes de usarla. - + Configure which processes can access Desktop objects like Windows and alike. Configura qué procesos pueden acceder objetos de Escritorio como Windows y semejantes. - - + + Port Puerto - - - + + + IP IP - + Protocol Protocolo - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. Precaución: Plataforma de Filtrado de Windows no esta habilitada con el controlador, por lo tanto estas reglas seran aplicadas solo en modo usuario y no pueden ser reforzadas!!! Esto significa que aplicaciones maliciosas pueden saltearlas. - + Other Options Otras Opciones - + Port Blocking Bloqueo de Puerto - + Block common SAMBA ports Bloquear puertos SAMBA comunes - + Block DNS, UDP port 53 Bloquear DNS, UDP puerto 53 - + Quick Recovery Recuperación Rápida - + Immediate Recovery Recuperación Inmediata - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Habilitar que Recuperación Inmediata pueda recuperar archivos tan rapido como son creados. - + Various Options Varias opciones - + Emulate sandboxed window station for all processes Emular ventanas de sandbox para todos los procesos @@ -8882,13 +8882,13 @@ Para especificar un proceso, utiliza '$:program.exe' como ruta.COM/RPC - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Permitir el uso de objetos de trabajos anidados (experimental, funciona en Windows 8 y posterior) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Deshabilitar el uso de RpcMgmtSetComTimeout por defecto (esto puede resolver temas de compatibilidad) @@ -8947,46 +8947,46 @@ Para especificar un proceso, utiliza '$:program.exe' como ruta.Aislamiento de Acceso - + Triggers Disparadores - + This command will be run before the box content will be deleted Este comando se ejecutará antes de que el contenido de la caja sea borrado - + Event Evento - - - - + + + + Run Command Ejecutar Comando - + Start Service Iniciar Servicio - + These events are executed each time a box is started Estos eventos son excluidos acada vez que la caja es iniciada - + On Box Start Al inicio de la caja - - + + These commands are run UNBOXED just before the box content is deleted Estos comandos son ejecutados fuera de la Sandbox justo despues de que el contenido de la caja es eliminado @@ -8995,27 +8995,27 @@ Para especificar un proceso, utiliza '$:program.exe' como ruta.Al eliminar la caja - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Estos comandos son ejecutados solo cuando la caja es inicializada. Para hacer que se ejecuten de nuevo, el contenido de la caja debe ser eliminado. - + On Box Init Al inicializar la caja - + On Box Terminate Al finalizar la caja - + Here you can specify actions to be executed automatically on various box events. Aqui puede especificar acciones a ser ejecutadas automaticamente en varios eventos de la caja. - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -9024,23 +9024,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Nota: Las configuraciones de Programas Forzados y Carpetas Forzadas para una sandbox no se aplican a cuentas de usuario que no pueden usar la sandbox. - + API call Trace (traces all SBIE hooks) Rastreo de llamadas API (rastrea todos los ganchos de SBIE) - + Disable Resource Access Monitor Deshabilitar Monitor de Acceso a Recursos - + Resource Access Monitor Monitor de Acceso a Recursos - - + + Network Firewall Cortafuegos de Red @@ -9049,7 +9049,7 @@ Nota: Las configuraciones de Programas Forzados y Carpetas Forzadas para una san Plantillas/Templates de Compatibilidad - + Add Template Agregar Plantilla @@ -9058,12 +9058,12 @@ Nota: Las configuraciones de Programas Forzados y Carpetas Forzadas para una san Remover Plantilla - + Template Folders Plantillas de Carpetas - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -9072,23 +9072,23 @@ Please note that this values are currently user specific and saved globally for Por favor note que estos valores son especificos para usuario y guardados globalmente para todas las cajas. - - + + Value Valor - + Accessibility Accesibilidad - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Para compensar la perdida de protección, por favor consulte configuración de "Soltar Permisos"en la pagina de seteo de Restricciones de grupo. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Lector de pantallas: JAWS, NVDA, Window-Eyes, Acceso a Sistema @@ -9098,32 +9098,32 @@ Por favor note que estos valores son especificos para usuario y guardados global Restricciones - + Apply ElevateCreateProcess Workaround (legacy behaviour) Aplicar solución alternativa para ElevateCreateProcess (comportamiento heredado) - + Use desktop object workaround for all processes Usar comportamiento alternativo de objetos de escritorio para todos los procesos - + On File Recovery Al Recuperar Archivo - + These commands are run UNBOXED after all processes in the sandbox have finished. Estos comandos son ejecutados SIN AISLAR después de que todos los procesos en esta sandbox hayan finalizado. - + Run File Checker Ejecutar Comprobador de Archivos - + On Delete Content Al Borrar Contenido @@ -9134,67 +9134,67 @@ Por favor note que estos valores son especificos para usuario y guardados global - + Process Proceso - + DNS Filter Filtro DNS - + Add Filter Añadir Filtro - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. Con el filtro DNS se pueden bloquear dominios individuales, por proceso. Deje la columna de IP vacía para bloquear o introduzca una IP a redireccionar. - + Domain Dominio - + Internet Proxy Proxy de Internet - + Add Proxy Añadir Proxy - + Test Proxy Probar Proxy - + Auth Autenticación - + Login Usuario - + Password Contraseña - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Los programas aislados pueden ser forzados a que usen un proxy SOCKS5 preestablecido. - + Resolve hostnames via proxy Resolver nombres de host vía proxy @@ -9203,18 +9203,18 @@ Por favor note que estos valores son especificos para usuario y guardados global Límites de proceso - + Limit restrictions Restricción de límites - - + + Leave it blank to disable the setting(Unit:KB) Dejar en blanco para deshabilitar (Unidad: KB) - + Leave it blank to disable the setting Dejar en blanco para deshabilitar @@ -9224,90 +9224,90 @@ Por favor note que estos valores son especificos para usuario y guardados global Límite de Número Total de Procesos: - + Total Processes Memory Limit: Límite de Memoria Total de Procesos: - + Single Process Memory Limit: Límite de Memoria de Proceso Individual: - + Add Option Añadir Opción - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Aquí puedes configurar opciones avanzadas por proceso para mejorar la compatibilidad y/o personalizar el comportamiento del aislamiento. - + Option Opción - + Don't allow sandboxed processes to see processes running outside any boxes No permitir que los procesos aislados vean procesos ejecutándose fuera de las cajas - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI Evitar que los procesos aislados accedan a los detalles del sistema mediante WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. Algunos programas leen detalles del sistema mediante WMI (una base de datos integrada de Windows) en vez de métodos normales. Por ejemplo, "tasklist.exe" podría obtener la lista completa de procesos incluso si "HideOtherBoxes" está abierto accediento por WMI. Habilita esta opción para detener estos comportamientos. - + DNS Request Logging Registro de peticiones DNS - + Syscall Trace (creates a lot of output) Rastreo de Syscall (crea una gran cantidad de salida) - + Templates Plantillas - + Open Template Abrir Plantilla - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. La configuración siguiente habilita el uso de Sandboxie en combinación con software de accesibilidad. Por favor note que algunas medidas de seguridad de Sandboxie se pierden cuando esta configuración esta activo. - + Edit ini Section Editar sección ini - + Edit ini Editar ini - + Cancel Cancelar - + Save Guardar diff --git a/SandboxiePlus/SandMan/sandman_fr.ts b/SandboxiePlus/SandMan/sandman_fr.ts index 37d0a112..210fb011 100644 --- a/SandboxiePlus/SandMan/sandman_fr.ts +++ b/SandboxiePlus/SandMan/sandman_fr.ts @@ -7487,8 +7487,8 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch - - + + Protect the system from sandboxed processes Protège le système des processus du bac à sable @@ -7661,12 +7661,12 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Restrictions d'impression - + Network restrictions Restrictions de réseau - + Block network files and folders, unless specifically opened. Bloquer les fichiers et dossiers du réseau, sauf s'ils sont spécifiquement ouverts @@ -7686,18 +7686,18 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch - - - - - - - - - - - - + + + + + + + + + + + + Name Nom @@ -7714,28 +7714,28 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Supprimer @@ -7749,13 +7749,13 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Ici, vous pouvez spécifier les programmes ou les services qui doivent être lancés automatiquement dans le bac à sable lorsqu'il est activé - - - - - - - + + + + + + + Type Type @@ -7768,21 +7768,21 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Ajouter un service - + Program Groups Groupes de programmes - + Add Group Ajouter un groupe - - - - - + + + + + Add Program Ajouter un programme @@ -7791,42 +7791,42 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Programmes forcés - + Force Folder Ajouter un dossier - - - + + + Path Chemin - + Force Program Ajouter un programme - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Afficher les modèles @@ -7880,7 +7880,7 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Ouvrir l'accès au magasin d'identifiants Windows (mode utilisateur) - + Prevent change to network and firewall parameters (user mode) Empêcher les modifications des paramètres réseaux et règles du pare-feu (mode utilisateur) @@ -7900,7 +7900,7 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Isolation de sécurité - + Advanced Security Adcanced Security Sécurité avancée @@ -7910,54 +7910,54 @@ Idéal s'il y a un grand nombre de petits fichiers, cela rendra l'arch Utiliser un identifiant de Sandboxie au lieu d'un jeton anonyme (expérimental) - + Other isolation Autres isolations - + Privilege isolation Isolation des privilèges - + Sandboxie token Jeton de Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. L'utilisation d'un jeton de Sandboxie personnalisé permet de mieux isoler les bacs à sable individuels, et d'afficher dans la colonne Utilisateurs des gestionnaires des tâches le nom du bac dans lequel un processus s'exécute. Certaines solutions de sécurité tierces peuvent cependant avoir des problèmes avec les jetons personnalisés. - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Vous pouvez regrouper des programmes ensemble et leur donner un nom de groupe. Les groupes de programmes peuvent être utilisés avec certains des paramètres à la place des noms de programmes. Les groupes définis pour le bac remplacent les groupes définis dans les modèles. - + Force Programs Programmes forcés - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Les programmes saisis ici, ou les programmes lancés à partir des emplacements saisis, seront placés dans ce bac à sable automatiquement, à moins qu'ils ne soient explicitement lancés dans un autre bac à sable. - + Breakout Programs Programmes d'évasion - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Les programmes saisis ici seront autorisés à s'évader de ce bac lors de leur démarrage, de sorte que vous puissiez les capturer dans un autre bac, par exemple pour que votre navigateur web s'ouvre toujours dans un bac dédié. Cette fonction nécessite qu'un certificat d'adhérent valide soit installé. - - + + Stop Behaviour Comportement d'arrêt @@ -7982,12 +7982,12 @@ If leader processes are defined, all others are treated as lingering processes.< Si des processus directeurs sont définis, tous les autres sont traités comme des processus persistants. - + Start Restrictions Restrictions de démarrage - + Issue message 1308 when a program fails to start Émettre un message 1308 lorsqu'un programme échoue à démarrer @@ -8016,37 +8016,37 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d Restrictions réseau - + Process Restrictions Restrictions de processus - + Issue message 1307 when a program is denied internet access Émettre un message 1307 lorsqu'un programme se voit refuser l'accès à Internet - + Prompt user whether to allow an exemption from the blockade. Demander à l'utilisateur s'il doit autoriser une exemption du blocus - + Note: Programs installed to this sandbox won't be able to access the internet at all. Remarque : Les programmes installés dans ce bac à sable ne pourront pas accéder à Internet du tout. - - - - - - + + + + + + Access Accès - + Set network/internet access for unlisted processes: Définir l'accès réseau/Internet pour les processus non listés : @@ -8055,46 +8055,46 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d Restrictions réseau - + Test Rules, Program: Règles de test ; Programme : - + Port: Port : - + IP: IP : - + Protocol: Protocole : - + X X - + Add Rule Ajouter une règle - - - - - - - - - + + + + + + + + + Program Programme @@ -8103,13 +8103,13 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d Restrictions diverses - + Breakout Program Normalement « Programme d'évasion » Ajouter un programme - + Breakout Folder Normalement « Dossier d'évasion » Ajouter un dossier @@ -8197,7 +8197,7 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d Autoriser les processus Windows utiles à accéder aux processus protégés - + Use a Sandboxie login instead of an anonymous token Utiliser un identifiant de Sandboxie au lieu d'un jeton anonyme @@ -8206,95 +8206,95 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d <b><font color='red'>AVERTISSEMENT DE SÉCURITÉ</font> :</b> L'utilisation de <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> et/ou <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> en combinaison avec des directives Open[File/Pipe]Path peut compromettre la sécurité, de même que l'utilisation de <a href="sbie://docs/breakoutdocument">BreakoutDocument</a> autorisant tout (*) ou autorisant des extensions potentiellement non fiables (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1 ; etc…). Veuillez consulter la section de sécurité de chaque option dans la documentation avant utilisation. - + Lingering Programs Programmes persistants - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Les programmes persistants seront automatiquement arrêtés s'ils sont toujours actifs après que tous les autres processus ont été arrêtés. - + Leader Programs Programmes chefs - + If leader processes are defined, all others are treated as lingering processes. Si des processus chefs sont définis, tous les autres sont traités comme des processus persistants. - + Stop Options Options d'arrêt - + Use Linger Leniency Être clément envers les programmes persistants - + Don't stop lingering processes with windows Ne pas arrêter les processus persistants en même temps que les fenêtres - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. Ce paramètre peut être utilisé pour empêcher les programmes de s'exécuter dans le bac à sable sans la connaissance ou le consentement de l'utilisateur. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. Afficher une fenêtre surgissante d'avertissement avant de démarrer un processus dans le bac à sable depuis une source externe - + Files Fichiers - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configure quels processus peuvent accéder aux fichiers, dossiers et Pipes (« | »). L'accès « Autorisé » s'applique uniquement aux binaires des programmes situés en dehors du bac à sable, vous pouvez utiliser « Autorisé pour tous » à la place pour l'appliquer à tous les programmes, ou modifier ce comportement dans l'onglet Politiques. - + Registry Registre - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configure quels processus peuvent accéder au registre. L'accès « Autorisé » s'applique uniquement aux binaires des programmes situés en dehors du bac à sable, vous pouvez utiliser « Autorisé pour tous » à la place pour l'appliquer à tous les programmes, ou modifier ce comportement dans l'onglet Politiques. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Configure quels processus peuvent accéder aux objets NT IPC comme les ports ALPC et le contexte et la mémoire des autres processus. Pour définir un processus, utiliser « $:programme.exe » comme chemin. - + Wnd Wnd - + Wnd Class Classe Wnd @@ -8304,73 +8304,73 @@ Pour définir un processus, utiliser « $:programme.exe » comme chemin.Configure quels processus peuvent accéder aux objets de bureau tels que les fenêtres et similaires. - + COM COM - + Class Id Id de classe - + Configure which processes can access COM objects. Configure quels processus peuvent accéder aux objets COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Ne pas utiliser de COM virtualisé ; ouvrir l'accès à l'infrastructure COM de l'hôte (non recommandé) - + Access Policies Politiques d'accès - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Appliquer les règles « Close...=!<program>,... » également à tous les binaires situés dans le bac à sable - + Network Options Options de réseau - - + + Action Action - - + + Port Port - - - + + + IP IP - + Protocol Protocole - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. ATTENTION : La plateforme de filtrage Windows n'est pas activée avec le pilote, par conséquent ces règles seront exécutées uniquement en mode utilisateur et ne pourront pas être imposées !!! Cela signifie que les applications malveillantes peuvent les contourner. - + Resource Access Accès aux ressources @@ -8387,39 +8387,39 @@ L'accès « Autorisé » aux fichiers et aux clés ne s'applique qu&ap Pour l'accès aux fichiers, vous pouvez utiliser « Autorisé pour tous » pour qu'il s'applique à tous les programmes. - + Add File/Folder Ajouter un fichier ou un dossier - + Add Wnd Class Ajouter une classe Wnd - + Move Down Descendre - + Add IPC Path Ajouter un chemin IPC - + Add Reg Key Ajouter une clé de registre - + Add COM Object Ajouter un objet COM - + Move Up Monter @@ -8436,57 +8436,57 @@ Pour l'accès aux fichiers, vous pouvez utiliser « Toujours direct » pour Appliquer ferme les directives de...=!<programme>,... ainsi que tous les binaires situés dans le bac à sable. - + File Recovery Récupération de fichiers - + Add Folder Ajouter un dossier - + Ignore Extension Ignorer une extension - + Ignore Folder Ignorer un dossier - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Activer l'invite de récupération immédiate pour pouvoir récupérer les fichiers dès leur création - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Vous pouvez exclure des dossiers, des types de fichiers, ou des extensions de fichiers de la récupération immédiate. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Lorsque la fonction de récupération rapide est invoquée, les dossiers suivants sont contrôlés pour vérifier la présence de contenu dans le bac à sable. - + Advanced Options Options avancées - + Miscellaneous Divers - + Don't alter window class names created by sandboxed programs Ne pas modifier les noms des classes de fenêtres créées par des programmes en bac à sable - + Do not start sandboxed services using a system token (recommended) Ne pas démarrer les services en bac à sable en utilisant un jeton système (recommandé) @@ -8494,26 +8494,26 @@ Pour l'accès aux fichiers, vous pouvez utiliser « Toujours direct » pour - - - - + + + + Protect the sandbox integrity itself Protège la propre intégrité du bac à sable - + Drop critical privileges from processes running with a SYSTEM token Abandonner les privilèges critiques des processus tournant avec un jeton SYSTÈME - - + + (Security Critical) (Sécurité critique) - + Protect sandboxed SYSTEM processes from unprivileged processes Protéger les processus SYSTÈME du bac à sable des processus non privilégiés @@ -8522,12 +8522,12 @@ Pour l'accès aux fichiers, vous pouvez utiliser « Toujours direct » pour Isolation du bac à sable - + Force usage of custom dummy Manifest files (legacy behaviour) Forcer l'utilisation de fichiers Manifest factices personnalisés (ancien comportement) - + Program Control Contrôle des programmes @@ -8540,34 +8540,34 @@ Pour l'accès aux fichiers, vous pouvez utiliser « Toujours direct » pour Politiques d'accès aux ressources - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. La spécificité de la règle est une mesure de l'efficacité avec laquelle une règle donnée correspond à un chemin d'accès particulier. En d'autres termes, la spécificité est la longueur en caractère depuis le début du chemin d'accès jusqu'à la dernière sous-chaîne non générique (wildcard) correspondante. Une règle qui ne correspondrait qu'à des types de fichiers tels que "*.tmp" aurait la spécificité la plus élevée, car elle correspondrait toujours à l'intégralité du chemin d'accès au fichier. Le niveau de correspondance du processus a une priorité plus élevée que la spécificité et décrit comment une règle s'applique à un processus donné. Les règles s'appliquant par nom ou groupe de processus ont le niveau de correspondance le plus fort, suivi par la correspondance par négation (c'est-à-dire les règles s'appliquant à tous les processus sauf celui donné), tandis que les niveaux de correspondance les plus bas sont des correspondances globales, c'est-à-dire des règles qui s'appliquent à n'importe quel processus. - + Prioritize rules based on their Specificity and Process Match Level Hiérarchiser les règles en fonction de leur spécificité et du niveau de correspondance des processus - + Privacy Mode, block file and registry access to all locations except the generic system ones Mode confidentialité ; bloquer tous les accès aux emplacements de fichiers et de registre à l'exception des génériques du système - + Access Mode Mode d'accès - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Lorsque le mode Confidentialité est activé, les processus du bac à sable ne peuvent lire que C:\Windows\*, C:\Program Files\* et certaines parties du registre HKLM. Tous les autres emplacements nécessitent un accès explicite pour pouvoir être lus et/ou écrits. Dans ce mode, la spécificité des règles est toujours activée. - + Rule Policies Politiques des règles @@ -8576,23 +8576,23 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp Appliquer également les directives Close...=!<program>,... à tous les binaires situés dans le bac à sable. - + Apply File and Key Open directives only to binaries located outside the sandbox. Appliquer les directives « Autorisé » concernant les fichiers et les clés seulement aux binaires situés en dehors du bac à sable - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Démarrer le RpcSs du bac à sable en tant que processus SYSTÈME (non recommandé) - + Allow only privileged processes to access the Service Control Manager Autoriser uniquement les processus privilégiés à accéder au gestionnaire des services - - + + Compatibility Compatibilité @@ -8610,7 +8610,7 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp Isolation COM - + Emulate sandboxed window station for all processes Émuler une Station Windows en bac à sable pour tous les processus @@ -8619,13 +8619,13 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp COM/RPC - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Autoriser l'utilisation d'objets de travail imbriqués (fonctionne sur Windows 8 et plus) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Désactiver l'utilisation de RpcMgmtSetComTimeout par défaut (cela peut résoudre des problèmes de compatibilité) @@ -8704,41 +8704,41 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp Ici, vous pouvez spécifier une liste de commandes qui sont exécutées chaque fois que le bac à sable est initialement rempli. - + Triggers Déclencheurs - + Event Évènements - - - - + + + + Run Command Lancer une commande - + Start Service Démarrer un service - + These events are executed each time a box is started Ces évènements sont exécutés à chaque fois qu'un bac à sable est démarré. - + On Box Start Au démarrage du bac - - + + These commands are run UNBOXED just before the box content is deleted Ces commandes sont lancées EN DEHORS DU BAC juste avant que le contenu du bac soit supprimé. @@ -8747,52 +8747,52 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp À la suppression - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Ces commandes sont exécutées lorsqu'un bac à sable est initialisé. Pour les lancer à nouveau, le contenu du bac doit être supprimé. - + On Box Init À l'initialisation du bac - + Here you can specify actions to be executed automatically on various box events. Vous pouvez spécifier ici des actions à exécuter automatiquement lors de divers évènements. - + Hide Processes Masquage des processus - + Add Process Ajouter un processus - + Hide host processes from processes running in the sandbox. Masquer les processus de l'hôte des processus s'exécutant dans le bac à sable. - + Don't allow sandboxed processes to see processes running in other boxes Ne pas permettre aux processus en bac à sable de voir les processus en cours d'exécution dans d'autres bacs - + Users Utilisateurs - + Restrict Resource Access monitor to administrators only Restreindre le moniteur d'accès aux ressources aux administrateurs uniquement - + Add User Ajouter un utilisateur @@ -8801,7 +8801,7 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp Supprimer l'utilisateur - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8810,7 +8810,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Remarque : Les paramètres Programmes forcés et Dossiers forcés d'un bac à sable ne s'appliquent pas aux comptes utilisateurs qui ne peuvent pas utiliser le bac. - + Tracing Traçage @@ -8820,22 +8820,22 @@ Remarque : Les paramètres Programmes forcés et Dossiers forcés d'un bac Tracer les appels API (nécessite que LogAPI soit installé dans le répertoire de Sandboxie) - + Pipe Trace Tracer les Pipes - + Log all SetError's to Trace log (creates a lot of output) Enregistrer toutes les SetError dans le journal de traçage (crée beaucoup de sorties) - + Log Debug Output to the Trace Log Enregistrer la sortie de débogage dans le journal de traçage - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8858,42 +8858,42 @@ au lieu de « * ». Tracer les appels système Ntdll (crée beaucoup de sorties) - + File Trace Tracer les fichiers - + Disable Resource Access Monitor Désactiver le moniteur d'accès aux ressources - + IPC Trace Tracer IPC - + GUI Trace Tracer l'interface graphique - + Resource Access Monitor Moniteur d'accès aux ressources - + Access Tracing Traçage des accès - + COM Class Trace Tracer les classes COM - + Key Trace Tracer les clés @@ -8936,84 +8936,84 @@ au lieu de « * ». Objet de travail - - + + Network Firewall Pare-feu réseau - + DNS Filter Filtres DNS - + Add Filter Ajouter un filtre - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. Avec les filtres DNS, des domaines individuels peuvent être bloqués, processus par processus. Laissez la colonne IP vide pour bloquer, ou saisissez une IP pour rediriger. - + Domain Domaine - + Internet Proxy Mandataire Internet - + Add Proxy Ajouter un mandataire - + Test Proxy Tester le mandataire - + Auth Authentification - + Login Identifiant - + Password Mot de passe - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Les programmes dans un bac à sable peuvent être forcés à utiliser un mandataire SOCKS 5 prédéfini. - + Resolve hostnames via proxy Résoudre les noms d'hôtes via mandataire - + Limit restrictions Limites des restrictions - - + + Leave it blank to disable the setting(Unit:KB) Laisser vide pour désactiver le paramètre (Unité : Ko) - + Leave it blank to disable the setting Laisser vide pour désactiver le paramètre @@ -9023,59 +9023,59 @@ au lieu de « * ». Limite du nombre de processus au total : - + Total Processes Memory Limit: Limite de mémoire de tous les processus : - + Single Process Memory Limit: Limite de mémoire d'un processus unique : - + These commands are run UNBOXED after all processes in the sandbox have finished. Ces commandes s'exécutent EN DEHORS DU BAC après que tous les processus dans le bac à sable se soient arrêtés. - + Don't allow sandboxed processes to see processes running outside any boxes Ne pas autoriser les processus dans un bac à sable à voir les processus qui s'exécutent en dehors de tout bac - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI Empêcher les processus dans un bac à sable d'accéder aux détails du système en se servant de WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. Certains programmes lisent les détails du système en se servant de WMI (une base de données incluse avec Windows) au lieu d'utiliser des méthodes normales. Par exemple, en accédant à WMI, « tasklist.exe » pourrait obtenir la liste complète des processus même si « Masquer les propres processus de Sandboxie de la liste des tâches » est activé. Activez cette option pour empêcher ce comportement. - + API call Trace (traces all SBIE hooks) Tracer les appels API (trace tous les crochets SBIE) - + Debug Débogage - + WARNING, these options can disable core security guarantees and break sandbox security!!! ATTENTION, ces options peuvent désactiver les garanties de sécurité de base et briser la sécurité du bac à sable !!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Ces options sont destinées à déboguer les problèmes de compatibilité, veuillez ne pas les utiliser en production. - + App Templates Modèles d'applications @@ -9084,22 +9084,22 @@ au lieu de « * ». Modèles de compatibilité - + Filter Categories Filtre de catégorie : - + Text Filter Filtre de texte : - + Add Template Ajouter un modèle - + This list contains a large amount of sandbox compatibility enhancing templates Cette liste contient un grand nombre de modèles améliorant la compatibilité du bac à sable. @@ -9108,17 +9108,17 @@ au lieu de « * ». Supprimer le modèle - + Category Catégorie - + Template Folders Dossiers des modèles - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -9127,23 +9127,23 @@ Please note that this values are currently user specific and saved globally for Veuillez noter que ces valeurs sont actuellement spécifiques à l'utilisateur et enregistrées globalement pour tous les bacs. - - + + Value Valeur - + Accessibility Accessibilité - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Pour compenser la perte de protection, veuillez consulter la page d'Abandon des droits dans le groupe de paramètres Restrictions. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Lecteurs d'écran : JAWS, NVDA, Window-Eyes, System Access @@ -9235,46 +9235,46 @@ Veuillez noter que ces valeurs sont actuellement spécifiques à l'utilisat Isolation d'accès - + Image Protection Protection d'image - + Issue message 1305 when a program tries to load a sandboxed dll Émettre un message 1305 lorsqu'un programme essaye de charger une DLL dans un bac à sable - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Empêcher les programmes dans un bac à sable installé sur l'hôte de charger des DLL depuis le bac à sable - + Dlls && Extensions DLL && extensions - + Description Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Les règles d'accès aux ressources de Sandboxie discriminent souvent les binaires des programmes situés dans le bac à sable. OpenFilePath et OpenKeyPath fonctionnent uniquement pour les binaires des applications situées nativement sur l'hôte. Afin de définir une règle sans cette restriction, OpenPipePath et OpenConfPath doivent être utilisés. De même, toutes les directives Closed(File|Key|Ipc)Path qui sont définies par une négation (par exemple « ClosedFilePath=! iexplore.exe,C:Users* ») seront toujours fermées aux binaires situés dans un bac à sable. Les deux politiques de restriction peuvent être désactivées sur la page « Politiques d'accès ». Ceci est fait pour empêcher les processus malveillants à l'intérieur du bac à sable de créer une copie renommée d'eux-mêmes et d'accéder aux ressources protégées. Un autre vecteur d'exploit est l'injection d'une bibliothèque dans un processus autorisé afin d'accéder à tout ce qu'il est autorisé d'accéder. En utilisant la Protection d'Image de l'Hôte, cela peut être empêché en bloquant les applications (installées sur l'hôte) lancées dans un bac à sable de charger des bibliothèques depuis le bac à sable lui-même. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Les fonctions de Sandboxie peuvent être améliorées en utilisant des DLL optionnels qui peuvent être chargés dans chaque processus dans un bac à sable lors de leur démarrage par SbieDll.dll. Le gestionnaire de modules dans les paramètres généraux offre quelques extensions utiles ; une fois installées, celles-ci peuvent être activées ici pour le bac à sable actuel. - + Disable forced Process and Folder for this sandbox Désactiver les processus et les dossiers forcés pour ce bac à sable @@ -9284,22 +9284,22 @@ Ceci est fait pour empêcher les processus malveillants à l'intérieur du Empêcher les processus dans un bac à sable d'utiliser des méthodes publiques afin de capturer des images de la fenêtre - + Configure which processes can access Desktop objects like Windows and alike. Configure quels processus peuvent accéder aux objets de bureau tels que les fenêtres et similaires. - + Other Options Autres options - + Port Blocking Blocage des ports - + Block common SAMBA ports Bloquer les ports SAMBA habituels @@ -9309,47 +9309,47 @@ Ceci est fait pour empêcher les processus malveillants à l'intérieur du Seuls les comptes d'utilisateur administrateur peuvent apporter des modifications à ce bac à sable - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>AVERTISSEMENT DE SÉCURITÉ</font>:</b> L'utilisation de <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> et/ou <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> en combinaison avec des directives Open[File/Pipe]Path peut compromettre la sécurité. Veuillez consulter la section de sécurité de chaque option dans la documentation avant utilisation. - + Block DNS, UDP port 53 Bloquer le DNS (port UDP 53) - + Quick Recovery Récupération rapide - + Immediate Recovery Récupération immédiate - + Various Options Options diverses - + Apply ElevateCreateProcess Workaround (legacy behaviour) Appliquer le palliatif ElevateCreateProcess (ancien comportement) - + Use desktop object workaround for all processes Utiliser le palliatif d'objet de bureau pour tous les processus - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. Lorsque le raccourci général est utilisé 3 fois rapidement et successivement, cette exception sera ignorée. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Empêcher ce bac à sable d'être arrêté lorsque « Arrêter tous les processus » est invoqué. @@ -9358,33 +9358,33 @@ Ceci est fait pour empêcher les processus malveillants à l'intérieur du Cette commande s'exécute après que tous les processus dans le bac à sable se soient arrêtés. - + On Box Terminate Lors de l'arrêt du bac - + This command will be run before the box content will be deleted Cette commande sera exécutée avant que le contenu du bac ne soit supprimé. - + On File Recovery Lors de la récupération de fichiers - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Cette commande sera exécutée avant qu'un fichier ne soit récupéré et le chemin du fichier sera transmis en tant que premier argument ; si cette commande retourne autre chose que « 0 », la récupération sera bloquée. - + Run File Checker Exécuter la vérification de fichiers - + On Delete Content Lors de la suppression de contenu @@ -9395,7 +9395,7 @@ Ceci est fait pour empêcher les processus malveillants à l'intérieur du - + Process Processus @@ -9404,63 +9404,63 @@ Ceci est fait pour empêcher les processus malveillants à l'intérieur du Bloquer également l'accès en lecture des processus de ce bac à sable - + Add Option Ajouter une option - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Ici vous pouvez configurer des options en fonction des processus, pour améliorer la compatibilité et/ou personnaliser le comportement de mise en bac à sable. - + Option Option - + DNS Request Logging Dns Request Logging Enregistrer les requêtes DNS dans le journal - + Syscall Trace (creates a lot of output) Tracer les appels système (crée beaucoup de sorties) - + Templates Modèles - + Open Template Ouvrir le modèle - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Les paramètres suivants permettent l'utilisation de Sandboxie en combinaison avec un logiciel d'accessibilité. Veuillez noter que certaines mesures de protection de Sandboxie sont nécessairement perdues lorsque ces paramètres sont en vigueur. - + Edit ini Section Édition de la section ini - + Edit ini Éditer l'ini - + Cancel Annuler - + Save Enregistrer diff --git a/SandboxiePlus/SandMan/sandman_hu.ts b/SandboxiePlus/SandMan/sandman_hu.ts index 69b2fba0..2298d16a 100644 --- a/SandboxiePlus/SandMan/sandman_hu.ts +++ b/SandboxiePlus/SandMan/sandman_hu.ts @@ -6945,8 +6945,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes A rendszer védelme a homokozóban futó folyamatoktól @@ -7083,12 +7083,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Nyomtatási korlátozások - + Network restrictions Hálózati korlátozások - + Block network files and folders, unless specifically opened. Hálózati fájlok és mappák blokkolása, hacsak nincs külön megnyitva. @@ -7104,18 +7104,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Név @@ -7132,98 +7132,98 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Eltávolítás - - - - - - - + + + + + + + Type Típus - + Program Groups Programcsoportok - + Add Group Csoport hozzáadása - - - - - + + + + + Add Program Program hozzáadása - + Force Folder Mappa kényszerítése - - - + + + Path Útvonal - + Force Program Program kényszerítése - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Sablonok megjelenítése @@ -7298,7 +7298,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Nyissa meg a Windows hitelesítő adatok áruházát (felhasználói mód) - + Prevent change to network and firewall parameters (user mode) A hálózati és tűzfalparaméterek módosításának megakadályozása (felhasználói mód) @@ -7339,33 +7339,33 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Use a Sandboxie login instead of an anonymous token - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Csoportosíthatja a programokat, és csoportnevet adhat nekik. A programcsoportok a programnevek helyett egyes beállításokkal használhatók. A homokozóhoz definiált csoportok felülírják a sablonokban meghatározott csoportokat. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Az ide beírt programok vagy a beírt helyekről indított programok automatikusan ebbe a homokozóba kerülnek, kivéve, ha ezeket kifejezetten egy másik homokozóban indítják el. - - + + Stop Behaviour Viselkedés leállítása - + Start Restrictions Korlátozások elindítása - + Issue message 1308 when a program fails to start 1308-as üzenet kiadása, ha a program nem indul el @@ -7390,37 +7390,37 @@ If you are a great patreaon supporter already, sandboxie can check online for an * Megjegyzés: az ebbe a homokozóba telepített programok egyáltalán nem indulnak el. - + Configure which processes can access Desktop objects like Windows and alike. - + Process Restrictions Folyamatkorlátozások - + Issue message 1307 when a program is denied internet access 1307-es üzenet kiadása, amikor egy programtól megtagadják az internet hozzáférést - + Prompt user whether to allow an exemption from the blockade. A felhasználó megkérdezése, hogy engedélyez-e felmentést a blokkolás alól. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Megjegyzés: az ebbe a homokozóba telepített programok egyáltalán nem fognak tudni hozzáférni az internethez. - - - - - - + + + + + + Access Hozzáférés @@ -7521,13 +7521,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Move Up Mozgatás felfelé - + Move Down Mozgatás lefelé @@ -7558,150 +7558,150 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Other Options - + Port Blocking - + Block common SAMBA ports - + Block DNS, UDP port 53 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection - + Issue message 1305 when a program tries to load a sandboxed dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Advanced Security Adcanced Security Speciális biztonság @@ -7711,47 +7711,47 @@ This is done to prevent rogue processes inside the sandbox from creating a renam Anonim token helyett Sandboxie bejelentkezést használjon (kísérleti) - + Other isolation Egyéb elszigeteltség - + Privilege isolation Privilegizált elszigeteltség - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Egyéni Sandboxie token használata lehetővé teszi az egyes sandboxok jobb elkülönítését egymástól, és a feladatkezelők felhasználói oszlopában megmutatja annak a homokozónak a nevét, amelyhez egy folyamat tartozik. Néhány harmadik féltől származó biztonsági megoldás azonban problémákat okozhat az egyéni tokenekkel. - + Program Control Programvezérlés - + Force Programs Programok kényszerítése - + Disable forced Process and Folder for this sandbox - + Breakout Programs Kitörési (Breakout) programok - + Breakout Program Kitörési (Breakout) Program - + Breakout Folder Kitörési (Breakout) mappa @@ -7787,91 +7787,91 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Az itt megadott programok induláskor kitörhetnek ebből a homokozóból. Lehetőség van arra is, hogy egy másik homokozóba rögzítse őket, például úgy, hogy a webböngészője mindig egy dedikált homokozóban nyíljon meg. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Lingering Programs Elhúzódó programok - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Az elhúzódó programok automatikusan leállnak, ha az összes többi folyamat leállítása után is futnak. - + Leader Programs Vezető programok - + If leader processes are defined, all others are treated as lingering processes. Ha a vezető folyamatok meg vannak határozva, az összes többi elhúzódó folyamatként kezelendő. - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files Fájlok - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Beállíthatja, hogy mely folyamatok férhetnek hozzá a fájlokhoz, mappákhoz és csövekhez. A 'Megnyitás' hozzáférés csak a sandboxon kívül található programbinárisokra vonatkozik. Ehelyett használhatja a 'Megnyitás mindenkinek' lehetőséget, hogy minden programra vonatkozzon, vagy módosítsa ezt a viselkedést a Házirendek lapon. - + Registry Registry - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Beállíthatja, hogy mely folyamatok férhetnek hozzá a rendszerleíró adatbázishoz. A 'Megnyitás' hozzáférés csak a sandboxon kívül található programbinárisokra vonatkozik Ehelyett használhatja a 'Megnyitás mindenkinek' lehetőséget, hogy minden programra vonatkozzon, vagy módosítsa ezt a viselkedést a Házirendek lapon. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Beállíthatja, hogy mely folyamatok férhetnek hozzá az NT IPC objektumokhoz, például az ALPC portokhoz és más folyamatok memóriájához és környezetéhez. A folyamat megadásához használja a '$:program.exe-t' útvonalként. - + Wnd Wnd - + Wnd Class Wnd osztály @@ -7881,132 +7881,132 @@ A folyamat megadásához használja a '$:program.exe-t' útvonalként. Beállíthatja, hogy mely folyamatok férhetnek hozzá az asztali objektumokhoz, például a Windowshoz és hasonlókhoz. - + COM COM - + Class Id Osztályazonosító - + Configure which processes can access COM objects. Beállíthatja, hogy mely folyamatok férhetnek hozzá a COM-objektumokhoz. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Ne használjon virtualizált COM-ot, nyílt hozzáférés a gazdagép COM-infrastruktúrájához (nem ajánlott) - + Access Policies Hozzáférési szabályzatok - + Network Options Hálózati beállítások - + Set network/internet access for unlisted processes: Hálózati ill. internet hozzáférés beállítása a nem jegyzett folyamatokhoz: - + Test Rules, Program: Szabályok, program tesztelése: - + Port: Port: - + IP: IP: - + Protocol: Protokoll: - + X X - + Add Rule Szabály hozzáadása - - - - - - - - - + + + + + + + + + Program Program - - + + Action Művelet - - + + Port Port - - - + + + IP IP - + Protocol Protokoll - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. FIGYELEM: A Windows szűrőplatform nincs engedélyezve az illesztőprogrammal, ezért ezeket a szabályokat csak felhasználói módban kell alkalmazni, és nem lehet érvényesíteni !!! Ez azt jelenti, hogy a rosszindulatú alkalmazások megkerülhetik őket. - + Resource Access Erőforrás hozzáférés - + Add File/Folder Fájl, mappa hozzáadása - + Add Wnd Class Ablak osztály hozzáadása - + Add IPC Path IPC útvonal hozzáadása @@ -8044,87 +8044,87 @@ A folyamat megadásához használja a '$:program.exe-t' útvonalként. Hozzáférés elkülönítés - + Sandboxie token Sandboxie token - + Add Reg Key Reg-kulcs hozzáadása - + Add COM Object COM objektum hozzáadása - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Alkalmazza a Bezárás...=!<program>,... szabályokat a homokozóban található összes bináris fájlra is. - + File Recovery Fájl helyreállítás - + Quick Recovery Gyors helyreállítás - + Add Folder Mappa hozzáadása - + Immediate Recovery Azonnali helyreállítás - + Ignore Extension Kiterjesztés kihagyása - + Ignore Folder Mappa kihagyása - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Azonnali helyreállítási kérés engedélyezése, hogy a fájlokat a létrehozásuk után azonnal helyreállíthassa. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Az "Azonnali helyreállításból" kizárhat mappákat és fájltípusokat (vagy fájlkiterjesztéseket). - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. A "Gyors helyreállítás" funkció meghívása után a következő mappákat ellenőrzik a homokozós tartalom szempontjából. - + Advanced Options Fejlett beállítások - + Miscellaneous Egyebek - + Don't alter window class names created by sandboxed programs Ne változtassa meg a homokozós programok által létrehozott ablakosztályok nevét - + Do not start sandboxed services using a system token (recommended) Ne indítsa el a homokozós szolgáltatásokat rendszer-tokennel (ajánlott) @@ -8132,84 +8132,84 @@ A folyamat megadásához használja a '$:program.exe-t' útvonalként. - - - - + + + + Protect the sandbox integrity itself A homokozó integritásának védelme - + Drop critical privileges from processes running with a SYSTEM token Hagyja el a SYSTEM tokennel futó folyamatok kritikus jogosultságait - - + + (Security Critical) (Biztonság kritikus) - + Protect sandboxed SYSTEM processes from unprivileged processes Védje meg az izolált SYSTEM folyamatokat a nem privilegizált folyamatoktól - + Force usage of custom dummy Manifest files (legacy behaviour) Egyéni dummy manifest fájlok használatának kikényszerítése (örökölt viselkedés) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. A szabályspecifikusság annak mértéke, hogy egy adott szabály mennyire illeszkedik egy adott elérési úthoz. Egyszerűen fogalmazva, a specifikáció a karakterek hossza az elérési út elejétől az utolsó egyező nem helyettesítő karakterláncig bezárólag. Egy szabály, amely csak az olyan fájltípusoknak felel meg, mint a "*.tmp" a legmagasabb specifitású lenne, mivel mindig a teljes fájl elérési úttal egyezne. A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leírja, hogy egy szabály hogyan vonatkozik egy adott folyamatra. A folyamatnév vagy csoport alapján érvényesülő szabályoknak van a legerősebb egyezési szintje, ezt követi a tagadással történő egyezés (vagyis az adott folyamaton kívül minden folyamatra érvényes szabályok), míg a legalacsonyabb egyezési szinteken globális egyezések, azaz bármely folyamatra érvényes szabályok. - + Prioritize rules based on their Specificity and Process Match Level A szabályokat sajátosságuk és folyamategyezési szintjük alapján rangsorolja - + Privacy Mode, block file and registry access to all locations except the generic system ones Adatvédelmi mód, blokkolja a fájlokhoz és a rendszerleíró adatbázishoz való hozzáférést az összes helyhez, kivéve az általános rendszerhelyeket - + Access Mode Hozzáférési mód - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Ha az adatvédelmi mód engedélyezve van, a sandbox folyamatok a C:\Windows\*, C:\Program Files\*, és a HKLM registry egyes részeinek csak olvasására lesznek képesek , minden más helynek kifejezett hozzáférésre van szüksége ahhoz, hogy olvasható és/vagy írható legyen. Ebben a módban a Szabályspecifikusság mindig engedélyezve van. - + Rule Policies Írányelv szabály - + Apply File and Key Open directives only to binaries located outside the sandbox. A fájl és kulcs megnyitása direktívákat csak a homokozón kívül található binárisokra alkalmazza. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Izolált RpcSs elindítása mint RENDSZER folyamat (nem ajánlott) - + Allow only privileged processes to access the Service Control Manager Csak a privilegizált folyamatok számára engedélyezze a szolgáltatásvezérlő menedzser (Service Control Manager) elérését - - + + Compatibility Kompatibilitás @@ -8219,7 +8219,7 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí Sandbox-folyamatok hozzáadása munkaobjektumokhoz (ajánlott) - + Emulate sandboxed window station for all processes A homokozós ablakállomás emulálása minden folyamathoz @@ -8253,7 +8253,7 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí A nem homokozós folyamatok memóriájának olvasásának engedélyezése (nem ajánlott) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Alapértelmezés szerint tiltsa le az "RpcMgmtSetComTimeout" használatát (ez megoldhatja a kompatibilitási problémákat) @@ -8278,81 +8278,81 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí Az alábbi lehetőségek biztonságosan használhatók, ha nem ad rendszergazdai jogokat. - + Triggers Indítók - + Event Esemény - - - - + + + + Run Command Parancs futtatása - + Start Service Szolgáltatás indítása - + These events are executed each time a box is started Ezek az események minden alkalommal végrehajtódnak, amikor egy homokozó elindul - + On Box Start Homokozó indításakor - - + + These commands are run UNBOXED just before the box content is deleted Ezek a parancsok NEM IZOLÁLTAN futnak le közvetlenül a homokozó tartalmának törlése előtt - + Allow use of nested job objects (works on Windows 8 and later) Beágyazott munkaobjektumok használatának engedélyezése (Windows 8 és újabb rendszeren működik) - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Ezek a parancsok csak akkor hajtódnak végre, ha egy homokozó inicializálva van. Az újrafuttatáshoz a homokozó tartalmát törölni kell. - + On Box Init Homokozó inicializálásakor - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Here you can specify actions to be executed automatically on various box events. Itt adhatja meg a különféle homokozó eseményeken automatikusan végrehajtandó műveleteket. - + Hide Processes Folyamatok elrejtése - + Add Process Folyamat hozzáadása - + Hide host processes from processes running in the sandbox. Gazdafolyamatok elrejtése a homokozóban futó folyamatok elől. @@ -8362,48 +8362,48 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí Korlátozások - + Various Options Különféle lehetőségek - + Apply ElevateCreateProcess Workaround (legacy behaviour) Az "ElevateCreateProcess" megoldás alkalmazása (örökölt viselkedés) - + Use desktop object workaround for all processes - + This command will be run before the box content will be deleted Ez a parancs a homokozó tartalmának törlése előtt fut le - + On File Recovery Fájl helyreállításkor - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Ez a parancs a fájl helyreállítása előtt fut le, és a fájl elérési útja lesz átadva első argumentumként. Ha ez a parancs a 0-tól eltérő értéket ad vissza, a helyreállítás blokkolva lesz - + Run File Checker Fájlellenőrző futtatása - + On Delete Content Tartalom törlésekor - + Don't allow sandboxed processes to see processes running in other boxes Ne engedje, hogy a homokozós folyamatok más homokozóban futó folyamatokat lássák @@ -8414,7 +8414,7 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí - + Process Folyamat @@ -8423,45 +8423,45 @@ A folyamategyezési szint magasabb prioritású, mint a specifikusság, és leí A folyamatokhoz való olvasási hozzáférés letiltása ebben a sandboxban - + Users Felhasználó - + Restrict Resource Access monitor to administrators only Az erőforrás-hozzáférés figyelőjét csak a rendszergazdákra korlátozhatja - + Add User Felhasználó hozzáadása - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. Adjon hozzá felhasználói fiókokat és felhasználói csoportokat az alábbi listához, hogy a homokozó használatát csak azokra a fiókokra korlátozza. Ha a lista üres, akkor a homokozót minden felhasználói fiók használhatja. - + Add Option Opció hozzáadása - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Itt konfigurálhat speciális folyamatonkénti beállításokat a kompatibilitás javítása és/vagy a homokozó viselkedésének testreszabása érdekében. - + Option Opció - + Tracing Nyomkövetés @@ -8470,22 +8470,22 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to API-hívás nyomkövetése (a LogAPI-t telepíteni kell az Sbie-könyvtárba) - + Pipe Trace Pipe nyomkövetés - + Log all SetError's to Trace log (creates a lot of output) Minden SetError rögzítése a nyomkövetési naplóban (sok kimeneti adatot generál) - + Log Debug Output to the Trace Log Napló hibakeresési kimenete a nyomkövetési naplóba - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8508,113 +8508,113 @@ A naplózást az ini használatával testreszabhatja, ha megadja: Ntdll rendszerhívások nyomon követése (sok kimenetet hoz létre) - + File Trace Fájl nyomkövetés - + Disable Resource Access Monitor Erőforrás-hozzáférés figyelő letiltása - + IPC Trace IPC nyomok - + GUI Trace GUI nyomkövetés - + Resource Access Monitor Erőforrás-hozzáférés figyelő - + Access Tracing Hozzáférés nyomon követése - + COM Class Trace COM Class nyom - + Key Trace Kulcskövetés - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Az elveszett védelem kompenzálásához tekintse meg a 'Drop Rights' beállítási oldalát a 'Korlátozások beállításai' csoportban. - - + + Network Firewall Hálózati tűzfal - + API call Trace (traces all SBIE hooks) - + Debug Hibakeresés - + WARNING, these options can disable core security guarantees and break sandbox security!!! FIGYELEM, ezek az opciók letilthatják az alapvető biztonsági garanciákat és megszakíthatják a homokozó biztonságát!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Ezeket az opciókat a kompatibilitási problémák hibakeresésére tervezték. Kérjük, csak tesztelési célra használja. - + App Templates Program sablonok - + Filter Categories Szűrő kategóriák - + Text Filter Szöveg szűrő - + Add Template Sablon hozzáadása - + This list contains a large amount of sandbox compatibility enhancing templates Ez a lista nagy mennyiségű homokozó kompatibilitást javító sablont tartalmaz - + Category Kategória - + Template Folders Sablon mappák - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8623,24 +8623,24 @@ Please note that this values are currently user specific and saved globally for Felhívjuk figyelmét, hogy ezek az értékek jelenleg felhasználóspecifikusak és globálisan vannak mentve az összes homokozóhoz. - - + + Value Érték - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8650,89 +8650,89 @@ Felhívjuk figyelmét, hogy ezek az értékek jelenleg felhasználóspecifikusak - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates Sablonok - + Open Template - + Accessibility Hozzáférhetőség - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Képernyőolvasók: JAWS, NVDA, Window-Eyes, System Acces - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. A következő beállítások lehetővé teszik a Sandboxie használatát akadálymentes szoftverrel kombinálva. Felhívjuk figyelmét, hogy a Sandboxie bizonyos mértékű védelme szükségszerűen elvész, amikor ezek a beállítások érvénybe lépnek. - + Edit ini Section Konfiguráció szerkesztése - + Edit ini INI szerkesztése - + Cancel Mégse - + Save Mentés diff --git a/SandboxiePlus/SandMan/sandman_it.ts b/SandboxiePlus/SandMan/sandman_it.ts index e1382815..4bb3ad9b 100644 --- a/SandboxiePlus/SandMan/sandman_it.ts +++ b/SandboxiePlus/SandMan/sandman_it.ts @@ -7023,8 +7023,8 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - - + + Protect the system from sandboxed processes Proteggi il sistema dai processi avviati nell'area virtuale @@ -7034,7 +7034,7 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Restrizioni di elevazione - + Block network files and folders, unless specifically opened. Blocca i file e le cartelle di rete, a meno che non siano aperti individualmente. @@ -7044,7 +7044,7 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Fai credere alle applicazioni di avviarsi con privilegi elevati (esegue gli installer in modo sicuro) - + Network restrictions Restrizioni di rete @@ -7177,18 +7177,18 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - - - - - - - - - - - - + + + + + + + + + + + + Name Nome @@ -7205,98 +7205,98 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Rimuovi - - - - - - - + + + + + + + Type Tipo - + Program Groups Gruppi dei programmi - + Add Group Aggiungi gruppo - - - - - + + + + + Add Program Aggiungi programma - + Force Folder Forza cartella - - - + + + Path Percorso - + Force Program Forza programma - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Mostra modelli @@ -7351,7 +7351,7 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Apri il servizio di gestione credenziali di Windows (user mode) - + Prevent change to network and firewall parameters (user mode) Blocca la modifica dei parametri di rete e firewall (user mode) @@ -7408,43 +7408,43 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - + Use a Sandboxie login instead of an anonymous token Usa autenticazione di Sandboxie invece di un token anonimo - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. I seguenti programmi, o i programmi avviati dai seguenti percorsi, verranno avviati automaticamente in quest'area virtuale. - - + + Stop Behaviour Chiusura dei processi - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + Start Restrictions Restrizioni di avvio - + Issue message 1308 when a program fails to start Mostra messaggio 1308 quando un programma non viene avviato @@ -7469,126 +7469,126 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen * Nota: i programmi installati nell'area virtuale non potranno essere avviati o eseguiti. - + Configure which processes can access Desktop objects like Windows and alike. - + Process Restrictions Restrizioni dei processi - + Issue message 1307 when a program is denied internet access Mostra messaggio 1307 quando è negato l'accesso a Internet - + Note: Programs installed to this sandbox won't be able to access the internet at all. Nota: i programmi installati nell'area virtuale non potranno accedere a Internet. - + Prompt user whether to allow an exemption from the blockade. Chiedi all'utente se consentire un'esclusione dal blocco. - + Resource Access Accesso risorse - - - - - - - - - + + + + + + + + + Program Programma - - - - - - + + + + + + Access Accesso - + Add Reg Key Aggiungi chiave di registro - + Add File/Folder Aggiungi file/cartella - + Add Wnd Class Aggiungi classe finestra - + Add COM Object Aggiungi oggetto COM - + Add IPC Path Aggiungi percorso IPC - + File Recovery Recupero file - + Add Folder Aggiungi cartella - + Ignore Extension Ignora estensione - + Ignore Folder Ignora cartella - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Attiva notifica di Recupero immediato dei file, non appena questi vengono creati. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. È possibile escludere estensioni di file e cartelle dal Recupero immediato. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Una volta richiamata la funzione di Recupero veloce, verrà analizzato il contenuto delle seguenti cartelle nell'area virtuale. - + Advanced Options Opzioni avanzate - + Miscellaneous Opzioni varie @@ -7596,37 +7596,37 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - - - - + + + + Protect the sandbox integrity itself Proteggi l'integrità dell'area virtuale - + Do not start sandboxed services using a system token (recommended) Non avviare servizi nell'area virtuale tramite token di sistema (raccomandato) - - + + Compatibility Compatibilità - + Force usage of custom dummy Manifest files (legacy behaviour) Forza l'utilizzo dei file manifest fittizi (legacy) - + Don't alter window class names created by sandboxed programs Da attivare solo per motivi di compatibilità Blocca la modifica dei nomi della classe finestra effettuata da Sandboxie - + Allow only privileged processes to access the Service Control Manager Consenti solo ai processi privilegiati di accedere al Service Control Manager @@ -7641,7 +7641,7 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Avvisa l'utente durante la copia dei file - + Emulate sandboxed window station for all processes Emula window station per tutti i processi nell'area virtuale @@ -7651,37 +7651,37 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Consenti ai programmi nell'area virtuale di gestire dispositivi hardware - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. È possibile riunire più programmi in un unico nome di gruppo. I gruppi dei programmi possono essere usati per interagire con alcune impostazioni al posto dei nomi dei programmi. I gruppi definiti nell'area virtuale sovrascrivono i gruppi definiti nei modelli. - + Set network/internet access for unlisted processes: Imposta accesso di rete/Internet per i processi non presenti in elenco: - + Test Rules, Program: Regole di prova, Programma: - + Port: Porta: - + IP: IP: - + Protocol: Protocollo: - + X X @@ -7770,13 +7770,13 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen - + Move Up Sposta in alto - + Move Down Sposta in basso @@ -7806,47 +7806,47 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen Isolamento degli accessi - + Other Options - + Port Blocking - + Block common SAMBA ports - + Block DNS, UDP port 53 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection Protezione immagine - + Issue message 1305 when a program tries to load a sandboxed dll Mostra messaggio 1305 quando un programma tenta di caricare un file DLL nell'area virtuale - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Impedisci ai programmi in esecuzione nell'area virtuale (installati sul sistema host) di caricare file DLL @@ -7857,31 +7857,31 @@ Se si è già un Great Supporter su Patreon, Sandboxie può verificare la presen La selezione parziale impedisce la rimozione dell'area virtuale, ma non la cancellazione del contenuto. - + Dlls && Extensions DLL ed estensioni - + Description Descrizione - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Le regole di accesso alle risorse di Sandboxie spesso discriminano i programmi eseguibili all'interno dell'area virtuale. OpenFilePath e OpenKeyPath funzionano solo per gli eseguibili delle applicazioni situati sull'host in modo nativo. Per definire una regola senza questa restrizione, è necessario utilizzare OpenPipePath o OpenConfPath. Allo stesso modo, tutte le regole Closed(File|Key|Ipc)Path che sono definite per negazione, ad esempio ‘ClosedFilePath=!iexplore.exe,C:\Users*’ saranno sempre chiuse per gli eseguibili situati all'interno dell'area virtuale. Entrambi i criteri di restrizione possono essere disattivati dalla pagina “Criteri di accesso”. In questo modo si impedisce che i processi dannosi all'interno dell'area virtuale creino una copia rinominata di se stessi e accedano alle risorse protette. Un altro vettore di exploit è l'iniezione di una libreria DLL in un processo autorizzato per ottenere l'accesso a tutto ciò a cui è consentito accedere. Utilizzando la protezione dell'immagine host, questo può essere evitato impedendo alle applicazioni (installate sull'host) in esecuzione nell'area virtuale di caricare le librerie DLL dalla stessa area virtuale. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Segnalare eventuali errori di inglese direttamente all'autore di Sandboxie Plus La funzionalità di Sandboxie può essere migliorata utilizzando delle DLL facoltative che possono essere caricate all'avvio in ogni processo dell'area virtuale tramite il file SbieDll.dll. La gestione dei componenti aggiuntivi nelle impostazioni globali offre un paio di utili estensioni che, una volta installate, possono essere attivate qui per l'area virtuale corrente. - + Advanced Security Sicurezza avanzata @@ -7890,57 +7890,57 @@ In questo modo si impedisce che i processi dannosi all'interno dell'ar Usa autenticazione di Sandboxie invece di un token anonimo (sperimentale) - + Other isolation Isolamento aggiuntivo - + Privilege isolation Isolamento dei privilegi - + Sandboxie token Token di Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. L'uso di un token di Sandboxie personalizzato consente di isolare meglio le singole aree virtuali e di mostrare nella colonna utente del task manager il nome dell'area virtuale a cui appartiene un processo. Alcune soluzioni di sicurezza di terze parti potrebbero tuttavia avere problemi con i token personalizzati. - + Program Control Controllo programmi - + Force Programs Forzatura programmi - + Disable forced Process and Folder for this sandbox Disattiva la forzatura di processi e cartelle per quest'area virtuale - + Breakout Programs Esclusione programmi - + Breakout Program Escludi programma - + Breakout Folder Escludi cartella - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. I programmi inseriti qui potranno uscire da questa area virtuale al momento del loro avvio. È anche possibile forzarli in un'altra area virtuale, ad esempio per avere il browser Web sempre aperto in una area virtuale dedicata. @@ -7978,85 +7978,85 @@ In questo modo si impedisce che i processi dannosi all'interno dell'ar - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Lingering Programs Programmi secondari - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. I processi secondari verranno chiusi automaticamente qualora siano ancora in esecuzione, dopo aver terminato tutti gli altri processi. - + Leader Programs Programmi principali - + If leader processes are defined, all others are treated as lingering processes. Una volta impostati i processi principali, tutti gli altri verranno trattati come processi secondari. - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files File - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configura i processi che possono accedere a file, cartelle e pipe. L'accesso 'Consenti' su file e chiavi di registro si applica solo ai programmi eseguibili presenti all'esterno dell'area virtuale. È possibile utilizzare l'accesso 'Consenti tutto' per estenderlo a tutti i programmi o modificare questo aspetto nella scheda Criteri. - + Registry Registro - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configura i processi che possono accedere al Registro di sistema. L'accesso 'Consenti' su file e chiavi di registro si applica solo ai programmi eseguibili presenti all'esterno dell'area virtuale. È possibile utilizzare l'accesso 'Consenti tutto' per estenderlo a tutti i programmi o modificare questo aspetto nella scheda Criteri. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Configura quali processi possono accedere agli oggetti NT IPC, come le porte ALPC, il contesto e la memoria dei processi. Per specificare un processo, utilizza '$:program.exe' come percorso. - + Wnd Finestre - + Wnd Class Classe finestra @@ -8065,50 +8065,50 @@ Per specificare un processo, utilizza '$:program.exe' come percorso.Configurare i processi che possono accedere agli oggetti del desktop, come finestre e simili. - + COM COM - + Class Id Id classe - + Configure which processes can access COM objects. Configura i processi che possono accedere agli oggetti COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Non utilizzare COM virtualizzato, consenti accesso all'infrastruttura COM degli host (non raccomandato) - + Access Policies Criteri di accesso - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Estendi le regole Close...=!<program>,... anche a tutti i programmi eseguibili presenti nell'area virtuale. - + Network Options Opzioni di rete - + Add Rule Aggiungi regola - - + + Action Azione @@ -8128,105 +8128,105 @@ Per specificare un processo, utilizza '$:program.exe' come percorso. - - + + Port Porta - - - + + + IP IP - + Protocol Protocollo - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. ATTENZIONE: La piattaforma di filtraggio di Windows non è attiva come impostazione predefinita. Qualora non venisse attivata manualmente, queste regole verranno applicate solo in user mode e le applicazioni dannose potrebbero bypassarle. - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Quick Recovery Recupero veloce - + Immediate Recovery Recupero immediato - + Various Options Opzioni varie - + Allow use of nested job objects (works on Windows 8 and later) Consenti l'uso dei processi nidificati (per Windows 8 e versioni successive) @@ -8241,44 +8241,44 @@ Per specificare un processo, utilizza '$:program.exe' come percorso.Consenti accesso al sottosistema dell'autorità di protezione locale (LSASS) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. La specificità delle regole è una misura di quanto una determinata regola corrisponda a un particolare percorso, in poche parole la specificità è la lunghezza dei caratteri dall'inizio del percorso fino all'ultima sottostringa senza caratteri jolly. Una regola che corrisponde solo ai tipi di file come "*.tmp" avrebbe la più alta specificità in quanto corrisponderebbe sempre all'intero percorso del file. Il livello di corrispondenza del processo ha una priorità più alta della specificità, e descrive come una regola si applica a un determinato processo. Le regole che si applicano per nome di processo o gruppo hanno il livello di corrispondenza più forte, seguito dalla corrispondenza per negazione (ovvero regole che si applicano a tutti i processi tranne quello specificato), mentre i livelli di corrispondenza più bassi hanno corrispondenze globali, ovvero regole che si applicano a qualsiasi processo. - + Prioritize rules based on their Specificity and Process Match Level Assegna priorità alle regole in base alla loro specificità e al livello di corrispondenza del processo - + Privacy Mode, block file and registry access to all locations except the generic system ones Modalità Privacy, blocca l'accesso ai file e al registro per tutti i percorsi eccetto quelli di sistema - + Access Mode Modalità di accesso - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Quando la Modalità Privacy è attiva, i processi nell'area virtuale potranno soltanto leggere C:\Windows\*, C:\Program Files\* e parte del registro HKLM, mentre tutti gli altri percorsi avranno bisogno di un accesso esplicito per consentire la lettura e/o scrittura. In questa modalità, l'opzione di specificità rimane sempre attiva. - + Rule Policies Criteri regole - + Apply File and Key Open directives only to binaries located outside the sandbox. Applica le regole di accesso 'Consenti' soltanto ai programmi eseguibili presenti all'esterno dell'area virtuale. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Avvia il servizio RpcSs come processo di sistema nell'area virtuale (non raccomandato) @@ -8288,23 +8288,23 @@ Il livello di corrispondenza del processo ha una priorità più alta della speci Aggiungi processi in esecuzione nell'area virtuale agli oggetti Job (raccomandato) - + Drop critical privileges from processes running with a SYSTEM token Rimuovi i privilegi critici dai processi avviati con un token di sistema - - + + (Security Critical) (opzione di sicurezza) - + Protect sandboxed SYSTEM processes from unprivileged processes Proteggi i processi di sistema nell'area virtuale dai processi senza privilegi - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Disattiva l'utilizzo di RpcMgmtSetComTimeout per impostazione predefinita (potrebbe risolvere problemi di compatibilità) @@ -8338,43 +8338,43 @@ Il livello di corrispondenza del processo ha una priorità più alta della speci Le opzioni sottostanti possono essere usate senza rischi quando non si concedono privilegi amministrativi. - + Hide Processes Nascondi processi - + Add Process Aggiungi processo - + Hide host processes from processes running in the sandbox. Nascondi i processi di host dai processi in esecuzione nell'area virtuale. - + Don't allow sandboxed processes to see processes running in other boxes Non consentire ai processi dell'area virtuale di vedere i processi avviati in altre aree virtuali - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8384,49 +8384,49 @@ Il livello di corrispondenza del processo ha una priorità più alta della speci - + Total Processes Memory Limit: - + Single Process Memory Limit: - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + Users Utenti - + Restrict Resource Access monitor to administrators only Limita il log di accesso risorse ai soli amministratori - + Add User Aggiungi utente - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8435,32 +8435,32 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Nota: le impostazioni dei programmi e delle cartelle forzate nell'area virtuale non si applicano agli account utente non abilitati all'utilizzo dell'area virtuale. - + Tracing Tracing - + API call Trace (traces all SBIE hooks) - + COM Class Trace Traccia classe COM - + IPC Trace Traccia IPC - + Key Trace Traccia chiavi di registro - + GUI Trace Traccia GUI @@ -8469,28 +8469,28 @@ Nota: le impostazioni dei programmi e delle cartelle forzate nell'area virt Traccia chiamata API (richiede l'installazione di LogAPI nella cartella di Sandboxie Plus) - + Log all SetError's to Trace log (creates a lot of output) Sostituibile con "log di traccia", tuttavia "log di accesso" mi sembra più adatto per i non esperti Registra tutti i SetError nel log di accesso (genera molto output) - + File Trace Traccia file - + Pipe Trace Traccia pipe - + Access Tracing Log di accesso - + Log Debug Output to the Trace Log Sostituibile con "log di traccia", tuttavia "log di accesso" mi sembra più adatto per i non esperti Registra output di debug nel log di accesso @@ -8531,63 +8531,63 @@ Nota: le impostazioni dei programmi e delle cartelle forzate nell'area virt Mostra messaggio 2111 quando è negato l'accesso a un processo - + Triggers Attivazioni - + Event Evento - - - - + + + + Run Command Avvia comando - + Start Service Avvia servizio - + These events are executed each time a box is started Questi eventi vengono eseguiti a ogni avvio di un'area virtuale - + On Box Start Qui ho forzato di proposito un ritorno a capo per ragioni di lunghezza All'avvio<br />dell'area virtuale - - + + These commands are run UNBOXED just before the box content is deleted Questi comandi vengono eseguiti FUORI dall'area virtuale poco prima dell'eliminazione del contenuto - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Questi comandi vengono eseguiti solamente all'inizializzazione di un'area virtuale. Per eseguirli nuovamente, il contenuto dell'area virtuale dovrà essere rimosso. - + On Box Init Qui ho forzato di proposito un ritorno a capo per ragioni di lunghezza All'inizializzazione<br />dell'area virtuale - + Here you can specify actions to be executed automatically on various box events. È possibile specificare una lista di azioni che verranno eseguite automaticamente in base agli eventi dell'area virtuale. - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8609,73 +8609,73 @@ Queste opzioni impostano la maschera degli eventi a "*" - tutti gli ev Traccia chiamata di sistema Ntdll (genera molto output) - + Disable Resource Access Monitor Disattiva monitor di accesso risorse per quest'area virtuale - + Resource Access Monitor Monitor accesso risorse - - + + Network Firewall Firewall di rete - + Debug Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! ATTENZIONE! Queste opzioni possono disattivare le misure di sicurezza e compromettere la sicurezza dell'area virtuale!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Queste opzioni sono destinate al debug dei problemi di compatibilità, si prega di utilizzarle solo per scopi di test. - + App Templates Modelli applicazioni - + Filter Categories Filtra categorie - + Text Filter Cerca - + Add Template Aggiungi modello - + Category Categoria - + This list contains a large amount of sandbox compatibility enhancing templates Questo elenco contiene un gran numero di modelli di compatibilità software - + Template Folders Percorsi modelli - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8684,23 +8684,23 @@ Please note that this values are currently user specific and saved globally for I seguenti valori sono specifici per l'utente e salvati a livello globale per tutte le aree virtuali. - - + + Value Valore - + Accessibility Accessibilità - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Per compensare alla disabilitazione delle misure di protezione, consultare la pagina Limitazione dei diritti, nel gruppo Restrizioni. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Screen reader: JAWS, NVDA, Window-Eyes, System Access @@ -8710,37 +8710,37 @@ I seguenti valori sono specifici per l'utente e salvati a livello globale p Restrizioni - + Apply ElevateCreateProcess Workaround (legacy behaviour) Applica il workaround ElevateCreateProcess (legacy) - + Use desktop object workaround for all processes Usa il workaround dell'oggetto desktop per tutti i processi - + This command will be run before the box content will be deleted Questo comando verrà eseguito prima che il contenuto dell'area virtuale venga eliminato - + On File Recovery Al recupero dei file - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked Questo comando verrà eseguito prima del recupero di un file e il percorso del file passato come primo argomento. Se questo comando restituisce qualcosa di diverso da 0, il recupero viene bloccato - + Run File Checker Avvia controllo dei file - + On Delete Content Alla rimozione del<br />contenuto @@ -8751,7 +8751,7 @@ I seguenti valori sono specifici per l'utente e salvati a livello globale p - + Process Processo @@ -8760,69 +8760,69 @@ I seguenti valori sono specifici per l'utente e salvati a livello globale p Blocca anche l'accesso in lettura ai processi in questa area virtuale - + Add Option Aggiungi opzione - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Qui è possibile configurare opzioni avanzate per processo al fine di migliorare la compatibilità e/o personalizzare il comportamento dell'area virtuale. - + Option Opzione - + On Box Terminate - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates Modelli - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Le seguenti impostazioni consentono di usare Sandboxie in combinazione con i programmi per l'accesso facilitato. Tuttavia, alcune misure di protezione di Sandboxie vengono disabilitate quando queste impostazioni sono attive. - + Edit ini Section Qui ho forzato di proposito un ritorno a capo Modifica configurazione area virtuale - + Edit ini Modifica Sandboxie.ini - + Cancel Annulla - + Save Salva diff --git a/SandboxiePlus/SandMan/sandman_ja.ts b/SandboxiePlus/SandMan/sandman_ja.ts index 60bbf592..b9180232 100644 --- a/SandboxiePlus/SandMan/sandman_ja.ts +++ b/SandboxiePlus/SandMan/sandman_ja.ts @@ -6719,45 +6719,45 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates - - + + Action - - - - - - - - - + + + + + + + + + Program @@ -6807,7 +6807,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Prevent change to network and firewall parameters (user mode) @@ -6827,7 +6827,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Block network files and folders, unless specifically opened. @@ -6851,8 +6851,8 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - + + Protect the system from sandboxed processes @@ -6867,7 +6867,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Network restrictions @@ -6879,28 +6879,28 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove @@ -6911,18 +6911,18 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - + + + + + + + + + + + + Name 名前 @@ -6933,13 +6933,13 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Move Up 上に移動 - + Move Down 下に移動 @@ -7062,10 +7062,10 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - + + + + Protect the sandbox integrity itself @@ -7107,7 +7107,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Process @@ -7148,58 +7148,58 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Advanced Security - + Use a Sandboxie login instead of an anonymous token - + Other isolation - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) - + Privilege isolation - + Protect sandboxed SYSTEM processes from unprivileged processes - + Sandboxie token - - + + (Security Critical) - + Drop critical privileges from processes running with a SYSTEM token - + Do not start sandboxed services using a system token (recommended) - + Allow only privileged processes to access the Service Control Manager @@ -7209,92 +7209,92 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. - + Program Groups - + Add Group - - - - - + + + + + Add Program プログラムを追加 - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. - + Program Control プログラム制御 - + Force Programs - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. - + Force Folder - - - - - - - + + + + + + + Type - + Force Program - + Disable forced Process and Folder for this sandbox - + Breakout Programs - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. - + Breakout Folder - + Breakout Program @@ -7321,58 +7321,58 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - - + + Stop Behaviour - + Lingering Programs - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. - + Leader Programs - + If leader processes are defined, all others are treated as lingering processes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + Start Restrictions - + Issue message 1308 when a program fails to start @@ -7402,344 +7402,344 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Resource Access - + Files - - - - - - + + + + + + Access - - - + + + Path - + Add File/Folder - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + Registry - + Add Reg Key - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + IPC - + Add IPC Path - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. - + Wnd - + Add Wnd Class - + Wnd Class - + Don't alter window class names created by sandboxed programs - + Configure which processes can access Desktop objects like Windows and alike. - + COM - + Class Id - + Add COM Object - + Configure which processes can access COM objects. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) - + Access Policies - + Rule Policies - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. - + Prioritize rules based on their Specificity and Process Match Level - + Apply File and Key Open directives only to binaries located outside the sandbox. - + Access Mode - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. - + Privacy Mode, block file and registry access to all locations except the generic system ones - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. - + Network Options - + Process Restrictions - + Issue message 1307 when a program is denied internet access - + Prompt user whether to allow an exemption from the blockade. - + Note: Programs installed to this sandbox won't be able to access the internet at all. - + Set network/internet access for unlisted processes: - - + + Network Firewall - + Test Rules, Program: - + Port: - + IP: - + Protocol: - + X - + Add Rule - - + + Port - - - + + + IP - + Protocol - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Other Options - + Port Blocking - + Block common SAMBA ports @@ -7750,119 +7750,119 @@ The process match level has a higher priority than the specificity and describes - + Block DNS, UDP port 53 - + File Recovery - + Quick Recovery - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. - + Add Folder フォルダを追加 - + Immediate Recovery 直接リカバリ - + You can exclude folders and file types (or file extensions) from Immediate Recovery. - + Ignore Extension - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. - + Ignore Folder - + Various Options - - + + Compatibility - + Apply ElevateCreateProcess Workaround (legacy behaviour) - + Emulate sandboxed window station for all processes - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) - + Force usage of custom dummy Manifest files (legacy behaviour) - + Use desktop object workaround for all processes - + Allow use of nested job objects (works on Windows 8 and later) - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -7872,164 +7872,164 @@ The process match level has a higher priority than the specificity and describes - + Total Processes Memory Limit: - + Single Process Memory Limit: - + Dlls && Extensions - + Image Protection - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Issue message 1305 when a program tries to load a sandboxed dll - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. - + Advanced Options - + Miscellaneous - + Add Option - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. - + Option - - + + Value - + Triggers - + On Box Terminate - + This command will be run before the box content will be deleted - - - - + + + + Run Command - + Event - - + + These commands are run UNBOXED just before the box content is deleted - + On File Recovery - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked - + Run File Checker - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. - + On Box Init - + Here you can specify actions to be executed automatically on various box events. - + These events are executed each time a box is started - + On Box Start - + Start Service - + On Delete Content @@ -8044,94 +8044,94 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + Hide Processes - + Add Process - + Don't allow sandboxed processes to see processes running in other boxes - + Hide host processes from processes running in the sandbox. - + Users - + Restrict Resource Access monitor to administrators only - + Add User - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. - + Tracing - + API call Trace (traces all SBIE hooks) - + Key Trace - + DNS Request Logging - + GUI Trace - + Log Debug Output to the Trace Log - + Log all SetError's to Trace log (creates a lot of output) - + Access Tracing - + Syscall Trace (creates a lot of output) - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8143,161 +8143,161 @@ instead of "*". - + Resource Access Monitor - + COM Class Trace - + Pipe Trace - + File Trace - + Disable Resource Access Monitor - + IPC Trace - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. - + App Templates アプリテンプレート - + Templates - + This list contains a large amount of sandbox compatibility enhancing templates - + Text Filter - + Add Template - + Filter Categories - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + Category - + Open Template - + Template Folders - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. - + Accessibility - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. - + Edit ini Section ini 編集セクション - + Edit ini ini を編集 - + Cancel キャンセル - + Save 保存 diff --git a/SandboxiePlus/SandMan/sandman_ko.ts b/SandboxiePlus/SandMan/sandman_ko.ts index 07b765fc..8682ec0e 100644 --- a/SandboxiePlus/SandMan/sandman_ko.ts +++ b/SandboxiePlus/SandMan/sandman_ko.ts @@ -7298,8 +7298,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes 샌드박스 프로세스로부터 시스템 보호 @@ -7309,13 +7309,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Move Up 위로 이동 - + Move Down 아래로 이동 @@ -7460,12 +7460,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an 인쇄 제한 - + Network restrictions 네트워크 제한 - + Block network files and folders, unless specifically opened. 특별히 열지 않는 한 네트워크 파일 및 폴더를 차단합니다. @@ -7481,18 +7481,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name 이름 @@ -7509,98 +7509,98 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove 제거 - - - - - - - + + + + + + + Type 유형 - + Program Groups 프로그램 그룹 - + Add Group 그룹 추가 - - - - - + + + + + Add Program 프로그램 추가 - + Force Folder 강제 폴더 - - - + + + Path 경로 - + Force Program 강제 프로그램 - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates 템플릿 표시 @@ -7650,7 +7650,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Windows 자격 증명 저장소 열기 (사용자 모드) - + Prevent change to network and firewall parameters (user mode) 네트워크 및 방화벽 매개 변수 (사용자 모드) 변경 방지 @@ -7660,7 +7660,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an 프로세스 액세스이 거부되면 메시지 2111 발행 - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. 프로그램을 그룹화하고 그룹 이름을 지정할 수 있습니다. 프로그램 그룹은 프로그램 이름 대신 일부 설정과 함께 사용할 수 있습니다. 박스에 대해 정의된 그룹은 템플릿에 정의된 덮어쓰기 그룹입니다. @@ -7669,13 +7669,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an 강제 프로그램 - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. 여기에 입력된 프로그램 또는 입력된 위치에서 시작된 프로그램은 다른 샌드박스에서 명시적으로 시작하지 않는 한 이 샌드박스에 자동으로 저장됩니다. - - + + Stop Behaviour 동작 중지 @@ -7700,12 +7700,12 @@ If leader processes are defined, all others are treated as lingering processes.< 대표 프로세스가 정의되면 다른 모든 프로세스는 남아있는 프로세스로 취급됩니다. - + Start Restrictions 시작 제한 - + Issue message 1308 when a program fails to start 프로그램 시작 실패 시 메시지 1308 발생 @@ -7734,32 +7734,32 @@ If leader processes are defined, all others are treated as lingering processes.< 인터넷 제한 - + Process Restrictions 프로세스 제한 - + Issue message 1307 when a program is denied internet access 프로그램이 인터넷 액세스를 거부하면 메시지 1307 발행 - + Prompt user whether to allow an exemption from the blockade. 차단 면제를 허용할지 여부를 사용자에게 묻습니다. - + Note: Programs installed to this sandbox won't be able to access the internet at all. 참고: 이 샌드박스에 설치된 프로그램은 인터넷에 전혀 액세스할 수 없습니다. - - - - - - + + + + + + Access 액세스 @@ -7802,92 +7802,92 @@ If leader processes are defined, all others are treated as lingering processes.< 작업 개체 - + Configure which processes can access Desktop objects like Windows and alike. Windows 등 데스크톱 개체에 액세스할 수 있는 프로세스를 구성합니다. - + Set network/internet access for unlisted processes: 목록에 없는 프로세스에 대한 네트워크/인터넷 액세스 설정: - + Test Rules, Program: 테스트 규칙, 프로그램: - + Port: 포트: - + IP: IP: - + Protocol: 프로토콜: - + X X - + Add Rule 규칙 추가 - - - - - - - - - + + + + + + + + + Program 프로그램 - - + + Action 동작 - - + + Port 포트 - - - + + + IP IP - + Protocol 프로토콜 - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. 주의: Windows 필터링 플랫폼이 드라이버에서 사용할 수 없으므로 이 규칙은 사용자 모드에서만 적용되며 강제 적용할 수 없습니다!!! 즉, 악성 프로그램이 이를 무시할 수 있습니다. - + Resource Access 리소스 액세스 @@ -7904,7 +7904,7 @@ You can use 'Open for All' instead to make it apply to all programs, o 대신 '모두 열기'를 사용하여 모든 프로그램에 적용하거나 정책 탭에서 이 동작을 변경할 수 있습니다. - + Add File/Folder 파일/폴더 추가 @@ -7913,77 +7913,77 @@ You can use 'Open for All' instead to make it apply to all programs, o 사용자 제거 - + Add Wnd Class 창 클래스 추가 - + Add IPC Path IPC 경로 추가 - + Add Reg Key Reg 키 추가 - + Add COM Object COM 개체 추가 - + File Recovery 파일 복구 - + Add Folder 폴더 추가 - + Ignore Extension 확장자 무시 - + Ignore Folder 폴더 무시 - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. 파일이 생성되는 즉시 복구할 수 있도록 즉시 복구 프롬프트를 실행합니다. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. 즉시 복구에서 폴더 및 파일 유형 (또는 파일 확장자)을 제외할 수 있습니다. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. 빠른 복구 기능이 호출되면 샌드박스 내용에 대해 다음 폴더가 확인됩니다. - + Advanced Options 고급 옵션 - + Miscellaneous 기타 - + Don't alter window class names created by sandboxed programs 샌드박스 프로그램에서 만든 창 클래스 이름 변경 안 함 - + Do not start sandboxed services using a system token (recommended) 시스템 토큰을 사용하여 샌드박스 서비스를 시작하지 않음 (권장) @@ -7991,26 +7991,26 @@ You can use 'Open for All' instead to make it apply to all programs, o - - - - + + + + Protect the sandbox integrity itself 샌드박스 무결성 자체 보호 - + Drop critical privileges from processes running with a SYSTEM token SYSTEM 토큰으로 실행 중인 프로세스에서 중요한 권한 삭제 - - + + (Security Critical) (보안 중요) - + Protect sandboxed SYSTEM processes from unprivileged processes 권한이 없는 프로세스로부터 샌드박스 SYSTEM 프로세스 보호 @@ -8019,7 +8019,7 @@ You can use 'Open for All' instead to make it apply to all programs, o 샌드박스 격리 - + Force usage of custom dummy Manifest files (legacy behaviour) 사용자 지정 더미 매니페스트 파일 강제 사용 (레거시 동작) @@ -8032,34 +8032,34 @@ You can use 'Open for All' instead to make it apply to all programs, o 리소스 액세스 정책 - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. 규칙 특수성은 지정된 규칙이 특정 경로와 얼마나 잘 일치하는지 측정하는 것으로, 단순하게 말해서 특수성은 경로 시작부터 마지막 일치하는 비 와일드카드 하위 문자열까지 포함한 문자 길이입니다. "*.tmp"와 같은 파일 형식만 일치하는 규칙은 항상 전체 파일 경로와 일치하므로 가장 높은 특수성을 가집니다. 프로세스 일치 수준은 특수성보다 높은 우선 순위를 가지며 규칙이 지정된 프로세스에 적용되는 방식을 설명합니다. 프로세스 이름 또는 그룹별로 적용되는 규칙은 일치 수준이 가장 강하고 부정에 의한 일치 수준 (즉, 지정된 프로세스를 제외한 모든 프로세스에 적용되는 규칙)이 그 뒤를 이으며, 가장 낮은 일치 수준에는 전역 일치, 즉 모든 프로세스에 적용되는 규칙이 있습니다. - + Prioritize rules based on their Specificity and Process Match Level 특수성 및 프로세스 일치 수준에 따라 규칙 우선 순위 지정 - + Privacy Mode, block file and registry access to all locations except the generic system ones 개인 정보 보호 모드, 일반 시스템 위치를 제외한 모든 위치에 대한 파일 및 레지스트리 액세스 차단 - + Access Mode 액세스 모드 - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. 개인 정보 모드가 활성화된 경우 샌드박스 프로세스는 C:만 읽을 수 있습니다. \Windows\*, C:\Program Files\* 및 HKLM 레지스트리의 일부 다른 위치에서는 읽기 및/또는 쓰기 가능하려면 명시적 액세스 권한이 필요합니다. 이 모드에서는 규칙 특정성이 항상 활성화됩니다. - + Rule Policies 규칙 정책 @@ -8068,23 +8068,23 @@ The process match level has a higher priority than the specificity and describes 닫기 적용...=!<프로그램>,... 또한 규칙은 샌드박스에 있는 모든 이진 파일에 적용됩니다. - + Apply File and Key Open directives only to binaries located outside the sandbox. 샌드박스 외부에 있는 이진 파일에만 파일 및 키 열기 지시문을 적용합니다. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) SYSTEM 프로세스로 샌드박스 RpcS 시작 (권장하지 않음) - + Allow only privileged processes to access the Service Control Manager 권한 있는 프로세스만 서비스 제어 관리자에 액세스할 수 있도록 허용 - - + + Compatibility 호환성 @@ -8098,12 +8098,12 @@ The process match level has a higher priority than the specificity and describes 작업 개체에 샌드박스 프로세스 추가 (권장) - + Emulate sandboxed window station for all processes 모든 프로세스에 대해 샌드박스 창 스테이션 에뮬레이트 - + Allow use of nested job objects (works on Windows 8 and later) 중첩된 작업 개체 사용 허용 (Windows 8 이상에서 작동) @@ -8174,7 +8174,7 @@ The process match level has a higher priority than the specificity and describes COM/RPC - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) 기본적으로 RpcMgmtSetComTimeout 사용 안 함 (호환성 문제가 해결될 수 있음) @@ -8203,41 +8203,41 @@ The process match level has a higher priority than the specificity and describes 액세스 격리 - + Triggers 트리거 - + Event 이벤트 - - - - + + + + Run Command 명령 실행 - + Start Service 서비스 시작 - + These events are executed each time a box is started 이 이벤트는 박스가 시작될 때마다 실행됩니다 - + On Box Start 박스 시작 시 - - + + These commands are run UNBOXED just before the box content is deleted 이 명령은 박스 내용이 삭제되기 직전에 UNBOXED로 실행됩니다 @@ -8246,32 +8246,32 @@ The process match level has a higher priority than the specificity and describes 박스 삭제 시 - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. 이러한 명령은 박스가 초기화될 때만 실행됩니다. 다시 실행하려면 박스 내용을 삭제해야 합니다. - + On Box Init 박스 초기화 시 - + Here you can specify actions to be executed automatically on various box events. 여기서 다양한 박스 이벤트에 대해 자동으로 실행할 동작을 지정할 수 있습니다. - + Hide Processes 프로세스 숨기기 - + Add Process 프로세스 추가 - + Hide host processes from processes running in the sandbox. 샌드박스에서 실행 중인 프로세스에서 호스트 프로세스를 숨깁니다. @@ -8320,46 +8320,46 @@ The process match level has a higher priority than the specificity and describes 액세스 격리 - + Image Protection 이미지 보호 - + Issue message 1305 when a program tries to load a sandboxed dll 프로그램이 샌드박스된 dll을 로드하려고 할 때 1305 메시지 발생 - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox 호스트에 설치된 샌드박스 프로그램이 샌드박스에서 DLL을 로드하지 못하도록 방지 - + Dlls && Extensions Dll 및 확장자 - + Description 설명 - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. 샌드박스의 리소스 액세스 규칙은 샌드박스 내부에 있는 프로그램 이진 파일을 차별하는 경우가 많습니다. OpenFilePath 및 OpenKeyPath는 호스트에 기본적으로 있는 응용 프로그램 이진 파일에만 작동합니다. 이 제한이 없는 규칙을 정의하려면 OpenPipePath 또는 OpenConfPath를 사용해야 합니다. 마찬가지로 모두 닫힘 (파일|키|Ipc)예를 들어 ‘ClosedFilePath=! iexplore.exe,C:Users*'는 샌드박스 내에 있는 이진 파일의 경우 항상 닫혀 있습니다. 두 제한 정책 모두 "액세스 정책" 페이지에서 사용 불가능으로 설정할 수 있습니다. 이 작업은 샌드박스 내부의 악성 프로세스가 자신의 이름이 변경된 복사본을 생성하여 보호된 리소스에 액세스하는 것을 방지하기 위해 수행됩니다. 또 다른 공격 벡터는 라이브러리가 액세스할 수 있는 모든 항목에 액세스하기 위해 승인된 프로세스에 라이브러리를 주입하는 것입니다. 호스트 이미지 보호를 사용하면 샌드박스 내부에서 실행 중인 응용 프로그램 (호스트에 설치)이 샌드박스 자체에서 라이브러리를 로드하지 못하도록 차단하여 이러한 문제를 방지할 수 있습니다. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Sandboxies 기능은 SbieDll.dll에 의해 시작할 때 각 샌드박스 프로세스에 로드될 수 있는 옵션 DLL을 사용하여 향상될 수 있습니다. 전역 설정의 애드온 관리자는 몇 가지 유용한 확장 기능을 제공합니다. 일단 설치되면 현재 박스에 대해 활성화할 수 있습니다. - + Advanced Security Adcanced Security 고급 보안 @@ -8369,52 +8369,52 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 익명 토큰 대신 샌드박스 로그인 사용 (실험적) - + Other isolation 기타 격리 - + Privilege isolation 권한 분리 - + Sandboxie token Sandboxie 토큰 - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. 사용자 정의 Sandboxie 토큰을 사용하면 개별 Sandboxie를 서로 더 잘 분리할 수 있으며, 작업 관리자의 사용자 열에 프로세스가 속한 박스의 이름이 표시됩니다. 그러나 일부 타사 보안 솔루션에는 사용자 지정 토큰에 문제가 있을 수 있습니다. - + Program Control 프로그램 제어 - + Force Programs 강제 프로그램 - + Disable forced Process and Folder for this sandbox 이 샌드박스에 대해 강제 프로세스 및 폴더 사용 안 함 - + Breakout Programs 탈옥 프로그램 - + Breakout Program 탈옥 프로그램 - + Breakout Folder 탈옥 폴더 @@ -8506,12 +8506,12 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 보호된 프로세스에 대한 유용한 Windows 프로세스 액세스 허용 - + Use a Sandboxie login instead of an anonymous token 익명 토큰 대신 샌드박스 로그인 사용 - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. 여기에 입력된 프로그램은 시작할 때 이 박스에서 벗어날 수 있습니다. 다른 박스에 캡처할 수 있습니다. 예를 들어 웹 브라우저를 항상 전용 박스에 열도록 합니다. 이 기능을 설치하려면 올바른 후원자 인증서를 설치해야 합니다. @@ -8521,93 +8521,93 @@ This is done to prevent rogue processes inside the sandbox from creating a renam <b><font color='red'>보안 권고</font>:</b> <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 및/또는 <a href="sbie://docs/breakoutprocess">BreakoutProcess</a>를 Open[파일/파이프]과 함께 사용하는 경로 지시어는 <a href="sbie://docs/breakoutdocument">BreakoutDocument</a>를 사용하여 * 또는 안전하지 않은 모든 확장자 (*.exe;*dll;*.ocx;*.cmd;*.bat;*lnk;*pif;url;*ps1; 등)를 허용할 수 있으므로 보안을 손상시킬 수 있습니다. 사용하기 전에 설명서의 각 옵션에 대한 보안 섹션을 검토하십시오. - + Lingering Programs 남은 프로그램 - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. 남은 프로그램은 다른 모든 프로세스가 종료된 후에도 계속 실행 중인 경우 자동으로 종료됩니다. - + Leader Programs 대표 프로그램 - + If leader processes are defined, all others are treated as lingering processes. 대표 프로세스가 정의되어 있는 경우 다른 모든 프로세스는 계속 진행 중인 프로세스로 간주됩니다. - + Stop Options 중지 옵션 - + Use Linger Leniency 지연 시간 사용 - + Don't stop lingering processes with windows Windows에서 지속적인 프로세스 중지 - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. 이 설정은 사용자가 모르거나 동의하지 않은 상태에서 샌드박스에서 프로그램이 실행되는 것을 방지하는 데 사용될 수 있습니다. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. 외부 소스에서 샌드박스에서 프로세스를 시작하기 전에 팝업 경고 표시 - + Files 파일 - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 파일, 폴더 및 파이프에 액세스할 수 있는 프로세스를 구성합니다. '열기' 액세스은 샌드박스 외부에 위치한 프로그램 이진 파일에만 적용되며, 대신 '모두 열기'를 사용하여 모든 프로그램에 적용하거나 정책 탭에서 이 동작을 변경할 수 있습니다. - + Registry 레지스트리 - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 레지스트리에 액세스할 수 있는 프로세스를 구성합니다. '열기' 액세스은 샌드박스 외부에 위치한 프로그램 이진 파일에만 적용되며, 대신 '모두 열기'를 사용하여 모든 프로그램에 적용하거나 정책 탭에서 이 동작을 변경할 수 있습니다. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. ALPC 포트 및 기타 프로세스 메모리 및 컨텍스트와 같은 NT IPC 개체에 액세스할 수 있는 프로세스를 구성합니다. 프로세스를 지정하려면 '$:program.exe'를 경로로 사용합니다. - + Wnd - + Wnd Class 창 클래스 @@ -8617,92 +8617,92 @@ To specify a process use '$:program.exe' as path. Windows 등의 데스크탑 개체에 액세스스할 수 있는 프로세스를 구성합니다. - + COM COM - + Class Id 클래스 Id - + Configure which processes can access COM objects. COM 개체에 액세스할 수 있는 프로세스를 구성합니다. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) 가상화된 COM 사용 안 함, 호스트 COM 인프라에 대한 액세스 열기 (권장하지 않음) - + Access Policies 액세스 정책 - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. 닫기 적용...=!<프로그램>,... 또한 샌드박스에 있는 모든 이진 파일에 대한 규칙도 있습니다. - + Network Options 네트워크 옵션 - + Other Options 기타 옵션 - + Port Blocking 포트 차단 - + Block common SAMBA ports 공통 SAMBA 포트 차단 - + Block DNS, UDP port 53 DNS, UDP 포트 53 차단 - + Quick Recovery 빠른 복구 - + Immediate Recovery 즉시 복구 - + Various Options 다양한 옵션 - + Apply ElevateCreateProcess Workaround (legacy behaviour) ElevateCreateProcess 해결 방법 적용 (레거시 동작) - + Use desktop object workaround for all processes 모든 프로세스에 대해 데스크톱 개체 해결 방법 사용 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. 전역 단축키를 짧게 3번 누르면 이 예외가 무시됩니다. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. "모든 프로세스 종료"가 호출될 때 이 샌드박스가 종료되지 않도록 제외합니다. @@ -8711,38 +8711,38 @@ To specify a process use '$:program.exe' as path. 이 명령은 샌드박스의 모든 프로세스가 완료된 후에 실행됩니다. - + On Box Terminate 박스 종료 시 - + This command will be run before the box content will be deleted 박스 내용이 삭제되기 전에 이 명령이 실행됩니다 - + On File Recovery 파일 복구 시 - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked 이 명령은 파일을 복구하기 전에 실행되며 파일 경로가 첫 번째 인수로 전달됩니다. 이 명령이 0이 아닌 다른 것을 반환하는 경우 복구가 차단됩니다 - + Run File Checker 파일 검사 실행 - + On Delete Content 콘텐츠 삭제 시 - + Don't allow sandboxed processes to see processes running in other boxes 샌드박스 프로세스에서 다른 박스에서 실행 중인 프로세스 보기 허용 안 함 @@ -8753,7 +8753,7 @@ To specify a process use '$:program.exe' as path. - + Process 프로세스 @@ -8762,22 +8762,22 @@ To specify a process use '$:program.exe' as path. 이 샌드박스의 프로세스에 대한 읽기 액세스도 차단 - + Users 사용자 - + Restrict Resource Access monitor to administrators only 리소스 액세스 모니터를 관리자로만 제한 - + Add User 사용자 추가 - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8786,23 +8786,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to 참고: 샌드박스에 대한 강제 프로그램 및 강제 폴더 설정은 샌드박스를 사용할 수 없는 사용자 계정에는 적용되지 않습니다. - + Add Option 옵션 추가 - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. 여기서 호환성 향상 및/또는 샌드박스 동작을 사용자 정의하도록 고급 프로세스별 옵션을 구성할 수 있습니다. - + Option 옵션 - + Tracing 추적 @@ -8812,22 +8812,22 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to API 호출 추적 (Sbie 디렉터리에 LogAPI를 설치해야 함) - + Pipe Trace 파이프 추적 - + Log all SetError's to Trace log (creates a lot of output) 모든 SetError를 추적 로그에 기록 (많은 출력을 생성) - + Log Debug Output to the Trace Log 추적 로그에 디버그 출력 기록 - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8850,78 +8850,78 @@ instead of "*". Ntdll syscall 추적 (많은 출력을 생성합니다) - + File Trace 파일 추적 - + Disable Resource Access Monitor 리소스 액세스 모니터 사용 안 함 - + IPC Trace IPC 추적 - + GUI Trace GUI 추적 - + Resource Access Monitor 리소스 액세스 모니터 - + Access Tracing 액세스 추적 - + COM Class Trace COM 클래스 추적 - + Key Trace 키 추적 - - + + Network Firewall 네트워크 방화벽 - + These commands are run UNBOXED after all processes in the sandbox have finished. 이러한 명령은 샌드박스의 모든 프로세스가 완료된 후 언박스 상태로 실행됩니다. - + API call Trace (traces all SBIE hooks) API 호출 추적 (모든 SBIE 후크 추적) - + Debug 디버그 - + WARNING, these options can disable core security guarantees and break sandbox security!!! 경고, 이러한 옵션은 핵심 보안 보장을 비활성화하고 샌드박스 보안을 파괴할 수 있습니다!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. 이러한 옵션은 호환성 문제를 디버깅하기 위한 것이므로 프로덕션에서 사용하지 마십시오. - + App Templates 앱 템플릿 @@ -8930,22 +8930,22 @@ instead of "*". 템플릿 호환성 - + Filter Categories 필터 범주 - + Text Filter 텍스트 필터 - + Add Template 템플릿 추가 - + This list contains a large amount of sandbox compatibility enhancing templates 이 목록에는 많은 양의 샌드박스 호환성 향상 템플릿이 포함되어 있습니다 @@ -8954,17 +8954,17 @@ instead of "*". 템플릿 제거 - + Category 범주 - + Template Folders 템플릿 폴더 - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8973,78 +8973,78 @@ Please note that this values are currently user specific and saved globally for 이 값은 현재 사용자마다 다르며 모든 박스에 대해 전역으로 저장됩니다. - - + + Value - + Accessibility 접근성 - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. 손실된 보호를 보상하려면 제한 설정 그룹의 삭제 권한 설정 페이지를 참조하십시오. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access 화면 판독기: JAWS, NVDA, Window-Eyes, 시스템 액세스 - + DNS Filter DNS 필터 - + Add Filter 필터 추가 - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. DNS 필터를 사용하면 개별 도메인을 프로세스 단위로 차단할 수 있습니다. 차단하려면 IP 열을 비워 두거나 리디렉션할 IP를 입력하세요. - + Domain 도메인 - + Internet Proxy 인터넷 프록시 - + Add Proxy 프록시 추가 - + Test Proxy 프록시 테스트 - + Auth 인증 - + Login 로그인 - + Password 암호 - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. 샌드박스가 적용된 프로그램은 사전 설정된 SOCKS5 프록시를 사용하도록 강제할 수 있습니다. @@ -9054,28 +9054,28 @@ Please note that this values are currently user specific and saved globally for 관리자 사용자 계정만 이 샌드박스를 변경할 수 있습니다 - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>보안 권고</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 및/또는 <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> 를 Open[File/Pipe]경로 지시문과 함께 사용하면 보안이 손상될 수 있습니다. 사용하기 전에 문서에서 각 옵션에 대한 보안 섹션을 검토하세요. - + Resolve hostnames via proxy 프록시를 통해 호스트 이름 확인 - + Limit restrictions 한도 제한 - - + + Leave it blank to disable the setting(Unit:KB) 설정을 비활성화하려면 비워 둡니다 (단위:KB) - + Leave it blank to disable the setting 설정을 비활성화하려면 비워 둡니다 @@ -9085,75 +9085,75 @@ Please note that this values are currently user specific and saved globally for 총 프로세스 수 제한: - + Total Processes Memory Limit: 총 프로세스 메모리 제한: - + Single Process Memory Limit: 단일 프로세스 메모리 제한: - + Don't allow sandboxed processes to see processes running outside any boxes 샌드박스된 프로세스가 박스 외부에서 실행되는 프로세스를 볼 수 없도록 합니다 - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI 샌드박스화된 프로세스가 WMI를 통해 시스템 세부 정보에 액세스하지 못하도록 방지 - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. 일부 프로그램은 기존 방법을 사용하는 대신 내장된 Windows 데이터베이스인 WMI (Windows Management Instrumentation)를 통해 시스템 세부 정보를 검색합니다. 예를 들어, 'HideOtherBoxes'를 활성화한 경우에도 'tasklist.exe'는 전체 프로세스 목록에 액세스할 수 있습니다. 이러한 동작을 방지하려면 이 옵션을 활성화합니다. - + DNS Request Logging Dns Request Logging DNS 요청 로깅 - + Syscall Trace (creates a lot of output) Syscall 추적 (출력이 많이 생성됨) - + Templates 템플릿 - + Open Template 템플릿 열기 - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. 다음 설정은 내게 필요한 옵션 소프트웨어와 함께 Sandboxie를 사용할 수 있도록 합니다. 이러한 설정이 적용되면 일부 Sandboxie 보호 기능이 손실됩니다. - + Edit ini Section 이 섹션 편집 - + Edit ini ini 편집 - + Cancel 취소 - + Save 저장 diff --git a/SandboxiePlus/SandMan/sandman_nl.ts b/SandboxiePlus/SandMan/sandman_nl.ts index 3eda6e03..d0befc2f 100644 --- a/SandboxiePlus/SandMan/sandman_nl.ts +++ b/SandboxiePlus/SandMan/sandman_nl.ts @@ -7047,8 +7047,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes Het systeem beschermen tegen gesandboxte processen @@ -7193,12 +7193,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Afdrukbeperkingen - + Network restrictions Netwerkbeperkingen - + Block network files and folders, unless specifically opened. Netwerkbestanden en -mappen blokkeren, tenzij ze specifiek worden geopend. @@ -7214,18 +7214,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Naam @@ -7242,63 +7242,63 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Verwijderen - + Program Control Programma-bediening - - - - - - - + + + + + + + Type Type - + Program Groups Programmagroepen - + Add Group Groep toevoegen - - - - - + + + + + Add Program Programma toevoegen @@ -7307,42 +7307,42 @@ If you are a great patreaon supporter already, sandboxie can check online for an Geforceerde programma's - + Force Folder Map forceren - - - + + + Path Pad - + Force Program Programma forceren - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Sjablonen weergeven @@ -7396,7 +7396,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Windows Credentials Store openen (gebruikersmodus) - + Prevent change to network and firewall parameters (user mode) Wijziging aan netwerk- en firewall-parameters voorkomen (gebruikersmodus) @@ -7406,18 +7406,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. U kunt programma's samen groeperen en ze een groepsnaam geven. Programmagroepen kunnen gebruikt worden met een aantal instellingen in plaats van programma-namen. Groepen die gedefinieerd zijn voor de box overschrijven groepen die gedefinieerd zijn in sjablonen. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programma's die hier ingevoerd worden of programma's die gestart worden vanaf ingevoerde locaties zullen automatisch in deze sandbox gestoken worden tenzij ze expliciet gestart worden in een andere sandbox. - - + + Stop Behaviour Stop-gedrag @@ -7442,12 +7442,12 @@ If leader processes are defined, all others are treated as lingering processes.< Als leidende processen gedefinieerd zijn, worden alle andere als achterblijvende processen behandeld. - + Start Restrictions Start-beperkingen - + Issue message 1308 when a program fails to start Bericht 1308 weergeven wanneer een programma niet kan worden gestart @@ -7476,32 +7476,32 @@ Als leidende processen gedefinieerd zijn, worden alle andere als achterblijvende Internetbeperkingen - + Process Restrictions Proces-beperkingen - + Issue message 1307 when a program is denied internet access Bericht 1307 weergeven wanneer een programma internettoegang geweigerd is - + Prompt user whether to allow an exemption from the blockade. Gebruiker vragen of een uitzondering van de blokkering toegestaan moet worden. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Opmerking: programma's die in deze sandbox geïnstalleerd zijn zullen helemaal geen toegang krijgen tot het internet. - - - - - - + + + + + + Access Toegang @@ -7599,13 +7599,13 @@ Als leidende processen gedefinieerd zijn, worden alle andere als achterblijvende - + Move Up Omhoog verplaatsen - + Move Down Omlaag verplaatsen @@ -7661,111 +7661,111 @@ Als leidende processen gedefinieerd zijn, worden alle andere als achterblijvende - + Use a Sandboxie login instead of an anonymous token - + Configure which processes can access Desktop objects like Windows and alike. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection - + Issue message 1305 when a program tries to load a sandboxed dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Advanced Security Adcanced Security - + Other isolation - + Privilege isolation - + Sandboxie token - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. - + Force Programs - + Disable forced Process and Folder for this sandbox - + Breakout Programs - + Breakout Program - + Breakout Folder @@ -7814,223 +7814,223 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Lingering Programs - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. - + Leader Programs - + If leader processes are defined, all others are treated as lingering processes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + Registry Register - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. - + Wnd - + Wnd Class Wnd-klasse - + COM - + Class Id - + Configure which processes can access COM objects. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) - + Access Policies - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. - + Network Options - + Set network/internet access for unlisted processes: Netwerk-/internettoegang instellen processen die niet in de lijst zitten: - + Test Rules, Program: Testregels, programma: - + Port: Poort: - + IP: IP: - + Protocol: Protocol: - + X X - + Add Rule Regel toevoegen - - - - - - - - - + + + + + + + + + Program Programma - - + + Action Actie - - + + Port Poort - - - + + + IP IP - + Protocol Protocol - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. WAARSCHUWING: Windows Filtering Platform is niet ingeschakeld met de driver. Daardoor zullen deze regels alleen toegepast worden in gebruikersmodus en kunnen ze niet geforceerd worden! Dit betekent dat kwaadaardige toepassingen ze kunnen omzeilen. - + Resource Access Brontoegang @@ -8047,92 +8047,92 @@ You can use 'Open for All' instead to make it apply to all programs, o U kunt in plaats daarvan 'open voor iedereen' gebruiken om het op alle programma's van toepassing te laten zijn, of dit gedrag wijzigen in het tabblad Beleid. - + Add File/Folder Bestand/map toevoegen - + Add Wnd Class Wnd Class toevoegen - + Add IPC Path IPC-pad toevoegen - + Add Reg Key Reg Key toevoegen - + Add COM Object COM-object toevoegen - + File Recovery Bestandsherstel - + Quick Recovery - + Add Folder Map toevoegen - + Immediate Recovery - + Ignore Extension Extensie negeren - + Ignore Folder Map negeren - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Inschakelen dat onmiddellijk herstel bestanden kan herstellen van zodra ze aangemaakt worden. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. U kunt mappen en bestandstypes (of bestandextensies) uitsluiten van onmiddellijk herstel. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Wanneer de snel-herstel-functie ingeroepen wordt, worden de volgende mappen gecontroleerd op gesandboxte inhoud. - + Advanced Options Geavanceerde opties - + Miscellaneous Diverse - + Don't alter window class names created by sandboxed programs Vensterklasse-namen aangemaakt door gesandboxte programma's niet wijzigen - + Do not start sandboxed services using a system token (recommended) Gesandboxte services niet starten met een systeemtoken (aanbevolen) @@ -8140,26 +8140,26 @@ U kunt in plaats daarvan 'open voor iedereen' gebruiken om het op alle - - - - + + + + Protect the sandbox integrity itself Integriteit van de sandbox zelf beschermen - + Drop critical privileges from processes running with a SYSTEM token Verwijder kritieke privileges van processen die draaien met een SYSTEM-token - - + + (Security Critical) (beveiliging kritiek) - + Protect sandboxed SYSTEM processes from unprivileged processes Gesandboxte SYSTEM-processen beschermen tegen niet-geprivilegieerde processen @@ -8168,7 +8168,7 @@ U kunt in plaats daarvan 'open voor iedereen' gebruiken om het op alle Sandbox-isolatie - + Force usage of custom dummy Manifest files (legacy behaviour) Gebruik van aangepaste dummy-manifest-bestanden forceren (oud gedrag) @@ -8181,34 +8181,34 @@ U kunt in plaats daarvan 'open voor iedereen' gebruiken om het op alle Brontoegang-beleid - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. De regel-specificiteit is een maatstaf voor hoe goed een gegeven regel overeenkomt met een bepaald pad. Eenvoudig gezegd is de specificiteit de lengte van de tekens vanaf het begin van het pad tot en met de laatste overeenstemmende substring zonder wildcard. Een regel die alleen overeenstemt met bestandstypes zoals "*.tmp" zou de hoogste specificiteit hebben omdat hij altijd overeenstemt met het volledige bestandspad. Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificiteit en beschrijft hoe een regel van toepassing is op een gegeven proces. Regels die van toepassing zijn op procesnaam of groep hebben het sterkste overeenstemmingsniveau, gevolgd door het overeenstemmen door negatie (d.w.z. regels die van toepassing zijn op alle processen behalve het gegeven proces), terwijl de laagste overeenstemmingsniveaus globale overeenstemmingen hebben, d.w.z. regels die van toepassing zijn op gelijk welk proces. - + Prioritize rules based on their Specificity and Process Match Level Regels prioriteren op basis van hun specificiteit en procesovereenkomstniveau - + Privacy Mode, block file and registry access to all locations except the generic system ones Privacymodus, blokkeert de toegang tot bestanden en het register op alle locaties behalve de algemene systeemlocaties - + Access Mode Toegangmodus - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Wanneer de privacymodus is ingeschakeld, kunnen gesandboxte processen alleen C:\Windows, C:\Program Files en delen van het HKLM-register lezen. Alle andere locaties hebben expliciete toegang nodig om leesbaar en/of schrijfbaar te zijn. In deze modus is regelspecificiteit altijd ingeschakeld. - + Rule Policies Regel-beleid @@ -8217,23 +8217,23 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite Close...=!<program>,... regels ook toepassen op alle binaries die in de sandbox aanwezig zijn. - + Apply File and Key Open directives only to binaries located outside the sandbox. Bestand- en sleutel open directives alleen toepassen op binaries die zich buiten de sandbox bevinden. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) De gesandboxte RpcS'en als een SYSTEM-proces starten (niet aanbevolen) - + Allow only privileged processes to access the Service Control Manager Alleen processen met rechten toegang geven tot de Service Control Manager - - + + Compatibility Compatibiliteit @@ -8247,12 +8247,12 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite Gesandboxte processen aan job-objecten toevoegen (aanbevolen) - + Emulate sandboxed window station for all processes Gesandboxt venster station emuleren voor alle processen - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Gebruik van geneste job-objecten toestaan (experimenteel, wekt op Windows 8 en later) @@ -8320,7 +8320,7 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite COM/RPC - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Het gebruik van RpcMgmtSetComTimeout standaard uitschakelen (dit kan compatibiliteitsproblemen oplossen) @@ -8349,41 +8349,41 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite Toegangsisolatie - + Triggers Triggers - + Event Gebeurtenis - - - - + + + + Run Command Opdracht uitvoeren - + Start Service Service starten - + These events are executed each time a box is started Deze gebeurtenissen worden uitgevoerd telkens wanneer een box wordt gestart - + On Box Start Bij starten van box - - + + These commands are run UNBOXED just before the box content is deleted Deze opdrachten worden NIET-GEBOXT uitgevoerd vlak voordat de inhoud van de box verwijderd wordt @@ -8392,52 +8392,52 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite Bij verwijderen van box - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Deze opdrachten worden alleen uitgevoerd wanneer een box geïnitialiseerd wordt. Om ze opnieuw te laten uitvoeren, moet de inhoud van de box verwijderd worden. - + On Box Init Bij initialisatie van de box - + Here you can specify actions to be executed automatically on various box events. Hier kunt u aangeven welke acties automatisch moeten worden uitgevoerd bij diverse boxgebeurtenissen. - + Hide Processes Processen verbergen - + Add Process Processen toevoegen - + Hide host processes from processes running in the sandbox. Host-processen verbergen van processen die in de sandbox worden uitgevoerd. - + Don't allow sandboxed processes to see processes running in other boxes Gesandboxte processen niet toestaan om processen te zien die in andere boxen worden uitgevoerd - + Users Gebruikers - + Restrict Resource Access monitor to administrators only Brontoegang-monitor beperken tot alleen administrators - + Add User Gebruiker toevoegen @@ -8446,7 +8446,7 @@ Het proces-overeenstemmingsniveau heeft een hogere prioriteit dan de specificite Gebruiker verwijderen - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8455,23 +8455,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Opmerking: Instellingen voor geforceerde programma's en geforceerde mappen voor een zandbak zijn niet van toepassing op gebruikersaccounts die de zandbak niet kunnen gebruiken. - + Add Option - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. - + Option - + Tracing Traceren @@ -8481,22 +8481,22 @@ Opmerking: Instellingen voor geforceerde programma's en geforceerde mappen API call trace (logapi moet geïnstalleerd zijn in de sbie-map) - + Pipe Trace Pipe-trace - + Log all SetError's to Trace log (creates a lot of output) Alle SetErrors loggen naar trace-log (maakt veel uitvoer aan) - + Log Debug Output to the Trace Log Debug-uitvoer naar de trace-log loggen - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8519,78 +8519,78 @@ in plaats van "*". Ntdll syscall Trace (maakt veel uitvoer aan) - + File Trace Bestand-trace - + Disable Resource Access Monitor Brontoegang-monitor uitschakelen - + IPC Trace IPC-trace - + GUI Trace GUI-trace - + Resource Access Monitor Brontoegang-monitor - + Access Tracing Toegang-tracing - + COM Class Trace COM Class trace - + Key Trace Key-trace - - + + Network Firewall Netwerk-firewall - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Syscall Trace (creates a lot of output) - + Debug Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! WAARSCHUWING, deze opties kunnen kernbeveiligingsgaranties uitschakelen en sandbox-beveiliging breken! - + These options are intended for debugging compatibility issues, please do not use them in production use. Deze opties zijn bedoeld voor het debuggen van compatibiliteitsproblemen, gebruik ze niet in productiegebruik. - + App Templates App-sjablonen @@ -8599,22 +8599,22 @@ in plaats van "*". Compatibiliteit-sjablonen - + Filter Categories Filter categorieën - + Text Filter Tekstfilter - + Add Template Sjabloon toevoegen - + This list contains a large amount of sandbox compatibility enhancing templates Deze lijst bevat een groot aantal sjablonen om sandbox-compatibiliteit te verbeteren @@ -8623,17 +8623,17 @@ in plaats van "*". Sjabloon verwijderen - + Category Categorie - + Template Folders Sjabloonmappen - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8642,23 +8642,23 @@ Please note that this values are currently user specific and saved globally for Merk op dat deze waarden momenteel gebruikersspecifiek zijn en globaal worden opgeslagen voor alle boxen. - - + + Value Waarde - + Accessibility Toegankelijkheid - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Om te compenseren voor de verloren bescherming, raadpleeg de "rechten ontnemen"-instellingenpagina in de beperking-instellingen-groep. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Schermlezers: JAWS, NVDA, Window-Eyes, System Access @@ -8668,43 +8668,43 @@ Merk op dat deze waarden momenteel gebruikersspecifiek zijn en globaal worden op - + Various Options - + Apply ElevateCreateProcess Workaround (legacy behaviour) - + Use desktop object workaround for all processes - + This command will be run before the box content will be deleted - + On File Recovery - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked - + Run File Checker - + On Delete Content @@ -8730,103 +8730,103 @@ Merk op dat deze waarden momenteel gebruikersspecifiek zijn en globaal worden op - + Process Proces - + Other Options - + Port Blocking - + Block common SAMBA ports - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Block DNS, UDP port 53 - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8836,79 +8836,79 @@ Merk op dat deze waarden momenteel gebruikersspecifiek zijn en globaal worden op - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + API call Trace (traces all SBIE hooks) - + DNS Request Logging - + Templates - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. De volgende instellingen schakelen het gebruik van Sandboxie in combinatie met toegankelijkheidssoftware in. Merk op dat sommige beschermingsmaatregelen van Sandboxie noodzakelijk verloren gaan wanneer deze instellingen van toepassing zijn. - + Edit ini Section Ini-sectie bewerken - + Edit ini Ini bewerken - + Cancel Annuleren - + Save Opslaan diff --git a/SandboxiePlus/SandMan/sandman_pl.ts b/SandboxiePlus/SandMan/sandman_pl.ts index 1ea1a2b8..1214b869 100644 --- a/SandboxiePlus/SandMan/sandman_pl.ts +++ b/SandboxiePlus/SandMan/sandman_pl.ts @@ -7312,7 +7312,7 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić - + Block network files and folders, unless specifically opened. Zablokuj dostęp do dysków sieciowych, chyba że specjalnie dopuszczone. @@ -7341,8 +7341,8 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić - - + + Protect the system from sandboxed processes Chroń system przed programami w piaskownicy @@ -7368,18 +7368,18 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić - - - - - - - - - - - - + + + + + + + + + + + + Name Nazwa @@ -7396,28 +7396,28 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Usuń @@ -7474,7 +7474,7 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Spraw, by aplikacje uznały, że działają z podwyższonym poziomem uprawnień (umożliwia bezpieczne uruchamianie instalatorów) - + Network restrictions Ograniczenia sieciowe @@ -7526,13 +7526,13 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Tutaj możesz określić programy i / lub usługi, które mają być automatycznie uruchamiane w piaskownicy po jej aktywacji - - - - - - - + + + + + + + Type Typ @@ -7541,21 +7541,21 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Dodaj usługę - + Program Groups Grupy programów - + Add Group Dodaj grupę - - - - - + + + + + Add Program Dodaj Program @@ -7564,42 +7564,42 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Programy wymuszone - + Force Folder Wymuś folder - - - + + + Path Ścieżka - + Force Program Wymuś program - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Pokaż szablony @@ -7657,7 +7657,7 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Otwórz Windows Credentials Store (tryb użytkownika) - + Prevent change to network and firewall parameters (user mode) Zapobiegaj zmianom parametrów sieci i zapory (tryb użytkownika) @@ -7666,18 +7666,18 @@ Jeśli jesteś już Wielkim Wspierającym na Patreon, Sandboxie może sprawdzić Program/Usługa - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Możesz pogrupować programy i nadać im nazwę grupy. Grupy programów mogą być używane z niektórymi ustawieniami zamiast nazw programów. Grupy zdefiniowane dla boksu zastępują grupy zdefiniowane w szablonach. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programy wprowadzone tutaj lub programy uruchomione z wprowadzonych lokalizacji zostaną automatycznie umieszczone w tej piaskownicy, chyba że zostaną wyraźnie uruchomione w innej piaskownicy. - - + + Stop Behaviour Zatrzymaj Zachowywania @@ -7702,12 +7702,12 @@ If leader processes are defined, all others are treated as lingering processes.< Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako procesy oczekujące. - + Start Restrictions Ograniczenia wykonania - + Issue message 1308 when a program fails to start Pokaż wiadomość 1308, gdy program nie może uruchomić się @@ -7736,126 +7736,126 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro Ograniczenia internetowe - + Process Restrictions Ograniczenia procesu - + Issue message 1307 when a program is denied internet access Pokaż wiadomość 1307, gdy programowi odmówiono dostępu do Internetu - + Note: Programs installed to this sandbox won't be able to access the internet at all. * Programy zainstalowane w piaskownicy nie będą mogły używać Internetu. - + Prompt user whether to allow an exemption from the blockade. Zapytaj użytkownika o pozwolenie dostępu do Internetu. - + Resource Access Dostęp do zasobów - - - - - - - - - + + + + + + + + + Program Program - - - - - - + + + + + + Access Dostęp - + Add Reg Key Dodaj klucz rejestru - + Add File/Folder Dodaj plik/folder - + Add Wnd Class Dodaj klasę okna - + Add COM Object Dodaj objekt COM - + Add IPC Path Dodaj ścieżkę IPC - + File Recovery Przywracanie plików - + Add Folder Dodaj folder - + Ignore Extension Ignoruj rozszerzenie pliku - + Ignore Folder Ignoruj folder - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Włącz monit Natychmiastowego Przywracania, aby móc odzyskać pliki zaraz po ich utworzeniu. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Możesz wykluczyć foldery i typy plików (lub rozszerzenia plików) z Natychmiastowego Odzyskiwania. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Po wywołaniu funkcji szybkiego odzyskiwania następujące foldery zostaną sprawdzone pod kątem zawartości w piaskownicy. - + Advanced Options Opcje zaawansowane - + Miscellaneous Różne - + Allow only privileged processes to access the Service Control Manager Ogranicz dostęp do emulowanego menedżera kontroli usług do procesów uprzywilejowanych @@ -7863,10 +7863,10 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro - - - - + + + + Protect the sandbox integrity itself Chroń integralność piaskownicy @@ -7875,12 +7875,12 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro Izolacja piaskownicy - + Don't alter window class names created by sandboxed programs Nie zmieniaj nazw klas okien w piaskownicy - + Do not start sandboxed services using a system token (recommended) Nie uruchamiaj usług piaskownicy przy użyciu tokena systemowego (zalecane) @@ -7900,13 +7900,13 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro Dodaj procesy w piaskownicy do obiektów zadań (zalecane) - + Force usage of custom dummy Manifest files (legacy behaviour) Wymuś użycie niestandardowych fałszywych plików manifestu (zachowanie starszego typu) - - + + Compatibility Zgodność @@ -7923,42 +7923,42 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro Tutaj można określić listę poleceń do wykonania przy inicjalizacji pustej piaskownicy. - + Hide Processes Ukryj procesy - + Add Process Dodaj proces - + Hide host processes from processes running in the sandbox. Ukryj procesy hosta piaskownicy przed procesami działającymi w piaskownicy. - + Don't allow sandboxed processes to see processes running in other boxes Nie zezwalaj procesom w trybie piaskownicy widzieć procesów działających w innych boksach - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Users Użytkownicy - + Restrict Resource Access monitor to administrators only Ogranicz dostęp do monitora dostępu do zasobów tylko dla administratorów - + Add User Dodaj użytkownika @@ -7967,7 +7967,7 @@ Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako pro Usuń użytkownika - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -7976,47 +7976,47 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Uwaga: ustawienia Wymuszonych Programów i Wymuszania Folderów dla piaskownicy nie mają zastosowania do kont użytkowników, które nie mogą korzystać z piaskownicy. - + Tracing Śledzenie - + GUI Trace Śledzenie GUI - + IPC Trace Śledzenie IPC - + Pipe Trace Śledzenie pipe - + Access Tracing Śledzenie dostępów - + Log Debug Output to the Trace Log Rejestruj dane wyjściowe debugowania w dzienniku śledzenia - + File Trace Śledzenie plikow - + Key Trace Śledzenie kluczy - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8035,12 +8035,12 @@ Możesz dostosować rejestrowanie za pomocą ini, określając zamiast "*". - + COM Class Trace Śledzenie klas COM - + Emulate sandboxed window station for all processes Emuluj piaskownicę dla wszystkich procesów @@ -8054,38 +8054,38 @@ zamiast "*". Izolacja dostępu - + Apply ElevateCreateProcess Workaround (legacy behaviour) Zastosuj obejście ElevateCreateProcess (starsze zachowanie) - + Use desktop object workaround for all processes Użyj obejścia dla obiektów pulpitu dla wszystkich procesów - + This command will be run before the box content will be deleted To polecenie zostanie uruchomione zanim zawartość boksu zostanie usunięta - + On File Recovery O odzyskiwaniu plików - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked To polecenie zostanie uruchomione przed odzyskaniem pliku i ścieżka do pliku zostanie przekazana jako pierwszy argument, jeśli to polecenie zwrócić coś innego niż 0 odzyskanie zostanie zablokowane - + Run File Checker Uruchom sprawdzanie plików - + On Delete Content Uruchom, Usuń zawartość @@ -8096,7 +8096,7 @@ zamiast "*". - + Process Proces @@ -8105,7 +8105,7 @@ zamiast "*". Zablokuj również dostęp do odczytu procesów w tej piaskownicy - + Add Option Dodaj opcję @@ -8114,7 +8114,7 @@ zamiast "*". Tutaj możesz skonfigurować zaawansowane opcje dla każdego procesu, aby poprawić kompatybilność i/lub dostosować zachowanie piaskownicy. - + Option Opcja @@ -8124,7 +8124,7 @@ zamiast "*". Śledzenie wywołań API (wymaga zainstalowania logapi w katalogu sbie) - + Log all SetError's to Trace log (creates a lot of output) Rejestruj wszystkie błędy SetError do dziennika śledzenia (tworzy dużo danych wyjściowych) @@ -8133,28 +8133,28 @@ zamiast "*". Śledzenie Ntdll syscall (tworzy dużo danych wyjściowych) - + DNS Request Logging Dns Request Logging Rejestrowanie żądań DNS - + Debug Debug - + WARNING, these options can disable core security guarantees and break sandbox security!!! UWAGA, te opcje mogą wyłączyć podstawowe gwarancje bezpieczeństwa i złamać zabezpieczenia sandboxa! - + These options are intended for debugging compatibility issues, please do not use them in production use. Te opcje są przeznaczone do debugowania problemów z kompatybilnością, proszę nie używać ich w zastosowaniach produkcyjnych. - + App Templates Dodaj szablony @@ -8163,17 +8163,17 @@ zamiast "*". Szablony zgodności - + Filter Categories Filtruj kategorie - + Text Filter Filtruj text - + Add Template Dodaj szablon @@ -8182,42 +8182,42 @@ zamiast "*". Usuń szablon - + Category Kategoria - + This list contains a large amount of sandbox compatibility enhancing templates Ta lista zawiera dużą ilość szablonów poprawiających kompatybilność z piaskownicą - + Set network/internet access for unlisted processes: Ustawienie dostępu do sieci/internetu dla procesów niewymienionych na liście: - + Test Rules, Program: Zasady testowania, program: - + Port: Port: - + IP: IP: - + Protocol: Protokół: - + X X @@ -8266,33 +8266,33 @@ zamiast "*". Izolacja dostępu - + Image Protection Ochrona obrazu - + Issue message 1305 when a program tries to load a sandboxed dll Problem z komunikatem 1305, gdy program próbuje załadować bibliotekę DLL w trybie piaskownicy - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Zapobieganie ładowaniu dll'ów z piaskownicy przez programy zainstalowane na hoście - + Dlls && Extensions Dll-e && Rozszerzenia - + Description Opis - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Zasady dostępu do zasobów Sandboxa często dyskryminują binarki programów znajdujących się wewnątrz piaskownicy. OpenFilePath i OpenKeyPath działają tylko dla binarek aplikacji znajdujących się natywnie na hoście. Aby zdefiniować regułę bez tego ograniczenia, należy użyć OpenPipePath lub OpenConfPath. Podobnie, wszystkie dyrektywy Closed(File|Key|Ipc)Path, które są zdefiniowane przez negację np. 'ClosedFilePath=! iexplore.exe,C:Users*' będą zawsze zamknięte dla binariów znajdujących się wewnątrz sandboxa. Obie polityki ograniczeń mogą być wyłączone na stronie "Zasady dostępu". @@ -8303,7 +8303,7 @@ Ma to zapobiec tworzeniu przez nieuczciwe procesy wewnątrz piaskownicy kopii o Funkcjonalność piaskownic można ulepszyć za pomocą opcjonalnych bibliotek dll, które można załadować do każdego procesu w piaskownicy przy starcie przez SbieDll.dll, menedżer dodatków w ustawieniach globalnych oferuje kilka przydatnych rozszerzeń, po zainstalowaniu można je włączyć tutaj dla bieżącej skrzynki. - + Advanced Security Adcanced Security Ochrona zaawansowana @@ -8313,52 +8313,52 @@ Ma to zapobiec tworzeniu przez nieuczciwe procesy wewnątrz piaskownicy kopii o Użyj loginu Sandboxie zamiast anonimowego tokena (eksperymentalne) - + Other isolation Inna izolacja - + Privilege isolation Izolacja przywilejów - + Sandboxie token Token piaskownicy - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Użycie niestandardowego tokena sandboxie pozwala na lepsze odizolowanie poszczególnych sandboxów od siebie, a także pokazuje w kolumnie użytkownika w menedżerach zadań nazwę sandboxa, do którego należy dany proces. Niektóre rozwiązania bezpieczeństwa firm trzecich mogą jednak mieć problemy z niestandardowymi tokenami. - + Program Control Kontrola programu - + Force Programs Wymuś programy - + Disable forced Process and Folder for this sandbox Wyłącz wymuszanie procesów i folderów dla tej piaskownicy - + Breakout Programs Programy przerywane - + Breakout Program Program wyrwany - + Breakout Folder Folder wyrwany @@ -8440,12 +8440,12 @@ Ma to zapobiec tworzeniu przez nieuczciwe procesy wewnątrz piaskownicy kopii o Zezwalanie użytecznym procesom Windows na dostęp do procesów chronionych - + Use a Sandboxie login instead of an anonymous token Użyj loginu Sandboxie zamiast anonimowego tokena - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Programy wpisane tutaj będą mogły wyrwać się z tego boksu po uruchomieniu, możesz je przechwycić do innego boksu. Na przykład, aby przeglądarka internetowa była zawsze otwarta w dedykowanym boksie. Ta funkcja wymaga zainstalowania ważnego certyfikatu wsparcia. @@ -8455,83 +8455,83 @@ Ma to zapobiec tworzeniu przez nieuczciwe procesy wewnątrz piaskownicy kopii o <b><font color='red'>PRZESTROGA DOTYCZĄCA BEZPIECZEŃSTWA</font>:</b> Using <a href="sbie://docs/breakoutfolder"> Używanie Breakout Folder</a> i/lub <a href="sbie://docs/breakoutprocess">Breakout Process</a> w połączeniu z dyrektywami Open[File/Pipe]Path może naruszyć bezpieczeństwo, podobnie jak użycie <a href="sbie://docs/breakoutdocument">Breakout Document</a> pozwalającego na dowolne * lub niezabezpieczone (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;itp...) rozszerzenia. Przed użyciem należy zapoznać się z sekcją bezpieczeństwa dla każdej opcji w dokumentacji. - + Lingering Programs Długotrwałe programy - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Długotrwałe programy zostaną automatycznie zakończone, jeśli nadal działają po zakończeniu wszystkich innych procesów. - + Leader Programs Programy wiodące - + If leader processes are defined, all others are treated as lingering processes. Jeśli zdefiniowane są procesy wiodące, wszystkie inne są traktowane jako procesy długotrwałe. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + Files Pliki - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Skonfiguruj, które procesy mogą uzyskiwać dostęp do plików, folderów i potoków. Dostęp „Otwarty” dotyczy tylko plików binarnych programu znajdujących się poza piaskownicą, możesz zamiast tego użyć „Otwórz dla wszystkich”, aby zastosować go do wszystkich programów, lub zmienić to zachowanie na karcie Zasady. - + Registry Rejestr Systemu - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Skonfiguruj, które procesy mogą uzyskiwać dostęp do Rejestru. Dostęp „Otwarty” dotyczy tylko plików binarnych programu znajdujących się poza piaskownicą, możesz zamiast tego użyć „Otwórz dla wszystkich”, aby zastosować go do wszystkich programów, lub zmienić to zachowanie na karcie Zasady. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Skonfiguruj, które procesy mogą uzyskiwać dostęp do obiektów NT IPC, takich jak porty ALPC oraz pamięć i kontekst innych procesów. Aby określić proces, użyj jako ścieżki '$:program.exe'. - + Wnd Wnd - + Wnd Class Klasa Okna @@ -8541,50 +8541,50 @@ Aby określić proces, użyj jako ścieżki '$:program.exe'.Skonfiguruj, które procesy mogą uzyskiwać dostęp do obiektów pulpitu, takich jak Windows i tym podobne. - + COM COM - + Class Id Klasa Id - + Configure which processes can access COM objects. Skonfiguruj, które procesy mogą uzyskiwać dostęp do obiektów COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Nie używaj zwirtualizowanego COM, Otwórz dostęp do infrastruktury COM hostów (niezalecane) - + Access Policies Polityka dostępu - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Zastosuj reguły Zamknij...=!<program>,... również do wszystkich binariów znajdujących się w piaskownicy. - + Network Options Opcje sieciowe - + Add Rule Dodaj regułę - - + + Action Akcja @@ -8667,61 +8667,61 @@ Aby określić proces, użyj jako ścieżki '$:program.exe'. - + Move Up Przesuń w górę - + Move Down Przesuń w dół - + Configure which processes can access Desktop objects like Windows and alike. Skonfiguruj, które procesy mogą uzyskiwać dostęp do obiektów pulpitu, takich jak Windows i tym podobne. - - + + Port Port - - - + + + IP IP - + Protocol Protokół - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. UWAGA: Platforma filtrowania Windows nie jest włączona w sterowniku, dlatego te reguły będą stosowane tylko w trybie użytkownika i nie mogą być egzekwowane! Oznacza to, że złośliwe aplikacje mogą je ominąć. - + Quick Recovery Szybkie odzyskiwanie - + Immediate Recovery Natychmiastowe Przywracanie - + Various Options Różne opcje - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Zezwalaj na używanie zagnieżdżonych obiektów zadań (eksperymentalne, działa od Windows 8 i w następnych) @@ -8760,34 +8760,34 @@ You can use 'Open for All' instead to make it apply to all programs, o Zasady dostępu do zasobów - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Specyfika reguły jest miarą tego, jak dobrze dana reguła pasuje do konkretnej ścieżki. Prościej: specyfika jest długością znaków od początku ścieżki do ostatniego pasującego niezawierającego znaków wielkościowych podłańcucha. Reguła, która dopasowuje tylko typy plików takie jak "*.tmp" będzie miała najwyższą specyfikę, ponieważ zawsze dopasuje całą ścieżkę do pliku. Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje sposób zastosowania reguły do danego procesu. Reguły stosujące się do nazwy procesu lub grupy procesów mają najsilniejszy poziom dopasowania, następnie dopasowanie przez negację (tj. reguły stosujące się do wszystkich procesów oprócz danego), podczas gdy najniższe poziomy dopasowania mają dopasowania globalne, tj. reguły stosujące się do każdego procesu. - + Prioritize rules based on their Specificity and Process Match Level Nadaj priorytet regułom w oparciu o ich specyfikę i poziom dopasowania procesu - + Privacy Mode, block file and registry access to all locations except the generic system ones Tryb prywatności, blokuje dostęp do plików i rejestru we wszystkich lokalizacjach z wyjątkiem ogólnych systemowych - + Access Mode Tryb dostępu - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Po włączeniu trybu prywatności, procesy w trybie piaskownicy będą mogły odczytywać tylko C:\Windows\*, C:\Program Files\* i części rejestru HKLM, a wszystkie inne lokalizacje będą wymagały jawnego dostępu do odczytu i/lub zapisu. W tym trybie Specyfika reguły jest zawsze włączona. - + Rule Policies Reguły zasad @@ -8796,12 +8796,12 @@ Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje spos Zastosuj reguły Close...=!<program>,... również do wszystkich plików binarnych znajdujących się w piaskownicy. - + Apply File and Key Open directives only to binaries located outside the sandbox. Zastosuj dyrektywy otwarcia pliku i klucza tylko do plików binarnych znajdujących się poza piaskownicą. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Uruchom proces RpcS w piaskownicy jako proces SYSTEMOWY (niezalecane) @@ -8810,18 +8810,18 @@ Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje spos Otwarty dostęp do infrastruktury COM (niezalecane) - + Drop critical privileges from processes running with a SYSTEM token Odrzuć krytyczne uprawnienia z procesów uruchomionych z tokenem SYSTEM - - + + (Security Critical) (Kluczowe dla bezpieczeństwa) - + Protect sandboxed SYSTEM processes from unprivileged processes Chroń SYSTEMOWE procesy w trybie piaskownicy przed nieuprzywilejowanymi procesami @@ -8865,7 +8865,7 @@ Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje spos COM/RPC - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Wyłączenie domyślnego użycia RpcMgmtSetComTimeout (może rozwiązać problemy z kompatybilnością) @@ -8903,41 +8903,41 @@ Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje spos Poniższe opcje mogą być bezpiecznie użyte, gdy nie nadano uprawnień administratora. - + Triggers Wyzwalacze - + Event Zdarzenie - - - - + + + + Run Command Uruchom polecenie - + Start Service Uruchom usługę - + These events are executed each time a box is started Zdarzenia te wykonywane są za każdym razem, gdy uruchamiany jest boks - + On Box Start Włącz w start boksu - - + + These commands are run UNBOXED just before the box content is deleted Te polecenia uruchamiane są tuż przed usunięciem zawartości boksu @@ -8946,43 +8946,43 @@ Poziom dopasowania do procesu ma wyższy priorytet niż specyfika i opisuje spos Przy usuwaniu boksu - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Polecenia te wykonywane są tylko wtedy, gdy boks jest inicjalizowany. Aby je ponownie uruchomić, należy usunąć zawartość boksu. - + On Box Init Włącz w Init boksu - + Here you can specify actions to be executed automatically on various box events. W tym miejscu można określić akcje, które mają być wykonywane automatycznie w przypadku różnych zdarzeń w boksie. - + Disable Resource Access Monitor Wyłącz monitor dostępu do zasobów - + Resource Access Monitor Monitor dostępu do zasobów - - + + Network Firewall Zapora sieciowa - + Template Folders Foldery szablonów - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8991,93 +8991,93 @@ Please note that this values are currently user specific and saved globally for Należy pamiętać, że te wartości są obecnie specyficzne dla użytkownika i zapisywane globalnie dla wszystkich boksów. - - + + Value Wartość - + Accessibility Dostępność - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Aby zrekompensować utratę ochrony, zapoznaj się ze stroną ustawień Usuwania Uprawnień w grupie ustawień Ograniczenia. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Czytniki ekranu: JAWS, NVDA, Window-Eyes, System Access - + Other Options - + Port Blocking - + Block common SAMBA ports - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. @@ -9105,55 +9105,55 @@ Należy pamiętać, że te wartości są obecnie specyficzne dla użytkownika i - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Resolve hostnames via proxy - + Block DNS, UDP port 53 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. Gdy globalny klawisz skrótu zostanie naciśnięty 3 razy w krótkim odstępie czasu, wyjątek ten zostanie zignorowany. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Wyklucza tę piaskownicę z zakończenia po wywołaniu opcji "Zakończ wszystkie procesy". - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -9168,90 +9168,90 @@ Należy pamiętać, że te wartości są obecnie specyficzne dla użytkownika i - + Total Processes Memory Limit: - + Single Process Memory Limit: - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Funkcjonalność Sandboxie można rozszerzyć za pomocą opcjonalnych bibliotek DLL, które mogą być ładowane do każdego procesu sandboxie podczas uruchamiania przez plik SbieDll.dll, menedżer dodatków w ustawieniach globalnych oferuje kilka przydatnych rozszerzeń, po zainstalowaniu można je tutaj włączyć dla bieżącej skrzynki. - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Tutaj można skonfigurować zaawansowane opcje dla poszczególnych procesów, aby poprawić zgodność i/lub dostosować zachowanie piaskownicy. - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + API call Trace (traces all SBIE hooks) - + Syscall Trace (creates a lot of output) Syscall Trace (tworzy dużo danych wyjściowych) - + Templates Szablony - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Poniższe ustawienia umożliwiają korzystanie z usługi Sandboxie w połączeniu z oprogramowaniem zapewniającym dostępność. Należy pamiętać, że niektóre środki ochrony Sandboxie są z konieczności tracone, gdy te ustawienia są aktywne. - + Edit ini Section Edytuj sekcję ini - + Edit ini Edytuj ini - + Cancel Anuluj - + Save Zapisz diff --git a/SandboxiePlus/SandMan/sandman_pt_BR.ts b/SandboxiePlus/SandMan/sandman_pt_BR.ts index db9e17ee..84ae19b5 100644 --- a/SandboxiePlus/SandMan/sandman_pt_BR.ts +++ b/SandboxiePlus/SandMan/sandman_pt_BR.ts @@ -7317,8 +7317,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes Proteger o sistema de processos do sandbox @@ -7507,12 +7507,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Restrições de Impressão - + Network restrictions Restrições de Rede - + Block network files and folders, unless specifically opened. Bloquear arquivos e pastas de rede, a menos que especificamente abertos. @@ -7532,18 +7532,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Nome @@ -7560,28 +7560,28 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Remover @@ -7594,13 +7594,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an Aqui você pode especificar programas ou serviços que devem ser iniciados automaticamente na caixa de areia quando ela for ativada - - - - - - - + + + + + + + Type Tipo @@ -7613,21 +7613,21 @@ If you are a great patreaon supporter already, sandboxie can check online for an Adicionar serviço - + Program Groups Grupos de Programas - + Add Group Adicionar Grupo - - - - - + + + + + Add Program Adicionar Programa @@ -7640,42 +7640,42 @@ If you are a great patreaon supporter already, sandboxie can check online for an Programas Forçados - + Force Folder Pasta Forçada - - - + + + Path Caminho - + Force Program Programa Forçado - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Mostrar Modelos @@ -7714,7 +7714,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Abrir Credencias de Armazenamento do Windows (modo de usuário) - + Prevent change to network and firewall parameters (user mode) Impedir a alteração de parâmetros de rede e firewall (modo de usuário) @@ -7734,7 +7734,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Isolamento de Segurança - + Advanced Security Adcanced Security Segurança Avançada @@ -7744,54 +7744,54 @@ If you are a great patreaon supporter already, sandboxie can check online for an Usar login do Sandboxie em vez de um token anônimo (experimental) - + Other isolation Outro Isolamento - + Privilege isolation Isolamento Privilegiado - + Sandboxie token Token do Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. O uso de um token do sandboxie personalizado permite isolar melhor as caixas individuais umas das outras e mostra na coluna do usuário dos gerenciadores de tarefas o nome da caixa à qual um processo pertence. Algumas soluções de segurança de terceiros podem, no entanto, ter problemas com tokens personalizados. - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Você pode agrupar programas juntos e dar-lhes um nome de grupo. Grupos de programas podem ser usados ​​com algumas das configurações em vez de nomes de programas. Grupos definidos para a caixa sobrescreve grupos definidos em modelos. - + Force Programs Programas Forçados - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programas inseridos, ou iniciados a partir de locais inseridos aqui, serão colocados nessa caixa automaticamente, a menos que seja explicitamente iniciado em outra caixa de areia. - + Breakout Programs Programas Fora - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Os programas inseridos aqui poderão sair desta caixa de proteção quando forem iniciados. Também é possível capturá-los em outra caixa, por exemplo, para ter seu navegador sempre aberto em uma caixa dedicada. - - + + Stop Behaviour Comportamento ao Parar @@ -7816,12 +7816,12 @@ If leader processes are defined, all others are treated as lingering processes.< Se os processos líderes forem definidos, todos os outros serão tratados como processos persistentes. - + Start Restrictions Restrições ao Iniciar - + Issue message 1308 when a program fails to start Emitir mensagem 1308 quando um programa não iniciar @@ -7850,12 +7850,12 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Restrições à Internet - + Process Restrictions Restrições de Processo - + Issue message 1307 when a program is denied internet access Emitir mensagem 1307 quando um programa for negado de acessar à internet @@ -7864,27 +7864,27 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Bloquear acesso à internet para todos os programas, exceto aqueles adicionados à lista. - + Prompt user whether to allow an exemption from the blockade. Solicitar ao usuário se permite uma isenção do bloqueio. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Nota: Os programas instalados nessa caixa de areia não poderão acessar a internet. - - - - - - + + + + + + Access Acesso - + Set network/internet access for unlisted processes: Definir acesso a rede/internet para processos não listados: @@ -7893,46 +7893,46 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Restrições de Rede - + Test Rules, Program: Testar Regras, Programa: - + Port: Porta: - + IP: - + Protocol: Protocolo: - + X - + Add Rule Adicionar Regra - - - - - - - - - + + + + + + + + + Program Programa @@ -8019,56 +8019,56 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Isolamento de Acesso - + Image Protection Proteção de Imagem - + Issue message 1305 when a program tries to load a sandboxed dll Emitir mensagem 1305 quando um programa tenta carregar uma dll na caixa de areia - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Impedir que programas das caixas instalados no host carreguem dll's do sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. As regras de acesso a recursos do sandboxie geralmente discriminam os binários do programa localizados dentro do sandbox. OpenFilePath e OpenKeyPath funcionam apenas para binários de aplicativos localizados no host nativamente. Para definir uma regra sem essa restrição, deve-se usar OpenPipePath ou OpenConfPath. Da mesma forma, todas as diretivas Closed(File|Key|Ipc)Path que são definidas por negação, por exemplo 'ClosedFilePath =! iexplore.exe,C:Users*’ será sempre fechado para binários localizados dentro de uma caixa. Ambas as políticas de restrição podem ser desativadas na página “Políticas de Acesso”. Isso é feito para evitar que processos invasores dentro do sandbox criem uma cópia renomeada de si mesmos e acessem recursos protegidos. Outro vetor de exploração é a injeção de uma biblioteca em um processo autorizado para obter acesso a tudo o que é permitido acessar.Usando a proteção de imagem do host, isso pode ser evitado bloqueando os aplicativos (instalados no host) executados dentro de uma caixa de carregar bibliotecas do próprio sandbox. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Disable forced Process and Folder for this sandbox Desativar processo e pasta forçados para essa caixa - + Breakout Program Programa Fora - + Breakout Folder Pasta Fora @@ -8156,100 +8156,100 @@ Isso é feito para evitar que processos invasores dentro do sandbox criem uma c - + Use a Sandboxie login instead of an anonymous token Usar um login do Sandboxie em vez de um token anônimo - + Lingering Programs Programas Líderes - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Os programas líderes serão encerrados automaticamente se ainda estiverem em execução após todos os outros processos terem sido encerrados. - + Leader Programs Programas Líderes - + If leader processes are defined, all others are treated as lingering processes. Se os processos líderes forem definidos, todos os outros serão tratados como processos remanescentes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files Arquivos - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configurar quais processos podem acessar Arquivos, Pastas e Pipes. 'Aberto' o acesso só se aplica a binários de programas localizados fora da área de areia, você pode usar 'Aberto para Todos' em vez disso, para torná-lo aplicável a todos os programas ou alterar esse comportamento na aba Políticas. - + Registry Registro - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Configurar quais processos podem acessar o Registro. 'Aberto' o acesso só se aplica a binários de programas localizados fora da área restrita, você pode usar 'Aberto para Todos' em vez disso, para torná-lo aplicável a todos os programas ou alterar esse comportamento na aba Políticas. - + IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Configurar quais processos podem acessar objetos NT IPC como portas ALPC e outros processos de memória e contexto. Para especificar um processo, use '$:program.exe' como caminho. - + Wnd - + Wnd Class Classe Wnd @@ -8259,73 +8259,73 @@ Para especificar um processo, use '$:program.exe' como caminho.Configurar quais processos podem acessar objetos da Área de Trabalho, como Windows e similares. - + COM - + Class Id ID da Classe - + Configure which processes can access COM objects. Configurar quais processos podem acessar objetos COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Não usar COM virtualizado, acesso aberto à infraestrutura COM dos hosts (não recomendado) - + Access Policies Políticas de Acesso - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Aplicar e Fechar...=!<programa>,... regras também para todos os binários localizados na caixa. - + Network Options Opções de Rede - - + + Action Ação - - + + Port Porta - - - + + + IP - + Protocol Protocolo - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. CUIDADO: A Plataforma de Filtragem do Windows não está ativada com o driver, portanto, essas regras serão aplicadas apenas no modo de usuário e não podem ser impostas!!! Isso significa que as aplicações maliciosas podem contorná-las. - + Resource Access Acesso a Recursos @@ -8342,39 +8342,39 @@ O arquivo 'Aberto' e o acesso de teclas aplica-se apenas aos binários Você pode usar 'Abrir para Todos' em vez de fazê-lo aplicar a todos os programas ou alterar esse comportamento na Política de abas. - + Add File/Folder Adicionar Arquivo/Pasta - + Add Wnd Class Adicionar Wnd Class - + Move Down Mover para Baixo - + Add IPC Path Adicionar Caminho IPC - + Add Reg Key Adicionar Chave de Registro - + Add COM Object Adicionar Objeto COM - + Move Up Mover para Cima @@ -8396,57 +8396,57 @@ Para acessar arquivos, você pode usar o 'Direto a Todos' em vez de fa Aplicar e Fechar...=!<programa>,... diretivas também para todos os binários localizados na caixa de areia. - + File Recovery Recuperação de Arquivos - + Add Folder Adicionar Pasta - + Ignore Extension Ignorar Extensão - + Ignore Folder Ignorar Pasta - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Ativar mensagem de recuperação imediata para poder recuperar arquivos assim que forem criados. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Você pode excluir pastas e tipos de arquivos (ou extensões de arquivos) da Recuperação Imediata. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Quando a função Recuperação Rápida for invocada, as seguintes pastas serão verificadas para obter conteúdo da caixa de areia. - + Advanced Options Opções Avançadas - + Miscellaneous Diversos - + Don't alter window class names created by sandboxed programs Não alterar nomes das classes de janelas criadas por programas na caixa de areia - + Do not start sandboxed services using a system token (recommended) Não iniciar serviços no sandbox usando um token de sistema (recomendado) @@ -8454,26 +8454,26 @@ Para acessar arquivos, você pode usar o 'Direto a Todos' em vez de fa - - - - + + + + Protect the sandbox integrity itself Proteger integridade da própria caixa de areia - + Drop critical privileges from processes running with a SYSTEM token Retirar privilégios críticos de processos em execução com um token SYSTEM - - + + (Security Critical) (Segurança Crítica) - + Protect sandboxed SYSTEM processes from unprivileged processes Proteger os processos do SISTEMA da caixa de areia contra processos desprivilegiados @@ -8482,7 +8482,7 @@ Para acessar arquivos, você pode usar o 'Direto a Todos' em vez de fa Isolamento da caixa de areia - + Force usage of custom dummy Manifest files (legacy behaviour) Forçar uso de arquivos de manifesto fictícios personalizados (comportamento legado) @@ -8495,34 +8495,34 @@ Para acessar arquivos, você pode usar o 'Direto a Todos' em vez de fa Políticas de Acesso a Recursos - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. A especificidade da regra é uma medida de quão bem uma determinada regra corresponde a um caminho específico, basta colocar a especificidade é o comprimento dos caracteres desde o início do caminho até e incluindo o último substramento não curinga correspondente. Uma regra que corresponde apenas tipos de arquivos como "*.tmp" teria a maior especificidade, pois sempre corresponderia a todo o caminho do arquivo. O nível de correspondência do processo tem uma prioridade maior do que a especificidade e descreve como uma regra se aplica a um determinado processo. As regras aplicáveis por nome ou grupo do processo têm o nível de correspondência mais forte, seguidas pela correspondência por negação (ou seja, regras aplicáveis a todos os processos, exceto o dado), enquanto os níveis mais baixos de correspondência têm correspondências globais, ou seja, regras que se aplicam a qualquer processo. - + Prioritize rules based on their Specificity and Process Match Level Priorizar regras com base em sua Especificidade e Nível de Correspondência de Processos - + Privacy Mode, block file and registry access to all locations except the generic system ones Modo de Privacidade, bloqueia o acesso a arquivos e registros em todos os locais, exceto os genéricos do sistema - + Access Mode Modo de Acesso - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Quando o Modo de Privacidade estiver ativado, os processos com caixa de areia só poderão ler C:\Windows\*, C:\Program Files\*, e partes do registro HKLM, todos os outros locais precisarão de acesso explícito para serem legíveis e/ou graváveis. Neste modo, a Especificação de Regra está sempre ativada. - + Rule Policies Políticas de Regras @@ -8531,23 +8531,23 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Aplicar Fechar...=!<programa>,... regras também para todos os binários localizados na caixa de areia. - + Apply File and Key Open directives only to binaries located outside the sandbox. Aplicar diretivas de Arquivo e Chave Abertas apenas para binários localizados fora da caixa de areia. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Iniciar os RPCs na caixa de areia como um processo de SISTEMA (não recomendado) - + Allow only privileged processes to access the Service Control Manager Permitir apenas processos privilegiados para acessar o Gerenciador de Controle de Serviços - - + + Compatibility Compatibilidade @@ -8561,12 +8561,12 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Adicionar processos de caixa de areia a objetos de trabalho (recomendado) - + Emulate sandboxed window station for all processes Emular estação de janela da caixa de areia para todos os processos - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Permitir o uso de objetos de trabalho aninhados (experimental, funciona no Windows 8 e anteriores) @@ -8605,12 +8605,12 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Abrir acesso à Autoridade de Segurança Local do Windows - + Program Control Controle de Programa - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Desativar o uso de RpcMgmtSetComTimeout por padrão (isso pode resolver problemas de compatibilidade) @@ -8663,37 +8663,37 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Aqui você pode especificar uma lista de comandos que serão executados sempre que o sandbox for iniciado. - + Hide Processes Ocultar Processo - + Add Process Adicionar Processo - + Hide host processes from processes running in the sandbox. Ocultar processos do host de processos em execução no sandbox. - + Don't allow sandboxed processes to see processes running in other boxes Não permitir que processos do sandbox vejam processos em execução de outras caixas - + Users Usuários - + Restrict Resource Access monitor to administrators only Restringir o monitor de acesso a recursos apenas para administradores - + Add User Adicionar Usuário @@ -8702,7 +8702,7 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Remover Usuário - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8711,7 +8711,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Nota: As configurações de programas e pastas forçadas para uma caixa de areia não se aplicam a contas de usuários que não podem usar o sandbox. - + Tracing Rastreamento @@ -8721,22 +8721,22 @@ Nota: As configurações de programas e pastas forçadas para uma caixa de areia Rastreamento de chamada de API (requer logapi instalado na pasta sbie) - + Pipe Trace Rastreamento de Pipe - + Log all SetError's to Trace log (creates a lot of output) Log SetError's para todas os log de Rastreamento (cria muitas saídas) - + Log Debug Output to the Trace Log Registrar a saída de depuração no log de rastreamento - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8759,37 +8759,37 @@ ao invés de "*". Rastreamento Ntdll syscall (cria muita saída) - + File Trace Rastreamento de Arquivo - + Disable Resource Access Monitor Desativar Monitor de Acesso ao Recurso - + IPC Trace Rastreamento IPC - + GUI Trace Rastreamento de GUI - + Resource Access Monitor Monitor de Acesso ao Recurso - + Access Tracing Rastrear Acesso - + COM Class Trace Rastreamento de Classe COM @@ -8798,41 +8798,41 @@ ao invés de "*". <- para um desses acima não se aplica - + Triggers Gatilhos - + Event Evento - - - - + + + + Run Command Executar Comando - + Start Service Iniciar Serviço - + These events are executed each time a box is started Esses eventos são executados sempre que uma caixa é iniciada - + On Box Start Ao iniciar uma caixa - - + + These commands are run UNBOXED just before the box content is deleted Esses comandos são executados FORA DA CAIXA logo antes do conteúdo da caixa ser excluído @@ -8852,113 +8852,113 @@ ao invés de "*". - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Esses comandos são executados apenas quando uma caixa é inicializada. Para fazê-los funcionar novamente, o conteúdo da caixa deve ser excluído. - + On Box Init Ao criar uma caixa - + Here you can specify actions to be executed automatically on various box events. Aqui você pode especificar ações a serem executadas automaticamente em vários eventos de caixa. - + API call Trace (traces all SBIE hooks) - + Key Trace Rastreamento de Chave - - + + Network Firewall Firewall de Rede - + Debug Depurar - + WARNING, these options can disable core security guarantees and break sandbox security!!! AVISO, essas opções podem desativar as garantias de segurança essenciais e interromper a segurança da sandbox!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Essas opções destinam-se a depurar problemas de compatibilidade, não as use em produção. - + App Templates Modelos de Aplicativos @@ -8967,22 +8967,22 @@ ao invés de "*". Modelos de Compatibilidade - + Filter Categories Categorias de Filtro - + Text Filter Filtro de Texto - + Add Template Adicionar Modelo - + This list contains a large amount of sandbox compatibility enhancing templates Essa lista contém uma grande quantidade de modelos de compatibilidade de caixa de areia @@ -8991,17 +8991,17 @@ ao invés de "*". Remover Modelo - + Category Categoria - + Template Folders Pasta de Modelos - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -9010,23 +9010,23 @@ Please note that this values are currently user specific and saved globally for Por favor, note que esse valores são atualmente para o usuário específico e salvos globalmente para todas as caixas. - - + + Value Valor - + Accessibility Acessibilidade - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Para compensar a proteção perdida, consulte a página de configurações de Liberar Direitos no grupo de configurações de Restrições. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Leitores de tela: JAWS, NVDA, Window-Eyes, Acesso ao Sistema @@ -9046,22 +9046,22 @@ Por favor, note que esse valores são atualmente para o usuário específico e s - + Configure which processes can access Desktop objects like Windows and alike. - + Other Options - + Port Blocking - + Block common SAMBA ports @@ -9083,63 +9083,63 @@ Por favor, note que esse valores são atualmente para o usuário específico e s - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Block DNS, UDP port 53 - + Quick Recovery Recuperação Rápida - + Immediate Recovery Recuperação Imediata - + Various Options Várias opções - + Apply ElevateCreateProcess Workaround (legacy behaviour) Aplicar ElevateCreateProcess solução alternativa (comportamento herdado) - + Use desktop object workaround for all processes Usar solução alternativa de objeto da área de trabalho para todos os processos - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -9149,43 +9149,43 @@ Por favor, note que esse valores são atualmente para o usuário específico e s - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + This command will be run before the box content will be deleted Esse comando será executado antes que o conteúdo da caixa seja excluído - + On File Recovery Ao recuperar arquivos - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Esse comando será executado antes de um arquivo ser recuperado e o caminho do arquivo será passado como primeiro argumento. Se esse comando retornar algo diferente de 0, a recuperação será bloqueada - + Run File Checker Executar Verificador de Arquivos - + On Delete Content Ao Excluir Conteúdo @@ -9196,7 +9196,7 @@ Por favor, note que esse valores são atualmente para o usuário específico e s - + Process Processo @@ -9205,85 +9205,85 @@ Por favor, note que esse valores são atualmente para o usuário específico e s Bloquear também o acesso de leitura aos processos nessa caixa - + Add Option Adicionar Opção - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Aqui você pode configurar opções avançadas por processo para melhorar a compatibilidade e/ou personalizar o comportamento do sandbox. - + Option Opção - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates Modelos - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. As configurações a seguir permitem usar o sandboxie em combinação com software de acessibilidade. Note que algumas medidas de proteção do sandboxie seram perdidas quando essas configurações estiverem em vigor. - + Edit ini Section Editar Seção ini - + Edit ini Editar ini - + Cancel Cancelar - + Save Salvar diff --git a/SandboxiePlus/SandMan/sandman_pt_PT.ts b/SandboxiePlus/SandMan/sandman_pt_PT.ts index 582dfec3..09aed627 100644 --- a/SandboxiePlus/SandMan/sandman_pt_PT.ts +++ b/SandboxiePlus/SandMan/sandman_pt_PT.ts @@ -7321,8 +7321,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes Proteger o sistema de processos do sandbox @@ -7511,12 +7511,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Restrições de impressão - + Network restrictions Restrições de rede - + Block network files and folders, unless specifically opened. Bloquear ficheiros e pastas de rede, a menos que especificamente abertos. @@ -7536,18 +7536,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Nome @@ -7564,28 +7564,28 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Remover @@ -7598,13 +7598,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an Aqui você pode especificar programas ou serviços que devem ser iniciados automaticamente na caixa de areia quando ela for ativada - - - - - - - + + + + + + + Type Tipo @@ -7617,21 +7617,21 @@ If you are a great patreaon supporter already, sandboxie can check online for an Adicionar serviço - + Program Groups Grupos de Programas - + Add Group Adicionar Grupo - - - - - + + + + + Add Program Adicionar Programa @@ -7644,42 +7644,42 @@ If you are a great patreaon supporter already, sandboxie can check online for an Programas Forçados - + Force Folder Pasta Forçada - - - + + + Path Localização - + Force Program Programa Forçado - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Mostrar Modelos @@ -7718,7 +7718,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Abrir Credencias de Armazenamento do Windows (modo de utilizador) - + Prevent change to network and firewall parameters (user mode) Impedir a alteração de parâmetros de rede e firewall (modo de utilizador) @@ -7738,7 +7738,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Isolamento de Segurança - + Advanced Security Adcanced Security Segurança Avançada @@ -7748,54 +7748,54 @@ If you are a great patreaon supporter already, sandboxie can check online for an Utilizar login do Sandboxie em vez de um token anônimo (experimental) - + Other isolation Outro Isolamento - + Privilege isolation Isolamento Privilegiado - + Sandboxie token Token do Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. O uso de um token do sandboxie personalizado permite isolar melhor as caixas individuais umas das outras e mostra na coluna do utilizador dos gerenciadores de tarefas o nome da caixa à qual um processo pertence. Algumas soluções de segurança de terceiros podem, no entanto, ter problemas com tokens personalizados. - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Você pode agrupar programas juntos e dar-lhes um nome de grupo. Grupos de programas podem ser usados ​​com algumas das definições em vez de nomes de programas. Grupos definidos para a caixa sobrescrever grupos definidos em modelos. - + Force Programs Programas Forçados - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Programas inseridos aqui, ou iniciados a partir de locais inseridos, serão colocados nesta caixa automaticamente, a menos que seja explicitamente iniciado em outra caixa de areia. - + Breakout Programs Programas Fora - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Os programas inseridos aqui poderão sair desta caixa de proteção quando forem iniciados. Também é possível capturá-los em outra caixa, por exemplo, para ter seu navegador sempre aberto em uma caixa dedicada. - - + + Stop Behaviour Parar Comportamento @@ -7820,12 +7820,12 @@ If leader processes are defined, all others are treated as lingering processes.< Se os processos líderes forem definidos, todos os outros serão tratados como processos persistentes. - + Start Restrictions Restrições ao Iniciar - + Issue message 1308 when a program fails to start Emitir mensagem 1308 quando um programa não iniciar @@ -7854,12 +7854,12 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Restrições à Internet - + Process Restrictions Restrições de Processo - + Issue message 1307 when a program is denied internet access Emitir mensagem 1307 quando um programa for negado de aceder à internet @@ -7868,27 +7868,27 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Bloquear acesso à internet para todos os programas, exceto aqueles adicionados à lista. - + Prompt user whether to allow an exemption from the blockade. Solicitar ao utilizador se permite uma isenção do bloqueio. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Nota: Os programas instalados nesta caixa de areia não poderão aceder a internet. - - - - - - + + + + + + Access Acesso - + Set network/internet access for unlisted processes: Definir acesso a rede/internet para processos não listados: @@ -7897,46 +7897,46 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Restrições de Rede - + Test Rules, Program: Testar Regras, Programa: - + Port: Porta: - + IP: - + Protocol: Protocolo: - + X - + Add Rule Adicionar Regra - - - - - - - - - + + + + + + + + + Program Programa @@ -8019,56 +8019,56 @@ Se os processos líderes forem definidos, todos os outros serão tratados como p Isolamento de Acesso - + Image Protection Proteção de Imagem - + Issue message 1305 when a program tries to load a sandboxed dll Emitir mensagem 1305 quando um programa tenta carregar uma dll na caixa de areia - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Impedir que programas das caixas instalados no host carreguem dll's do sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. As regras de acesso a recursos do sandboxie geralmente discriminam os binários do programa localizados dentro do sandbox. OpenFilePath e OpenKeyPath funcionam apenas para binários de aplicativos localizados no host nativamente. Para definir uma regra sem essa restrição, deve-se utilizar OpenPipePath ou OpenConfPath. Da mesma forma, todas as diretivas Closed(File|Key|Ipc)Path que são definidas por negação, por exemplo 'ClosedFilePath =! iexplore.exe,C:Users*’ será sempre fechado para binários localizados dentro de uma caixa. Ambas as políticas de restrição podem ser desativadas na página “Políticas de Acesso”. Isso é feito para evitar que processos invasores dentro do sandbox criem uma cópia renomeada de si mesmos e acessem recursos protegidos. Outro vetor de exploração é a injeção de uma biblioteca em um processo autorizado para obter acesso a tudo o que é permitido acessar.Usando a proteção de imagem do host, isso pode ser evitado bloqueando os aplicativos (instalados no host) executados dentro de uma caixa de carregar bibliotecas do próprio sandbox. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Disable forced Process and Folder for this sandbox Desactivar processo e pasta forçados para essa caixa - + Breakout Program Programa Fora - + Breakout Folder Pasta Fora @@ -8156,100 +8156,100 @@ Isso é feito para evitar que processos invasores dentro do sandbox criem uma c - + Use a Sandboxie login instead of an anonymous token Utilizar um login do Sandboxie em vez de um token anônimo - + Lingering Programs Programas Remanescentes - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Os programas remanescentes serão encerrados automaticamente se ainda estiverem em execução após todos os outros processos terem sido encerrados. - + Leader Programs Programas Líderes - + If leader processes are defined, all others are treated as lingering processes. Se os processos líderes forem definidos, todos os outros serão tratados como processos remanescentes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files Ficheiros - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Definir quais processos podem acessar Ficheiros, Pastas e Pipes. 'Aberto' o acesso só se aplica a binários de programas localizados fora da área de areia, você pode utilizar 'Aberto para Todos' em vez disso, para torná-lo aplicável a todos os programas ou mudar este comportamento na aba Políticas. - + Registry Registro - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Definir quais processos podem acessar o Registro. 'Aberto' o acesso só se aplica a binários de programas localizados fora da área restrita, você pode utilizar 'Aberto para Todos' em vez disso, para torná-lo aplicável a todos os programas ou mudar este comportamento na aba Políticas. - + IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Definir quais processos podem acessar objetos NT IPC como portas ALPC e outros processos de memória e contexto. Para especificar um processo, use '$:program.exe' como localização. - + Wnd - + Wnd Class Classe Wnd @@ -8259,73 +8259,73 @@ Para especificar um processo, use '$:program.exe' como localização.< Definir quais processos podem acessar objetos da Área de Trabalho, como Windows e similares. - + COM - + Class Id ID da Classe - + Configure which processes can access COM objects. Definir quais processos podem acessar objetos COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Não utilizar COM virtualizado, acesso aberto à infraestrutura COM dos hosts (não recomendado) - + Access Policies Políticas de Acesso - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Aplicar e Fechar...=!<programa>,... regras também para todos os binários localizados na caixa. - + Network Options Opções de Rede - - + + Action Ação - - + + Port Porta - - - + + + IP - + Protocol Protocolo - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. CUIDADO: A Plataforma de Filtragem do Windows não está ativada com o controlador, portanto, essas regras serão aplicadas apenas no modo de utilizador e não podem ser impostas!!! Isso significa que as aplicações maliciosas podem contorná-las. - + Resource Access Acesso a Recursos @@ -8342,39 +8342,39 @@ O ficheiro 'Aberto' e o acesso de teclas aplica-se apenas aos binário Você pode utilizar 'Abrir para Todos' em vez de fazê-lo aplicar a todos os programas ou mudar este comportamento na Política de abas. - + Add File/Folder Adicionar Ficheiro/Pasta - + Add Wnd Class Adicionar Wnd Class - + Move Down Mover para Baixo - + Add IPC Path Adicionar Localização IPC - + Add Reg Key Adicionar Chave de Registro - + Add COM Object Adicionar Objecto COM - + Move Up Mover para Cima @@ -8396,57 +8396,57 @@ Para aceder ficheiros, você pode utilizar o 'Direto a Todos' em vez d Aplicar e Fechar...=!<programa>,... diretivas também para todos os binários localizados na caixa de areia. - + File Recovery Recuperação de Ficheiros - + Add Folder Adicionar Pasta - + Ignore Extension Ignorar Extensão - + Ignore Folder Ignorar Pasta - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Activar mensagem de recuperação imediata para poder recuperar ficheiros assim que for criado. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Você pode apagar pastas e tipos de ficheiros (ou extensões de ficheiros) da Recuperação Imediata. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Quando a função Recuperação Rápida for invocada, as seguintes pastas serão verificadas para obter conteúdo da caixa de areia. - + Advanced Options Opções Avançadas - + Miscellaneous Diversos - + Don't alter window class names created by sandboxed programs Não mudar nomes das classes de janelas criadas por programas na caixa de areia - + Do not start sandboxed services using a system token (recommended) Não iniciar serviços no sandbox usando um token de sistema (recomendado) @@ -8454,26 +8454,26 @@ Para aceder ficheiros, você pode utilizar o 'Direto a Todos' em vez d - - - - + + + + Protect the sandbox integrity itself Proteger integridade da própria caixa de areia - + Drop critical privileges from processes running with a SYSTEM token Retirar privilégios críticos de processos em execução com um token SYSTEM - - + + (Security Critical) (Segurança Crítica) - + Protect sandboxed SYSTEM processes from unprivileged processes Proteger os processos do SISTEMA de caixa de areia contra processos desprivilegiados @@ -8482,7 +8482,7 @@ Para aceder ficheiros, você pode utilizar o 'Direto a Todos' em vez d Isolamento da caixa de areia - + Force usage of custom dummy Manifest files (legacy behaviour) Forçar uso de ficheiros de manifesto fictícios personalizados (comportamento legado) @@ -8495,34 +8495,34 @@ Para aceder ficheiros, você pode utilizar o 'Direto a Todos' em vez d Políticas de Acesso a Recursos - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. A especificidade da regra é uma medida de quão bem uma determinada regra corresponde a um localização específico, basta colocar a especificidade é o comprimento dos caracteres desde o início do localização até e incluindo o último substramento não curinga correspondente. Uma regra que corresponde apenas tipos de ficheiros como "*.tmp" teria a maior especificidade, pois sempre corresponderia a todo o localização do ficheiro. O nível de correspondência do processo tem uma prioridade maior do que a especificidade e descreve como uma regra se aplica a um determinado processo. As regras aplicáveis por nome ou grupo do processo têm o nível de correspondência mais forte, seguidas pela correspondência por negação (ou seja, regras aplicáveis a todos os processos, exceto o dado), enquanto os níveis mais baixos de correspondência têm correspondências globais, ou seja, regras que se aplicam a qualquer processo. - + Prioritize rules based on their Specificity and Process Match Level Priorizar regras com base em sua Especificidade e Nível de Correspondência de Processos - + Privacy Mode, block file and registry access to all locations except the generic system ones Modo de Privacidade, bloquear o acesso de ficheiros e registros a todos os locais, exceto os genéricos do sistema - + Access Mode Modo de Acesso - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Quando o Modo de Privacidade estiver ativado, os processos com caixa de areia só poderão ler C:\Windows\*, C:\Program Files\*, e partes do registro HKLM, todos os outros locais precisarão de acesso explícito para serem legíveis e/ou graváveis. Neste modo, a Especificação de Regra está sempre ativada. - + Rule Policies Políticas de Regras @@ -8531,23 +8531,23 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Aplicar Fechar...=!<programa>,... regras também para todos os binários localizados na caixa de areia. - + Apply File and Key Open directives only to binaries located outside the sandbox. Aplicar diretivas Abertas de Ficheiro e Chave apenas para binários localizados fora da caixa de areia. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Iniciar os RPCs na caixa de areia como um processo de SISTEMA (não recomendado) - + Allow only privileged processes to access the Service Control Manager Permitir apenas processos privilegiados para acessar o Gerenciador de Controlo de Serviços - - + + Compatibility Compatibilidade @@ -8561,12 +8561,12 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Adicionar processos de caixa de areia a objetos de trabalho (recomendado) - + Emulate sandboxed window station for all processes Emular estação de janela da caixa de areia para todos os processos - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) Permitir o uso de objetos de trabalho aninhados (experimental, funciona no Windows 8 e posterior) @@ -8605,12 +8605,12 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Abrir acesso à Autoridade de Segurança Local do Windows - + Program Control Controlo de Programa - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Desactivar o uso do RpcMgmtSetComTimeout predefinido (isso pode resolver problemas de compatibilidade) @@ -8663,37 +8663,37 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Aqui você pode especificar uma lista de comandos que serão executados sempre que o sandbox for iniciado. - + Hide Processes Esconder Processo - + Add Process Adicionar Processo - + Hide host processes from processes running in the sandbox. Esconder processos do host de processos em execução na sandbox. - + Don't allow sandboxed processes to see processes running in other boxes Não permitir que processos do sandbox vejam processos em execução de outras caixas - + Users Usuários - + Restrict Resource Access monitor to administrators only Restringir o monitor de acesso a recursos apenas para administradores - + Add User Adicionar Utilizador @@ -8702,7 +8702,7 @@ O nível de correspondência do processo tem uma prioridade maior do que a espec Remover Utilizador - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8711,7 +8711,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Nota: As definições de programas e pastas forçadas para uma caixa de areia não se aplicam a contas de usuários que não podem utilizar o sandbox. - + Tracing Rastreamento @@ -8721,22 +8721,22 @@ Nota: As definições de programas e pastas forçadas para uma caixa de areia n Rastreamento de chamada de API (requer logapi instalado na pasta sbie) - + Pipe Trace Rastreamento de Pipe - + Log all SetError's to Trace log (creates a lot of output) Registro SetError's para todas os registro de Rastreamento (cria muitas saídas) - + Log Debug Output to the Trace Log Registrar a saída de depuração no registro de rastreamento - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8759,37 +8759,37 @@ ao invés de "*". Rastreamento Ntdll syscall (cria muita saída) - + File Trace Rastreamento de Ficheiro - + Disable Resource Access Monitor Desactivar Monitor de Acesso ao Recurso - + IPC Trace Rastreamento IPC - + GUI Trace Rastreamento de GUI - + Resource Access Monitor Monitor de Acesso ao Recurso - + Access Tracing Rastrear acesso - + COM Class Trace Rastreamento de Classe COM @@ -8798,41 +8798,41 @@ ao invés de "*". <- para um desses acima não se aplica - + Triggers Gatilhos - + Event Evento - - - - + + + + Run Command Rodar Comando - + Start Service Iniciar Serviço - + These events are executed each time a box is started Esses eventos são executados sempre que uma caixa é iniciada - + On Box Start Ao iniciar uma caixa - - + + These commands are run UNBOXED just before the box content is deleted Esses comandos são executados FORA DA CAIXA logo antes do conteúdo da caixa ser excluído @@ -8852,113 +8852,113 @@ ao invés de "*". - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Esses comandos são executados apenas quando uma caixa é inicializada. Para fazê-los funcionar novamente, o conteúdo da caixa deve ser excluído. - + On Box Init Ao criar uma caixa - + Here you can specify actions to be executed automatically on various box events. Aqui você pode especificar acções a serem executadas automaticamente em vários eventos de caixa. - + API call Trace (traces all SBIE hooks) - + Key Trace Rastreamento de Chave - - + + Network Firewall Firewall de Rede - + Debug Depurar - + WARNING, these options can disable core security guarantees and break sandbox security!!! ADVERTÊNCIA, essas opções podem desactivar as garantias de segurança essenciais e interromper a segurança da sandbox!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Essas opções destinam-se a depurar problemas de compatibilidade, não as use em produção. - + App Templates Modelos de Aplicação @@ -8967,22 +8967,22 @@ ao invés de "*". Modelos de Compatibilidade - + Filter Categories Categorias de Filtro - + Text Filter Filtro de Texto - + Add Template Adicionar Modelo - + This list contains a large amount of sandbox compatibility enhancing templates Esta lista contém uma grande quantidade de modelos de compatibilidade de caixa de areia @@ -8991,17 +8991,17 @@ ao invés de "*". Remover Modelo - + Category Categoria - + Template Folders Pasta de Modelos - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -9010,23 +9010,23 @@ Please note that this values are currently user specific and saved globally for Por favor, note que este valores são atualmente para o utilizador específico e salvo globalmente para todas as caixas. - - + + Value Valor - + Accessibility Acessibilidade - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Para compensar a proteção perdida, consulte a página de definições de Liberar Direitos no grupo de definições de Restrições. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Leitores de eclã: JAWS, NVDA, Window-Eyes, Acesso ao Sistema @@ -9046,22 +9046,22 @@ Por favor, note que este valores são atualmente para o utilizador específico e - + Configure which processes can access Desktop objects like Windows and alike. - + Other Options - + Port Blocking - + Block common SAMBA ports @@ -9083,63 +9083,63 @@ Por favor, note que este valores são atualmente para o utilizador específico e - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Block DNS, UDP port 53 - + Quick Recovery Recuperação Rápida - + Immediate Recovery Recuperação Imediata - + Various Options Várias opções - + Apply ElevateCreateProcess Workaround (legacy behaviour) Aplicar ElevateCreateProcess solução alternativa (comportamento herdado) - + Use desktop object workaround for all processes - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -9149,43 +9149,43 @@ Por favor, note que este valores são atualmente para o utilizador específico e - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + This command will be run before the box content will be deleted Este comando será executado antes que o conteúdo da caixa seja excluído - + On File Recovery Ao recuperar ficheiros - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Este comando será executado antes de um ficheiro ser recuperado e o localização do ficheiro será passado como primeiro argumento. Se este comando retornar algo diferente de 0, a recuperação será bloqueada - + Run File Checker Rodar Verificador de Ficheiros - + On Delete Content Ao apagar conteúdo @@ -9196,7 +9196,7 @@ Por favor, note que este valores são atualmente para o utilizador específico e - + Process Processo @@ -9205,85 +9205,85 @@ Por favor, note que este valores são atualmente para o utilizador específico e Bloquear também o acesso de leitura aos processos nesta caixa - + Add Option Adicionar Opção - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Aqui você pode configurar opções avançadas por processo para melhorar a compatibilidade e/ou personalizar o comportamento do sandbox. - + Option Opção - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates Modelos - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. As definições a seguir permitem utilizar o sandboxie em combinação com software de acessibilidade. Note que algumas medidas de proteção do sandboxie será perdida quando essas definições estão em vigor. - + Edit ini Section Editar Seção ini - + Edit ini Editar ini - + Cancel Cancelar - + Save Salvar diff --git a/SandboxiePlus/SandMan/sandman_ru.ts b/SandboxiePlus/SandMan/sandman_ru.ts index 094a73ab..c67d1cb3 100644 --- a/SandboxiePlus/SandMan/sandman_ru.ts +++ b/SandboxiePlus/SandMan/sandman_ru.ts @@ -6631,8 +6631,8 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - + + Protect the system from sandboxed processes Защита системы от изолированных процессов @@ -6768,12 +6768,12 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Ограничения печати - + Network restrictions Сетевые ограничения - + Block network files and folders, unless specifically opened. Блокировать сетевые файлы и папки, если они специально не открываются. @@ -6789,18 +6789,18 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - + + + + + + + + + + + + Name Имя @@ -6817,98 +6817,98 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Удалить - - - - - - - + + + + + + + Type Тип - + Program Groups Группы программ - + Add Group Добавить группу - - - - - + + + + + Add Program Добавить программу - + Force Folder Принудительная папка - - - + + + Path Путь - + Force Program Принудительная программа - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Показать шаблоны @@ -7042,84 +7042,84 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Открыть хранилище учетных данных Windows (пользовательский режим) - + DNS Filter DNS-фильтр - + Add Filter Добавить фильтр - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. С помощью DNS-фильтра можно блокировать отдельные домены на основе каждого процесса. Оставьте столбец IP пустым для блокировки или введите ip для перенаправления. - + Domain Домен - + Internet Proxy Интернет-прокси - + Add Proxy Добавить прокси - + Test Proxy Проверить прокси - + Auth Авторизация - + Login Логин - + Password Пароль - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Программы, находящиеся в песочнице, можно заставить использовать заданный SOCKS5 прокси-сервер. - + Resolve hostnames via proxy Разрешение имен хостов через прокси-сервер - + Other Options Другие опции - + Prevent change to network and firewall parameters (user mode) Запретить изменение параметров сети и брандмауэра (пользовательский режим) - + Move Up Сдвинуть вверх - + Move Down Сдвинуть вниз @@ -7175,130 +7175,130 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Запретить процесс - + Use a Sandboxie login instead of an anonymous token Использовать логин Sandboxie вместо анонимного токена - + Configure which processes can access Desktop objects like Windows and alike. Настроить, какие процессы могут получать доступ к объектам рабочего стола, таким как Windows и т.п. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. При нажатии глобальной горячей клавиши 3 раза подряд это исключение будет проигнорировано. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Исключить завершение этой песочницы при вызове "Завершить все процессы". - + Image Protection Защита изображения - + Issue message 1305 when a program tries to load a sandboxed dll Выдать сообщение 1305, когда программа пытается загрузить изолированную dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Запретить программам в песочнице, установленным на хосте, загружать dll из песочницы - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Правила доступа к ресурсам Sandboxie часто дискриминируют двоичные файлы программ, расположенные внутри песочницы. OpenFilePath и OpenKeyPath работают только для двоичных файлов приложений, изначально расположенных на хосте. Чтобы определить правило без этого ограничения, необходимо использовать OpenPipePath или OpenConfPath. Аналогично, все директивы Closed(File|Key|Ipc)Path, которые определены отрицанием, например. ‘ClosedFilePath=! iexplore.exe,C:Users*’ всегда будет закрыт для двоичных файлов, находящихся внутри песочницы. Обе политики ограничения можно отключить на странице "Политики доступа". Это делается для того, чтобы мошеннические процессы внутри песочницы не создавали переименованные копии самих себя и не получали доступ к защищенным ресурсам. Другой вектор эксплойта — внедрение библиотеки в авторизованный процесс, чтобы получить доступ ко всему, к чему ему разрешен доступ. С помощью Host Image Protection это можно предотвратить, заблокировав приложения (установленные на хосте), работающие внутри песочницы, от загрузки библиотек из самой песочницы. - + Advanced Security Расширенная безопасность - + Other isolation Другая изоляция - + Privilege isolation Изоляция привилегий - + Sandboxie token Токен Sandboxie - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Использование пользовательского токена Sandboxie позволяет лучше изолировать отдельные песочницы друг от друга, а также показывает в пользовательском столбце диспетчеров задач имя песочницы, к которой принадлежит процесс. Однако у некоторых сторонних решений безопасности могут быть проблемы с пользовательскими токенами. - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Вы можете сгруппировать программы и дать группе название. Группы программ могут использоваться с некоторыми настройками вместо названий программ. Группы, определенные для песочницы, перезаписывают группы, определенные в шаблонах. - + Program Control Контроль программ - + Force Programs Принудительные программы - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Введенные здесь программы, или программы запущенные из указанных мест, будут автоматически помещены в эту песочницу, если они явно не запущены в другой песочнице. - + Disable forced Process and Folder for this sandbox Отключить принудительный процесс и папку для этой песочницы - + Breakout Programs Программы вне песочницы - + Breakout Program Программа вне песочницы - + Breakout Folder Папка вне песочницы - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Программам, указанным здесь, будет разрешено выйти из этой песочницы при запуске. Также можно захватить их в другую песочницу, например, чтобы ваш веб-браузер всегда был открыт в определенной песочнице. - - + + Stop Behaviour Поведение остановки - + Start Restrictions Ограничения на запуск - + Issue message 1308 when a program fails to start Сообщение о проблеме 1308, когда программа не запускается @@ -7323,32 +7323,32 @@ This is done to prevent rogue processes inside the sandbox from creating a renam * Примечание: Программы, установленные в этой песочнице, вообще не запустятся. - + Process Restrictions Ограничения процесса - + Issue message 1307 when a program is denied internet access Сообщение о проблеме 1307, когда программе запрещен доступ в Интернет - + Prompt user whether to allow an exemption from the blockade. Подсказка пользователю, разрешить ли освобождение от блокировки. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Примечание: Программы, установленные в этой песочнице, вообще не смогут получить доступ к Интернету. - - - - - - + + + + + + Access Доступ @@ -7363,22 +7363,22 @@ This is done to prevent rogue processes inside the sandbox from creating a renam Ограничения - + Dlls && Extensions DLL и расширения - + Description Описание - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Функциональность Sandboxie можно расширить с помощью дополнительных dll, которые можно загружать в каждый изолированный процесс при запуске с помощью SbieDll.dll. Менеджер надстроек в глобальных настройках предлагает несколько полезных расширений, после установки их можно включить здесь для текущей песочницы. - + Lingering Programs Вторичные программы @@ -7429,302 +7429,302 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>СОВЕТЫ ПО БЕЗОПАСНОСТИ</font>:</b> Использование <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> и/или <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> в сочетании с директивами Open[File/Pipe]Path может поставить под угрозу безопасность. Перед использованием ознакомьтесь с разделом безопасности для каждой опции в документации. - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Вторичные программы будут автоматически завершены, если они все еще работают после завершения всех других процессов. - + Leader Programs Первичные программы - + If leader processes are defined, all others are treated as lingering processes. Если первичные процессы определены, все остальные рассматриваются как вторичные процессы. - + Stop Options Опции остановки - + Use Linger Leniency Использовать снисхождения ко вторичным - + Don't stop lingering processes with windows Не останавливать вторичные процессы с окнами - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. Этот параметр можно использовать для предотвращения запуска программ в песочнице без ведома или согласия пользователя. - + Display a pop-up warning before starting a process in the sandbox from an external source Отображать всплывающее предупреждение перед запуском процесса в песочнице из внешнего источника - + Files Файлы - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Настройте, какие процессы могут получить доступ к файлам, папкам и каналам. 'Открытый' доступ применяется только к двоичным файлам программы, расположенным за пределами песочницы. Вместо этого вы можете использовать 'Открытый для всех', чтобы применить его ко всем программам, или изменить это поведение на вкладке политик. - + Registry Реестр - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Настройте, какие процессы могут получить доступ к реестру. 'Открытый' доступ применяется только к двоичным файлам программы, расположенным за пределами песочницы. Вместо этого вы можете использовать 'Открытый для всех', чтобы применить его ко всем программам, или изменить это поведение на вкладке политик. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Настройте, какие процессы могут получить доступ к объектам NT IPC, таким как порты ALPC и другие процессы, память и контекст. Чтобы указать процесс, используйте '$:program.exe' в качестве пути. - + Wnd Wnd - + Wnd Class Wnd класс - + COM COM - + Class Id Id класса - + Configure which processes can access COM objects. Настройте, какие процессы могут получить доступ к COM-объектам. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Не использовать виртуализированный COM, открыть доступ к инфраструктуре COM хостов (не рекомендуется) - + Access Policies Политики доступа - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Применить правила Close...=!<program>,... также ко всем двоичным файлам, находящимся в песочнице. - + Network Options Опции сети - + Set network/internet access for unlisted processes: Настроить доступ к сети/Интернету для неуказанных процессов: - + Test Rules, Program: Правила тестирования, программа: - + Port: Порт: - + IP: IP: - + Protocol: Протокол: - + X X - + Add Rule Добавить правило - - - - - - - - - + + + + + + + + + Program Программа - - + + Action Действие - - + + Port Порт - - - + + + IP IP - + Protocol Протокол - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. ВНИМАНИЕ: Платформа фильтрации Windows не включена с драйвером, поэтому эти правила будут применяться только в пользовательском режиме и не могут быть применены!!! Это означает, что вредоносные приложения могут их обойти. - + Resource Access Доступ к ресурсам - + Add File/Folder Добавить файл/папку - + Add Wnd Class Добавить Wnd класс - + Add IPC Path Добавит путь IPC - + Add Reg Key Добавить ключ реестра - + Add COM Object Добавить COM объект - + File Recovery Восстановление файлов - + Quick Recovery Быстрое восстановление - + Add Folder Добавить папку - + Immediate Recovery Немедленное восстановление - + Ignore Extension Игнорировать расширение - + Ignore Folder Игнорировать папку - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Включить запрос немедленного восстановления, чтобы иметь возможность восстанавливать файлы сразу после их создания. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Вы можете исключить папки и типы файлов (или расширения файлов) из немедленного восстановления. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. При вызове функции быстрого восстановления следующие папки будут проверяться на наличие изолированного содержимого. - + Advanced Options Расширенные опции - + Miscellaneous Разное - + Don't alter window class names created by sandboxed programs Не изменять имена классов окон, созданные изолированными программами - + Do not start sandboxed services using a system token (recommended) Не запускать изолированные службы с использованием системного токена (рекомендуется) @@ -7732,84 +7732,84 @@ To specify a process use '$:program.exe' as path. - - - - + + + + Protect the sandbox integrity itself Защитить целостность самой песочницы - + Drop critical privileges from processes running with a SYSTEM token Отбросить критические привилегии от процессов, работающих с токеном SYSTEM - - + + (Security Critical) (Критично для безопасности) - + Protect sandboxed SYSTEM processes from unprivileged processes Защитить изолированные процессы SYSTEM от непривилегированных процессов - + Force usage of custom dummy Manifest files (legacy behaviour) Принудительное использование пользовательских фиктивных файлов манифеста (устаревшее поведение) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Специфика правила - это мера того, насколько хорошо данное правило соответствует определенному пути, проще говоря, специфичность - это длина символов от начала пути до последней совпадающей подстроки без подстановочных знаков включительно. Правило, которое соответствует только таким типам файлов, как "*.tmp" будет иметь наивысшую специфичность, так как всегда будет соответствовать всему пути к файлу. Уровень соответствия процесса имеет более высокий приоритет, чем специфичность, и описывает, как правило применяется к данному процессу. Правила, применяемые по имени процесса или группе, имеют самый строгий уровень соответствия, за которым следует соответствие по отрицанию (т.е. правила, применяемые ко всем процессам, кроме данного), в то время как самые низкие уровни соответствия имеют глобальные совпадения, то есть правила, которые применяются к любому процессу. - + Prioritize rules based on their Specificity and Process Match Level Приоритет правил на основе их специфики и уровня соответствия процесса - + Privacy Mode, block file and registry access to all locations except the generic system ones Режим конфиденциальности, блокировка доступа к файлам и реестру для всех мест, кроме общих системных - + Access Mode Режим доступа - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Когда включен режим конфиденциальности, изолированные процессы смогут читать только C:\Windows\*, C:\Program Files\* и части реестра HKLM, для всех остальных мест потребуется явный доступ, для чтения и/или записи. В этом режиме всегда включена специфика правила. - + Rule Policies Правила политик - + Apply File and Key Open directives only to binaries located outside the sandbox. Применить директивы открытия файлов и ключей только к двоичным файлам, расположенным вне песочницы. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Запускать изолированный RpcSs как СИСТЕМНЫЙ процесс (не рекомендуется) - + Allow only privileged processes to access the Service Control Manager Разрешить доступ к диспетчеру управления службами только привилегированным процессам - - + + Compatibility Совместимость @@ -7819,12 +7819,12 @@ The process match level has a higher priority than the specificity and describes Добавить изолированные процессы к объектам задания (рекомендуется) - + Emulate sandboxed window station for all processes Эмуляция оконной станции в песочнице для всех процессов - + Allow use of nested job objects (works on Windows 8 and later) Разрешить использование вложенных объектов заданий (работает в Windows 8 и новее) @@ -7849,7 +7849,7 @@ The process match level has a higher priority than the specificity and describes Открыть доступ к серверу проверки подлинности локальной системы безопасности - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Отключить использование RpcMgmtSetComTimeout по умолчанию (это может решить проблемы совместимости) @@ -7874,27 +7874,27 @@ The process match level has a higher priority than the specificity and describes Приведенные ниже опции можно безопасно использовать, если вы не предоставляете прав администратора. - + These commands are run UNBOXED after all processes in the sandbox have finished. Эти команды запускаются ВНЕ ПЕСОЧНИЦЫ после завершения всех процессов в песочнице. - + Hide Processes Скрыть процессы - + Add Process Добавить процесс - + Hide host processes from processes running in the sandbox. Скрыть хост-процессы от процессов, запущенных в песочнице. - + Don't allow sandboxed processes to see processes running in other boxes Не позволять изолированным процессам видеть процессы, запущенные в других песочницах @@ -7914,33 +7914,33 @@ The process match level has a higher priority than the specificity and describes Запретить изолированным процессам захват изображений окон (Экспериментально, может вызвать сбои в пользовательском интерфейсе) - + Port Blocking Блокировка портов - + Block common SAMBA ports Блокировать общие SAMBA порты - + Block DNS, UDP port 53 Блокировать DNS, UDP-порт 53 - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -7950,54 +7950,54 @@ The process match level has a higher priority than the specificity and describes - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate При завершении песочницы - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + Users Пользователи - + Restrict Resource Access monitor to administrators only Ограничить мониторинг доступа к ресурсам только администраторам - + Add User Добавить пользователя - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8006,27 +8006,27 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Примечание. Параметры принудительных программ и принудительных папок для песочницы не применяются к учетным записям пользователей, которые не могут использовать эту песочницу. - + Tracing Трассировка - + Pipe Trace Трассировка pipe - + API call Trace (traces all SBIE hooks) API-вызов Trace (отслеживает все хуки SBIE) - + Log all SetError's to Trace log (creates a lot of output) Записывать все SetError в журнал трассировки (создает много выходных данных) - + Log Debug Output to the Trace Log Записывать вывод отладки в журнал трассировки @@ -8066,71 +8066,71 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Выдать сообщение 2111, когда доступ к процессу запрещен - + Triggers Триггеры - + Event Событие - - - - + + + + Run Command Выполнить комманду - + Start Service Запустить службу - + These events are executed each time a box is started Эти события выполняются каждый раз при запуске песочницы - + On Box Start При запуске песочницы - - + + These commands are run UNBOXED just before the box content is deleted Эти команды запускаются вне песочницы непосредственно перед удалением содержимого песочницы - + Apply ElevateCreateProcess Workaround (legacy behaviour) Применение обходного пути ElevateCreateProcess (устаревшее поведение) - + Use desktop object workaround for all processes Использовать обходной путь для объектов рабочего стола для всех процессов - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Эти команды выполняются только при инициализации песочницы. Чтобы они снова запустились, содержимое песочницы должно быть удалено. - + On Box Init При инициализации песочницы - + Here you can specify actions to be executed automatically on various box events. Здесь вы можете указать действия, которые будут выполняться автоматически при различных событиях песочницы. - + On Delete Content При удалении контента @@ -8141,27 +8141,27 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to - + Process Процесс - + Add Option Добавить опцию - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Здесь вы можете настроить расширенные опции для каждого процесса, чтобы улучшить совместимость и/или настроить поведение песочницы. - + Option Опция - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8180,103 +8180,103 @@ instead of "*". вместо "*". - + File Trace Трассировка файлов - + Disable Resource Access Monitor Отключить монитор доступа к ресурсам - + IPC Trace Трассировка IPC - + GUI Trace Трассировка GUI - + Resource Access Monitor Монитор доступа к ресурсам - + Access Tracing Отслеживание доступа - + COM Class Trace Трассировка COM класса - + Key Trace Трассировка ключей - - + + Network Firewall Сетевой брандмауэр - + Debug Отладка - + WARNING, these options can disable core security guarantees and break sandbox security!!! ВНИМАНИЕ: эти опции могут отключить основные гарантии безопасности и нарушить безопасность песочницы!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Эти опции предназначены для устранения проблем совместимости, не используйте их в продакшен среде. - + App Templates Шаблоны приложений - + Filter Categories Категории фильтров - + Text Filter Текстовый фильтр - + Add Template Добавить шаблон - + This list contains a large amount of sandbox compatibility enhancing templates Этот список содержит большое количество шаблонов для улучшения совместимости песочницы - + Category Категория - + Template Folders Папки шаблонов - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8285,93 +8285,93 @@ Please note that this values are currently user specific and saved globally for Обратите внимание, что эти значения в настоящее время специфичны для пользователя и сохраняются глобально для всех песочниц. - - + + Value Значение - + Accessibility Доступность - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Чтобы компенсировать потерю защиты, обратитесь к странице настроек Сброс прав в группе настроек Ограничения. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Чтение экрана: JAWS, NVDA, Window-Eyes, System Access - + Various Options Различные опции - + This command will be run before the box content will be deleted Эта команда будет запущена до того, как содержимое песочницы будет удалено - + On File Recovery При восстановлении файлов - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked Эта команда будет запущена перед восстановлением файла, и путь к файлу будет передан в качестве первого аргумента. Если эта команда возвращает значение, отличное от 0, восстановление будет заблокировано - + Run File Checker Запустить проверку файлов - + DNS Request Logging Журналирование DNS-запросов - + Syscall Trace (creates a lot of output) Трассировка системных вызовов (создает много выходных данных) - + Templates Шаблоны - + Open Template Открыть шаблон - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Следующие настройки позволяют использовать Sandboxie в сочетании с программным обеспечением специальных возможностей. Обратите внимание, что когда действуют эти настройки, определенная степень защиты Sandboxie обязательно теряется. - + Edit ini Section Редактировать раздел ini - + Edit ini Редактировать ini - + Cancel Отмена - + Save Сохранить diff --git a/SandboxiePlus/SandMan/sandman_sv_SE.ts b/SandboxiePlus/SandMan/sandman_sv_SE.ts index e110c1dc..069c005a 100644 --- a/SandboxiePlus/SandMan/sandman_sv_SE.ts +++ b/SandboxiePlus/SandMan/sandman_sv_SE.ts @@ -7508,8 +7508,8 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f - - + + Protect the system from sandboxed processes Skydda systemet från sandlådade processer @@ -7586,7 +7586,7 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f Utskriftsbegränsningar - + Prevent change to network and firewall parameters (user mode) Förhindra ändring av nätverks- och brandväggsparametrar (användarläge) @@ -7596,7 +7596,7 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f Tillåt läsning av minne av osandlådade processer (inte rekommenderat) - + Network restrictions Nätverksbegränsningar @@ -7611,7 +7611,7 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f Tillåt Print Spooler att skriva ut till filer utanför sandlådan - + Block network files and folders, unless specifically opened. Blockera nätverksfiler och mappar, förutom om specifikt öppnade. @@ -7641,18 +7641,18 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f - - - - - - - - - - - - + + + + + + + + + + + + Name Namn @@ -7707,28 +7707,28 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Ta bort @@ -7758,33 +7758,33 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f - + Total Processes Memory Limit: - + Single Process Memory Limit: - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting - + Limit restrictions - + Advanced Security Adcanced Security Avancerad säkerhet @@ -7794,46 +7794,46 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f Använd en Sandboxie-inloggning istället för ett anonymt tecken (experimentellt) - + Other isolation Annan isolering - + Privilege isolation Privilegieisolering - + Sandboxie token Sandboxie-tecken - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Använda ett anpassat Sandboxie-tecken tillåter att bättre isolera individuella sandlådor från varandra, och det visar i användarkolumnen hos aktivitetshanterare namnet på lådan en process tillhör. Vissa 3:dje parts säkerhetslösningar kan dock ha problem med anpassade tecken. - + Program Groups Programgrupper - + Add Group Addera grupp - - - - - + + + + + Add Program Addera program - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Du kan gruppera ihop program och ge dem ett gruppnamn. Programgrupper kan användas med några av inställningarna istället för programnamn. Grupper definierade för lådan överskriver grupper definierade i mallar. @@ -7841,43 +7841,43 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Visa mallar - + Program Control Programkontroll - + Force Programs Tvinga program - + Force Program Tvinga program - + Force Folder Tvinga mapp @@ -7902,42 +7902,42 @@ Om du redan är en Great Supporter on Patreon, kan Sandboxie söka på nätet f Aktivera alla säkerhetsutökningar (skapa säkerhetshärdad låda) - - - - - - - + + + + + + + Type Typ - - - + + + Path Sökväg - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Program införda här, eller program startade från införda platser, förs in i denna sandlåda automatiskt, förutom om de är uttryckligt startade i en annan sandlåda. - + Breakout Programs Utbrytarprogram - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Program införda här kommer tillåtas att bryta ut ur denna låda när de startar, du kan fånga dem in i en annan låda. Till exempel att alltid ha din webbläsare öppen i en dedikerad låda. Denna funktion kräver att ett giltigt supportercertifikat är installerat. - - + + Stop Behaviour Stoppa beteendet @@ -7961,12 +7961,12 @@ If leader processes are defined, all others are treated as lingering processes.< Om ledarprocesser är definierade, behandlas alla andra som kvardröjande program. - + Start Restrictions Startbegränsningar - + Issue message 1308 when a program fails to start Utfärda meddelande 1308 när ett program inte lyckas starta @@ -7995,37 +7995,37 @@ Om ledarprocesser är definierade, behandlas alla andra som kvardröjande progra Internetbegränsningar - + Process Restrictions Processbegränsningar - + Issue message 1307 when a program is denied internet access Utfärda meddelande 1307 när ett program nekas internettillgång - + Prompt user whether to allow an exemption from the blockade. Fråga användaren om att tillåta ett undantag från blockaden. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Notera: Program installerade till denna sandlåda kan inte tillgå internet alls. - - - - - - + + + + + + Access Tillgång - + Set network/internet access for unlisted processes: Ange nätverks-/internettillgång för olistade processer: @@ -8034,46 +8034,46 @@ Om ledarprocesser är definierade, behandlas alla andra som kvardröjande progra Nätverkets brandväggsregler - + Test Rules, Program: Testregler, program: - + Port: Port: - + IP: IP: - + Protocol: Protokoll: - + X X - + Add Rule Addera regel - - - - - - - - - + + + + + + + + + Program Program @@ -8156,13 +8156,13 @@ Om ledarprocesser är definierade, behandlas alla andra som kvardröjande progra - + Move Up Flytta upp - + Move Down Flytta ner @@ -8178,56 +8178,56 @@ Om ledarprocesser är definierade, behandlas alla andra som kvardröjande progra Tillgångsisolering - + Image Protection Avbildsskydd - + Issue message 1305 when a program tries to load a sandboxed dll Utfärda meddelande 1305 när ett program försöker ladda en sandlådad dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox Förhindra sandlådade program installerade på värden från att ladda DLL:s från sandlådan - + Dlls && Extensions Dll:s && förlängningar - + Description Beskrivning - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Sandboxie:s resurstillgångsregler särskiljer ofta emot programbinärer lokaliserade inuti sandlådan. OpenFilePath och OpenKeyPath fungerar bara för app-binärer lokaliserade på värden ursprungligen. För att kunna definiera en regel utan denna begränsning, måste OpenPipePath eller OpenConPath användas. Likaså, alla stängda(File|Key|Ipc)sökvägsdirektiv vilka är definierade via negation e.x. ClosedFilePath=!iexplore.exe,CUsers* kommer alltid vara stängda för binärer lokaliserade inuti en sandlåda. Båda begränsningspolicyerna kan inaktiveras på sidan Tillgångspolicy. Detta görs för att förhindra Rogue-processer inuti sandlådan från att skapa en namnändrad kopia av sig själva och tillgå skyddade resurser. En annan exploateringsvektor är injicerandet av ett bibliotek in i en auktoriserad process för att få tillgång till allting det ges tillgång till. Användande av Host Image Protection, kan detta förhindras genom att blockera applikationer (installerade på värden) körandes inuti en sandlåda från att ladda bibliotek från sandlådan självt. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Sandboxies funktionalitet kan utökas genom att använda valfria dll`s som kan laddas in i varje sandlådad process av SbieDll.dll vid starten, tilläggshanteraren i globala inställningar erbjuder ett antal användbara förlängningar, väl installerade kan de aktiveras här för nuvarande låda. - + Disable forced Process and Folder for this sandbox Inaktivera tvingad process och mapp för denna sandlåda - + Breakout Program Utbrytarprogram - + Breakout Folder Utbrytarmapp @@ -8289,7 +8289,7 @@ Detta görs för att förhindra Rogue-processer inuti sandlådan från att skap Tillåt Windows-processer som är till nytta tillgång till skyddade processer - + Use a Sandboxie login instead of an anonymous token Använd en Sandboxie-inloggning istället för ett anonymt tecken @@ -8298,95 +8298,95 @@ Detta görs för att förhindra Rogue-processer inuti sandlådan från att skap <b><font color='red'>SÄKERHETSRÅDGIVNING</font>:</b> Använda <a href="sbie://docs/breakoutfolder">Utbrytarmapp</a> och/eller <a href="sbie://docs/breakoutprocess">Utbrytarprocess</a> i kombination med Open[File/Pipe]Path-direktiv kan kompromettera säkerhet, likt användandet av <a href="sbie://docs/breakoutdocument">Utbrytardokument</a> tillåta varje * eller osäkra (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) förlängningar. Vänligen granska säkerhetssektionen för varje alternativ i dokumentationen före användande. - + Lingering Programs Kvardröjande program - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Kvardröjande program kommer automatiskt att avslutas om de fortfarande körs efter att alla andra processer har avslutats. - + Leader Programs Ledarprogram - + If leader processes are defined, all others are treated as lingering processes. Om ledarprocesser är definierade, behandlas alla andra som kvardröjande processer. - + Stop Options Stoppalternativ - + Use Linger Leniency Använd kvardröjningsöverseende - + Don't stop lingering processes with windows Stoppa inte kvardröjande processer med fönster - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. Denna inställning kan användas för att förhindra program från att köra i sandlådan utan användarens vetskap eller medgivande. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. Visa en popupvarning före startandet av en process i sandlådan från en extern källa - + Files Filer - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Konfigurera vilka processer som kan tillgå filer, mappar och pipes. Öppen tillgång gäller endast programbinärer lokaliserade utanför sandlådan, du kan använda Öppna för alla istället för att göra det tillämpligt för alla program, eller ändra detta beteende i Policyfliken. - + Registry Registret - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Konfigurera vilka processer som kan tillgå registret. Öppen tillgång gäller endast programbinärer lokaliserade utanför sandlådan, du kan använda Öppna för alla istället för att göra det tillämpligt för alla program, eller ändra detta beteende i Policyfliken. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Konfigurera vilka processer som kan tillgå NT IPC objekt likt ALPC-portar och andra processers minne och kontext. För att specificera en process, använd '$:program.exe' som sökväg. - + Wnd Wnd - + Wnd Class Wnd Class @@ -8396,73 +8396,73 @@ För att specificera en process, använd '$:program.exe' som sökväg. Konfigurera vilka processer som kan tillgå skrivbordsobjekt likt Windows och liknande. - + COM COM - + Class Id Class-ID - + Configure which processes can access COM objects. Konfigurera vilka processer som kan tillgå COM-objekt. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Använd inte virtualiserad COM, Öppen tillgång till värdars COM infrastruktur (inte rekommenderat) - + Access Policies Tillgångspolicyer - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Tillämpa Stäng...=!<program>,... regler också till alla binärer lokaliserade i sandlådan. - + Network Options Nätverksalternativ - - + + Action Aktion - - + + Port Port - - - + + + IP IP - + Protocol Protokoll - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. BEAKTA: Windows Filtering Platform är inte aktiverad med drivrutinen, därför tillämpas dessa regler endast i användarläge och kan inte påtvingas!!! Detta betyder att skadliga applikationer kan passera dem. - + Resource Access Resurstillgång @@ -8471,7 +8471,7 @@ För att specificera en process, använd '$:program.exe' som sökväg. Resurstillgångsregler - + Add Wnd Class Addera Wnd Class @@ -8484,22 +8484,22 @@ You can use 'Open for All' instead to make it apply to all programs, o Du kan använda - Öppna för alla, istället för att tillämpa det för alla program, eller ändra detta beteende i fliken Policyer. - + Add COM Object Addera COM-objekt - + Add Reg Key Addera reg.nyckel - + Add IPC Path Addera IPC-sökväg - + Add File/Folder Addera fil/mapp @@ -8508,34 +8508,34 @@ Du kan använda - Öppna för alla, istället för att tillämpa det för alla p Resurstillgångspolicyer - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Regelsäregenheten är ett mått för hur väl en given regel matchar en specifik sökväg, enkelt uttryckt är säregenheten längden på tecken från början av sökvägen upp till och inkluderandes den sista matchande non-wildcard understrängen. En regel som matchar endast filtyper likt "*.tmp" skulle ha den högsta säregenheten då den alltid skulle matcha den fulla sökvägen. Processmatchningsnivån har en högre prioritet än säregenheten och beskriver hur en regel tillämpas för en given processs. Regler tillämpade genom processnamn eller grupp har den starkaste matchningsnivån, följt av matchningen genom förnekande (d.v.s regler tillämpade till alla processer förutom den givna), medans den lägsta matchningsnivån har globala matchningar, d.v.s regler som är tillämpliga på varje process. - + Prioritize rules based on their Specificity and Process Match Level Prioriterar regler baserat på deras säregenhet och processmatchningsnivå - + Privacy Mode, block file and registry access to all locations except the generic system ones Integritetsläge, blockera fil- och registertillgång till alla platser förutom de för det generiska systemet - + Access Mode Tillgångsläge - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. När integritetsläget är aktiverat, kan sandlådade processer endast läsa C:\Windows\*, C:\Program Files\*, och delar av HKLM-registret, alla andra platser kommer behöva uttrycklig tillgång för att vara läsbara och/eller skrivbara. I detta läge, är regelsäregenhet alltid aktiverat. - + Rule Policies Regelpolicyer @@ -8545,47 +8545,47 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Tillämpa Stäng...=!<program>,... regler även till alla binärer lokaliserade i sandlådan. - + Apply File and Key Open directives only to binaries located outside the sandbox. Tillämpa fil- och nyckelöppnardirektiv endast till binärer lokaliserade utanför sandlådan. - + File Recovery Filåterställning - + Add Folder Addera mapp - + Ignore Extension Ignorera förlängning - + Ignore Folder Ignorera mapp - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Aktivera meddelandet Omedelbart återställande för att kunna återställa filer så fort som de är skapade. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Du kan utesluta mappar och filtyper (eller filförlängningar) från omedelbart återställande. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. När funktionen Omedelbart återställande är åberopad, kommer följande mappar bli kontrollerade för sandlådat innehåll. - + Immediate Recovery Omedelbart återställande @@ -8594,22 +8594,22 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Diverse alternativ - + Advanced Options Avancerade alternativ - + Miscellaneous Övrigt - + Emulate sandboxed window station for all processes Efterlikna sandlådad fönsterstation för alla processer - + Drop critical privileges from processes running with a SYSTEM token Skippa kritiska privilegier från processer körandes med ett SYSTEM-tecken @@ -8619,12 +8619,12 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Addera sandlådade processer till jobbobjekt (rekommenderat) - + Do not start sandboxed services using a system token (recommended) Starta inte sandlådade tjänster användandes ett SYSTEM-tecken (rekommenderas) - + Protect sandboxed SYSTEM processes from unprivileged processes Skydda sandlådade SYSTEM-processer från opriviligerade processer @@ -8633,34 +8633,34 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Öppen tillgång till COM-infrastruktur (rekommenderas inte) - + Allow only privileged processes to access the Service Control Manager Tillåt endast priviligerade processer att tillgå Service Control Manager - + Force usage of custom dummy Manifest files (legacy behaviour) Tvinga användandet av anpassade modellmanifestfiler (legacy beteende) - - + + (Security Critical) (Säkerhetskritisk) - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Starta den sandlådade RpcSs som en SYSTEM-process (rekommenderas inte) - + Don't alter window class names created by sandboxed programs Ändra inte fönsterklassnamn skapade av sandlådade program - - + + Compatibility Kompatibilitet @@ -8668,10 +8668,10 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver - - - - + + + + Protect the sandbox integrity itself Skydda själva sandlådans integritet @@ -8688,7 +8688,7 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Tillåt användande av kapslade jobbobjekt (experimentell, fungerar på Windows 8 och senare) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Inaktivera användandet av RpcMgmtSetComTimeout som standard (det kan lösa kompatibilitetsproblem) @@ -8754,57 +8754,57 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Avancerad - + Add Option Addera alternativ - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Här kan du konfigurera avancerade per process alternativ för förbättrande av kompatibiliteten och/eller anpassa sandlådningsbeteende. - + Option Alternativ - + Triggers Utlösare - + Event Händelse - - - - + + + + Run Command Kör kommandot - + Start Service Starta tjänsten - + These events are executed each time a box is started Dessa händelser verkställs varje gång en låda startas - + On Box Start Vid lådstart - - + + These commands are run UNBOXED just before the box content is deleted Dessa kommandon körs OLÅDADE precis innan lådinnehållet raderas @@ -8813,57 +8813,57 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Vid lådraderande - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Dessa kommandon verkställs endast när en låda påbörjas. För att köra dem igen, måste lådinnehållet raderas. - + On Box Init Vid lådstart - + These commands are run UNBOXED after all processes in the sandbox have finished. Dessa kommandon körs OLÅDADE efter att alla processer i sandlådan har avslutats. - + Here you can specify actions to be executed automatically on various box events. Här kan du specificera aktioner att verkställas automatiskt vid varierande lådhändelser. - + Hide Processes Dölj processer - + Add Process Addera process - + Hide host processes from processes running in the sandbox. Dölj värdprocesser från processer körandes i sandlådan. - + Don't allow sandboxed processes to see processes running in other boxes Tillåt inte sandlådade processer att se processer som körs i andra lådor - + Users Användare - + Restrict Resource Access monitor to administrators only Begränsa resurstillgångsövervakning till administratörer endast - + Add User Addera användare @@ -8872,7 +8872,7 @@ Processmatchningsnivån har en högre prioritet än säregenheten och beskriver Ta bort användare - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8881,7 +8881,7 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Notera: Inställningarna Tvingade program och Tvinga mappar, för en sandlåda, gäller inte för användarkonton som inte kan använda sandlådan. - + Tracing Spårning @@ -8891,22 +8891,22 @@ Notera: Inställningarna Tvingade program och Tvinga mappar, för en sandlåda, API call spårning (kräver att LogAPI är installerat i sbie:s katalog) - + Pipe Trace Pipe Trace - + API call Trace (traces all SBIE hooks) API-anropspår (spårar alla SBIE hooks) - + Log all SetError's to Trace log (creates a lot of output) Logga alla SetError's till spårloggen (skapar en massa utflöde) - + Log Debug Output to the Trace Log Logga Debug Output till spårloggen @@ -8937,95 +8937,95 @@ istället för "*". Ntdll syscall-spår (skapar en massa utflöde) - + File Trace Filspår - + Disable Resource Access Monitor Inaktivera resurstillgångsövervakning - + IPC Trace IPC-spår - + GUI Trace GUI-spår - + Resource Access Monitor Resurstillgångsövervakare - + Access Tracing Tillgångsspårning - + COM Class Trace COM-class spår - + Key Trace Nyckelspår - - + + Network Firewall Nätverksbrandvägg - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging Loggning av DNS-förfrågan - + Syscall Trace (creates a lot of output) Syscall spår (skapar en logg av utdata) - + Debug Felsök - + WARNING, these options can disable core security guarantees and break sandbox security!!! VARNING, dessa alternativ kan inaktivera kärnsäkerhetsgarantier och bryta sandlådesäkerhet!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Dessa alternativ är avsedda för felsökning av kompatibilitetsproblem, vänligen använd dem inte vid produktionsanvändning. - + App Templates Appmallar @@ -9034,22 +9034,22 @@ istället för "*". Kompatibilitetsmallar - + Filter Categories Filterkategorier - + Text Filter Textfilter - + Add Template Addera mall - + This list contains a large amount of sandbox compatibility enhancing templates Denna lista innehåller en stor mängd av kompatibilitetsutökande sandlådemallar @@ -9058,17 +9058,17 @@ istället för "*". Ta bort mall - + Category Kategori - + Template Folders Mallmappar - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -9077,13 +9077,13 @@ Please note that this values are currently user specific and saved globally for Vänligen notera att detta värde är för tillfället användarspecifikt och sparas globalt för alla lådor. - - + + Value Värde - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -9115,22 +9115,22 @@ istället för "*". Tillämpa Stäng...=!<programmet>,... regler även till alla binärer lokaliserade i sandlådan. - + Allow use of nested job objects (works on Windows 8 and later) Tillåt användning av kapslade jobbobjekt (fungerar på Windows 8 och senare) - + Accessibility Tillgänglighet - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. För att kompensera för det förlorade skyddet, vänligen konsultera inställningen Skippa rättigheter i Säkerhetsalternativ > Säkerhetshärdning > Förhöjningsbegränsningar. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Skärmläsare: JAWS, NVDA, Window-Eyes, Systemtillgång @@ -9145,77 +9145,77 @@ istället för "*". Förhindra sandlådade processer från att använda allmänna metoder för att fånga fönsterbilder - + Configure which processes can access Desktop objects like Windows and alike. Konfigurera vilka processer som kan tillgå skrivbordsobjekt såsom Windows och liknande. - + Other Options Andra alternativ - + Port Blocking Portblockering - + Block common SAMBA ports Blockera vanliga SAMBA-portar - + DNS Filter DNS-filter - + Add Filter Addera filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. Med DNS-filtret kan individuella domäner blockeras på per processbasis. Lämna IP-kolumnen tom för att blockera eller föra in en IP för omdirigering. - + Domain Domän - + Internet Proxy Internetproxy - + Add Proxy Addera proxy - + Test Proxy Testa proxy - + Auth Autentisering - + Login Inloggning - + Password Lösenord - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Sandlådade program kan bli tvingade att använda en förinställd SOCKS5 proxy. @@ -9225,78 +9225,78 @@ istället för "*". Endast en administratörs användarkonto kan göra ändringar till denna sandlåda - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>SÄKERHETSRÅDGIVANDE</font>:</b> Använda <a href="sbie://docs/breakoutfolder">Utbrytarmapp</a> och/eller <a href="sbie://docs/breakoutprocess">Utbrytarprocess</a> i kombination med Öppen[fil-/pipe-]sökvägsdirektiv kan kompromettera säkerhet. Vänligen granska säkerhetssektionen för varje alternativ i dokumentationen före användning. - + Resolve hostnames via proxy Lös värdnamn via proxy - + Block DNS, UDP port 53 Blockera DNS, UDP-port 53 - + Quick Recovery Omedelbart återställande - + Various Options Olika alternativ - + Apply ElevateCreateProcess Workaround (legacy behaviour) Tillämpa ElevateCreateProcess-lösningen (legacy beteende) - + Use desktop object workaround for all processes Använd skrivbordsobjektlösningen för alla processer - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. När den globala snabbtangenten trycks 3 gånger i kort följd kommer detta undantag att ignoreras. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. Exkludera denna sandlåda från att bli avslutad när Avsluta alla processer är anropat. - + On Box Terminate Vid Låd Terminerande - + This command will be run before the box content will be deleted Detta kommando kommer köras före det att lådinnehållet raderas - + On File Recovery Vid filåterställande - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Detta kommando kommer köras före det att en fil återställs och filsökvägen kommer att passeras som första argument. Om detta kommando returnerar något annat än 0, blockeras återställningen - + Run File Checker Kör filkontrolleraren - + On Delete Content Vid Radera innehåll @@ -9307,7 +9307,7 @@ istället för "*". - + Process Process @@ -9316,37 +9316,37 @@ istället för "*". Blockera även lästillgång till processer i denna sandlåda - + Templates Mallar - + Open Template Öppna mall - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Följande inställningar aktiverar användandet av Sandboxie i kombination med tillgänglighetsprogram. Vänligen notera att ett visst mått av Sandboxies skydd av nödvändighet förloras när dessa inställningar aktiveras. - + Edit ini Section Redigera ini-sektionen - + Edit ini Redigera ini - + Cancel Avbryt - + Save Spara diff --git a/SandboxiePlus/SandMan/sandman_tr.ts b/SandboxiePlus/SandMan/sandman_tr.ts index 54ad4506..370738c0 100644 --- a/SandboxiePlus/SandMan/sandman_tr.ts +++ b/SandboxiePlus/SandMan/sandman_tr.ts @@ -6572,41 +6572,41 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for OptionsWindow - - - - - - - - - - - - + + + + + + + + + + + + Name Ad - - - + + + Path Yol - + Save Kaydet - - - - - - - + + + + + + + Type Tür @@ -6616,12 +6616,12 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Bu korumalı alanda yalnızca seçilen programların başlamasına izin ver. * - + Force Folder Klasörü Zorla - + Add IPC Path IPC Yolu Ekle @@ -6631,17 +6631,17 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Başlıktaki korumalı alan göstergesi: - + Debug Hata Ayıklama - + Users Kullanıcılar - + Block network files and folders, unless specifically opened. Özel olarak açılmadıkça ağ dosyalarını ve klasörlerini engelle @@ -6651,22 +6651,22 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Komut Satırı - + Don't alter window class names created by sandboxed programs Korumalı alandaki programlar tarafından oluşturulan pencere sınıfı adları değiştirilmesin - + Log Debug Output to the Trace Log Hata Ayıklama Çıktısını İzleme Günlüğüne Kaydet - + Add Wnd Class Wnd Sınıfı Ekle - + Access Tracing Erişim İzleme @@ -6691,42 +6691,42 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Tüm programların bu alanda başlamasına izin ver. - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Dosyalar oluşturulur oluşturulmaz kurtarabilmek için Anında Kurtarma istemini etkinleştir. - - - - - - + + + + + + Access Erişim - + These options are intended for debugging compatibility issues, please do not use them in production use. Bu seçenekler uyumluluk sorunlarındaki hataları ayıklamaya yönelik tasarlanmıştır, lütfen bu ayarları üretim amaçlı kullanmayın. - + Templates Şablonlar - + Text Filter Metin Filtresi - + Cancel İptal - + Restrict Resource Access monitor to administrators only Kaynak Erişimi İzleyicisini yalnızca yöneticilerle kısıtla @@ -6734,74 +6734,74 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - - - + + + + Protect the sandbox integrity itself Korumalı alan bütünlüğünün kendisini koruyun - + Add Folder Klasör Ekle - + Prompt user whether to allow an exemption from the blockade. Ağ engellemesinden muafiyete izin verilip verilmeyeceğini sor. - + IPC Trace IPC İzleme - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Kaldır - + Add File/Folder Dosya/Klasör Ekle - + Issue message 1307 when a program is denied internet access Bir programın internet erişimi reddedildiğinde 1307 mesajını yayınla - - + + Compatibility Uyumluluk - + Note: Programs installed to this sandbox won't be able to access the internet at all. Not: Bu alana yüklenen programlar internete hiçbir şekilde erişemez. @@ -6811,12 +6811,12 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Alan Seçenekleri - + Don't allow sandboxed processes to see processes running in other boxes Korumalı alandaki işlemlerin diğer alanlarda çalışan işlemleri görmesine izin verilmesin - + Add Group Grup Ekle @@ -6831,7 +6831,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Seçili programların bu alanda başlamasını önle. - + Miscellaneous Çeşitli @@ -6841,7 +6841,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Dosya çok büyükse 2102 mesajını yayınla - + File Recovery Dosya Kurtarma @@ -6851,45 +6851,45 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Alan Silme Seçenekleri - + Pipe Trace Boru İzleme - + File Trace Dosya İzleme - - - - - - - - - + + + + + + + + + Program Program - + Add Process İşlem Ekle - - - - - + + + + + Add Program Program Ekle - + Filter Categories Kategorileri Filtrele @@ -6908,8 +6908,8 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for - - + + Protect the system from sandboxed processes Sistemi korumalı alandaki işlemlerden koru @@ -6919,7 +6919,7 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for SandboxiePlus Ayarları - + Category Kategori @@ -6929,22 +6929,22 @@ If you are a Great Supporter on Patreon already, Sandboxie can check online for Yöneticiler ve Yetkili Kullanıcılar grupları haklarını bırak - + Add Reg Key Kayıt Anahtarı Ekle - + Hide Processes İşlemleri Gizle - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Hızlı Kurtarma işlevi çağrıldığında, aşağıdaki klasörler korumalı alan içeriği için denetlenecektir. - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -6968,70 +6968,70 @@ günlüğe kaydetme özelleştirilebilir. px Genişliği - + Add User Kullanıcı Ekle - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Buraya girilen programlar veya konumlardan başlatılan programlar, özellikle başka bir korumalı alanda başlatılmadıkça, otomatik olarak bu alana yerleştirilecektir. - + Force Program Program Zorla - + WARNING, these options can disable core security guarantees and break sandbox security!!! UYARI, bu seçenekler temel güvenlik garantilerini devre dışı bırakabilir ve korumalı alan güvenliğini bozabilir! - + Edit ini Ini Düzenle - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Şablonları Göster - + Ignore Folder Klasörü Yok Say - + GUI Trace GKA İzleme - + Key Trace Tuş İzleme - + Tracing İzleme @@ -7046,7 +7046,7 @@ günlüğe kaydetme özelleştirilebilir. Korumalı alan işlemlerini iş nesnelerine ekle (Önerilir) - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Klasörleri ve dosya türlerini (veya dosya uzantılarını) Anında Kurtarma'nın dışında bırakabilirsiniz. @@ -7056,12 +7056,12 @@ günlüğe kaydetme özelleştirilebilir. Çalıştır Menüsü - + App Templates Uygulama Şablonları - + Ignore Extension Uzantıyı Yok Say @@ -7071,7 +7071,7 @@ günlüğe kaydetme özelleştirilebilir. Bu korumalı alanı silinmeye veya boşaltılmaya karşı koru - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -7085,32 +7085,32 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl * Not: Bu korumalı alana yüklenen programlar hiçbir şekilde başlatılamaz. - + This list contains a large amount of sandbox compatibility enhancing templates Bu liste, korumalı alan uyumluluğunu geliştiren çok sayıda şablonlar içerir - + Program Groups Program Grupları - + Issue message 1308 when a program fails to start Bir program başlatılamadığında 1308 mesajını yayınla - + Resource Access Kaynak Erişimi - + Advanced Options Gelişmiş Seçenekler - + Hide host processes from processes running in the sandbox. Korumalı alanda çalışan işlemlerden ana sistem işlemlerini gizler. @@ -7126,7 +7126,7 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl Korumalı alandaki son işlem sonlandırıldığında içeriği otomatik olarak sil - + Add COM Object COM Nesnesi Ekle @@ -7136,22 +7136,22 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl Korumalı alanın çalıştırma menüsünde görünecek özel girişleri yapılandırabilirsiniz. - + Start Restrictions Başlatma Kısıtlamaları - + Force usage of custom dummy Manifest files (legacy behaviour) Özel sahte Manifest dosyalarının kullanımını zorla (Eski davranış) - + Edit ini Section Ini Düzenleme Bölümü - + COM Class Trace COM Sınıf İzleme @@ -7176,7 +7176,7 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl Program Ekle - + Do not start sandboxed services using a system token (recommended) Korumalı alandaki hizmetleri bir sistem belirteci kullanarak başlatılmasın (Önerilir) @@ -7191,7 +7191,7 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl Uygulamaların yetkilendirilmiş çalıştıklarını düşünmelerini sağla (Yükleyicileri güvenli bir şekilde çalıştırmanıza izin verir) - + Network restrictions Ağ Kısıtlamaları @@ -7371,13 +7371,13 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl - + Move Up Yukarı Taşı - + Move Down Aşağı Taşı @@ -7433,52 +7433,52 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl İşlemi Reddet - + Use a Sandboxie login instead of an anonymous token Anonim kullanıcı yerine Sandboxie oturum açma belirteci kullan - + Configure which processes can access Desktop objects like Windows and alike. Hangi işlemlerin pencereler ve benzeri masaüstü nesnelerine erişebileceğini yapılandırın. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. Genel kısayol tuşuna art arda 3 kez basıldığında bu istisna göz ardı edilecektir. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. "Tüm İşlemleri Sonlandır" çalıştırıldığında bu korumalı alanı sonlandırılma dışında tut. - + Image Protection Görüntü Koruması - + Issue message 1305 when a program tries to load a sandboxed dll Bir program korumalı alandan bir DLL dosyası yüklemeye çalıştığında 1305 mesajını yayınla - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Sistemde yüklü korumalı alanda çalışan işlemlerin alan içinden DLL yüklemesini önle - + Dlls && Extensions DLL'ler && Uzantılar - + Description Açıklama - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Sandboxie'nin kaynak erişim kuralları, genellikle korumalı alan içinde bulunan program ikili dosyalarına göre ayrım yapar. OpenFilePath ve OpenKeyPath yalnızca ana sistemde yerel olarak bulunan uygulama ikili dosyaları için çalışır. @@ -7486,62 +7486,62 @@ Bu kısıtlama olmaksızın bir kural tanımlamak için OpenPipePath veya OpenCo Bu, korumalı alan içindeki haydut işlemlerin kendilerinin yeniden adlandırılmış bir kopyasını oluşturmasını ve korunan kaynaklara erişmesini önlemek için yapılır. Başka bir istismar vektörü de bir kütüphanenin yetkili bir işleme yerleşerek ona izin verilen her şeye erişim hakkı elde etmesidir. Ana Sistem Görüntü Koruması kullanılarak, bir korumalı alanda çalışan uygulamaların (ana sistemde yüklü) korumalı alanda bulunan kütüphaneleri yüklemesi engellenerek bu durum önlenebilir. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxie'nin işlevselliği, korumalı alanda herhangi bir işlem başlatıldığında SbieDll.dll tarafından ona yüklenebilen, isteğe bağlı DLL'ler kullanılarak genişletilebilir. Genel ayarlardaki Eklenti Yöneticisinde bazı yararlı uzantılar sunulmaktadır. Bunlar kurulduktan sonra geçerli korumalı alan için buradan etkinleştirilebilirler. - + Advanced Security Gelişmiş Güvenlik - + Other isolation Diğer Yalıtım - + Privilege isolation Ayrıcalık Yalıtımı - + Sandboxie token Sandboxie Belirteci - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Özel bir Sandboxie belirteci kullanmak, birbirinden ayrı korumalı alanların daha iyi yalıtılmasını sağlar ve görev yöneticilerinin kullanıcı sütununda bir işlemin hangi alana ait olduğu gösterir. Ancak bazı 3. parti güvenlik çözümleri özel belirteçlerle sorun yaşayabilir. - + Program Control Program Denetimi - + Force Programs Zorunlu Programlar - + Disable forced Process and Folder for this sandbox Bu korumalı alan için İşlem ve Klasör zorlamayı devre dışı bırak - + Breakout Programs Çıkabilen Programlar - + Breakout Program Çıkabilen Program - + Breakout Folder Çıkabilen Klasör @@ -7561,38 +7561,38 @@ Bu, korumalı alan içindeki haydut işlemlerin kendilerinin yeniden adlandırı Yararlı Windows işlemlerinin korumalı işlemlere erişmesine izin ver - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Buraya girilen programlar başlatıldıklarında bu korumalı alanın dışına çıkabilecektir. Bunları başka bir korumalı alana da aktarmak mümkündür. Örneğin web tarayıcınızın her zaman kendine adanmış bir alanda çalışması gibi. - + Lingering Programs Oyalayıcı Programlar - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Oyalayıcı programlar, diğer tüm işlemler sonlandırıldıktan sonra çalışmaya devam ediyorsa otomatik olarak sonlandırılır. - + Leader Programs Lider Programlar - + If leader processes are defined, all others are treated as lingering processes. Eğer lider işlemler tanımlanırsa, diğer tüm işlemlere oyalayıcı olarak davranılır. - + Stop Options Durma Seçenekleri - - + + Stop Behaviour Durma Davranışı @@ -7617,229 +7617,229 @@ Bu, korumalı alan içindeki haydut işlemlerin kendilerinin yeniden adlandırı İş Nesnesi - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>GÜVENLİK TAVSİYESİ</font>:</b> <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> ve/veya <a href="sbie://docs/breakoutprocess">BreakoutProcess</a>'in Open[File/Pipe]Path yönergeleriyle birlikte kullanılması sistem güvenliği tehlikeye atabilir. Lütfen bunları kullanmadan önce her seçeneğin belgesindeki güvenlik bölümünü inceleyin. - + Use Linger Leniency Oyalanma yumuşatmayı kullan - + Don't stop lingering processes with windows Pencereli işlemler sonlandırılmasın - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. Bu ayar, kullanıcının bilgisi dışında programların korumalı alanda çalışmasını önlemek için kullanılabilir. - + Display a pop-up warning before starting a process in the sandbox from an external source Harici bir kaynak tarafından korumalı alanda bir işlem başlatılmadan önce uyarı görüntüle - + Files Dosyalar - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Hangi işlemlerin Dosyalara, Klasörlere ve Borulara erişebileceğini yapılandırın. 'Açık' erişimi yalnızca korumalı alanın dışında bulunan program dosyaları için geçerlidir, bunun yerine tüm programlara uygulanmasını sağlamak için 'Hepsine Açık' kullanabilir veya bu davranışı İlkeler sekmesinden değiştirebilirsiniz. - + Registry Kayıt - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Hangi işlemlerin Kayıt Defterine erişebileceğini yapılandırın. 'Açık' erişimi yalnızca korumalı alanın dışında bulunan program dosyaları için geçerlidir, bunun yerine tüm programlara uygulanmasını sağlamak için 'Hepsine Açık' kullanabilir veya bu davranışı İlkeler sekmesinden değiştirebilirsiniz. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Hangi işlemlerin ALPC bağlantı noktaları ve diğer işlemlerin belleği ve bağlamı gibi NT IPC nesnelerine erişebileceğini yapılandırın. Bir işlemi belirtmek için yol olarak '$:program.exe' kullanın. - + Wnd Wnd - + Wnd Class Wnd Sınıfı - + COM COM - + Class Id Sınıf Id - + Configure which processes can access COM objects. Hangi işlemlerin COM nesnelerine erişebileceğini yapılandırın. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Sanallaştırılmış COM kullanılmasın, ana sistem COM altyapısına açık erişim sağlar (Önerilmez) - + Access Policies Erişim İlkeleri - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Close...=!<program>,... kurallarını korumalı alanda bulunan tüm ikili dosyalara da uygula. - + Network Options Ağ Seçenekleri - + DNS Filter DNS Filtresi - + Add Filter Filtre Ekle - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. Alan adları DNS filtresiyle işlem bazında engellenebilir. Engellemek için IP sütununu boş bırakın veya yeniden yönlendirmek için bir IP girin. - + Domain Alan Adı - + Internet Proxy Ara Sunucu - + Add Proxy Ara Sunucu Ekle - + Test Proxy Sunucuyu Test Et - + Auth Kimlik - + Login Giriş - + Password Parola - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. Korumalı alanda çalışan programlar, önceden ayarlanmış bir SOCKS5 ara sunucusunu kullanmaya zorlanabilir. - + Resolve hostnames via proxy Alan adlarını sunucuda çözümle - + Other Options Diğer Seçenekler - + Port Blocking Bağlantı Noktası Engelleme - + Block common SAMBA ports Yaygın SAMBA bağlantı noktalarını engelle - + Block DNS, UDP port 53 DNS, UDP bağlantı noktası 53'ü engelle - + Quick Recovery Hızlı Kurtarma - + Immediate Recovery Anında Kurtarma - + Various Options Çeşitli Seçenekler - + Apply ElevateCreateProcess Workaround (legacy behaviour) ElevateCreateProcess geçici çözümünü uygula (Eski davranış) - + Use desktop object workaround for all processes Masaüstü nesnesi geçici çözümünü tüm işlemler için kullan - + Limit restrictions Kısıtlama Sınırları - - + + Leave it blank to disable the setting(Unit:KB) Ayarı devre dışı bırakmak için boş bırakın (Birim:KB) - + Leave it blank to disable the setting Ayarı devre dışı bırakmak için boş bırakın @@ -7849,42 +7849,42 @@ Bir işlemi belirtmek için yol olarak '$:program.exe' kullanın.Toplam İşlem Sayısı Sınırı: - + Total Processes Memory Limit: Toplam İşlem Bellek Sınırı: - + Single Process Memory Limit: Tek İşlem Bellek Sınırı: - + On Box Terminate Alan Sonlandığında - + This command will be run before the box content will be deleted Bu komut, alan içeriği silinmeden önce çalıştırılacaktır - + On File Recovery Dosya Kurtarmada - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked Bu komut, bir dosya kurtarılmadan önce çalıştırılacak ve dosya yolu ilk bağımsız değişken olarak aktarılacaktır. Bu komut 0'dan başka bir değer döndürürse, kurtarma işlemi engellenecektir - + Run File Checker Dosya Denetleyicisini Gir - + On Delete Content İçerik Silmede @@ -7895,37 +7895,37 @@ Bir işlemi belirtmek için yol olarak '$:program.exe' kullanın. - + Process İşlem - + Add Option Seçenek Ekle - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Burada, uyumluluğu artırmak veya korumalı alan davranışını özelleştirmek için işlem başına gelişmiş seçenekleri yapılandırabilirsiniz. - + Option Seçenek - + These commands are run UNBOXED after all processes in the sandbox have finished. Bu komutlar korumalı alandaki tüm işlemler sonlandıktan sonra ALAN DIŞINDAN çalıştırılır. - + API call Trace (traces all SBIE hooks) API çağrısı İzleme (tüm SBIE kancalarını izler) - + Log all SetError's to Trace log (creates a lot of output) Tüm SetError Mesajlarını İzleme Günlüğüne Kaydet (Çok fazla çıktı oluşturur) @@ -7940,53 +7940,53 @@ Bir işlemi belirtmek için yol olarak '$:program.exe' kullanın.Panoya okuma erişimini engelle - + Emulate sandboxed window station for all processes Tüm işlemler için korumalı alan pencere istasyonunu taklit et - + Don't allow sandboxed processes to see processes running outside any boxes Korumalı alandaki işlemlerin alan dışında çalışan işlemleri görmesine izin verilmesin - + Prevent sandboxed processes from accessing system details through WMI Korumalı alandaki işlemlerin WMI aracılığıyla sistem ayrıntılarına erişmesini önle - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system details through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. Bazı programlar, geleneksel yöntemleri kullanmak yerine, yerleşik bir Windows veritabanı olan WMI (Windows Yönetim Araçları) aracılığıyla sistem ayrıntılarını alır. Örneğin, 'tasklist.exe', 'HideOtherBoxes' etkin olsa bile işlemlerin tam listesine erişebilir. Bu tür davranışları önlemek için bu seçeneği etkinleştirin. - + DNS Request Logging DNS İstek Günlüğü - + Syscall Trace (creates a lot of output) Syscall İzleme (Çok fazla çıktı oluşturur) - + Add Template Şablon Ekle - + Open Template Şablonu Aç - + Template Folders Şablon Klasörleri - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -7995,28 +7995,28 @@ Please note that this values are currently user specific and saved globally for Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için global olarak kaydedildiğini unutmayın. - - + + Value Değer - + Accessibility Erişilebilirlik - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Kaybedilen korumayı telafi etmek için lütfen Güvenlik Seçenekleri > Güvenlik Sıkılaştırması altındaki Yetkilendirme Kısıtlamaları bölümü Hak Bırakma ayarlarına bakın. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Ekran Okuyucuları: JAWS, NVDA, Window-Eyes, System Access - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Aşağıdaki ayarlar, Sandboxie'nin erişilebilirlik yazılımıyla birlikte kullanılmasını sağlar. Lütfen bu ayarlar etkin olduğunda Sandboxie korumasının bir kısmının ister istemez kaybedildiğini unutmayın. @@ -8031,12 +8031,12 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa Windows Güvenlik Hesap Yöneticisine açık erişim - + Disable Resource Access Monitor Kaynak Erişim İzleyicisini Devre Dışı Bırak - + Resource Access Monitor Kaynak Erişim İzleyicisi @@ -8081,78 +8081,78 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa Tüm güvenlik geliştirmelerini etkinleştir (Güvenliği güçlendirilmiş alan yapar) - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Programları birlikte gruplayabilir ve onlara bir grup adı verebilirsiniz. Program grupları, program adları yerine bazı ayarlarla kullanılabilir. Alan için tanımlanan gruplar, şablonlarda tanımlanan grupların üzerine yazılır. - + Process Restrictions İşlem Kısıtlamaları - + Set network/internet access for unlisted processes: Listelenmemiş işlemler için ağ/internet erişimini ayarla: - + Test Rules, Program: Kuralları test et, Program: - + Port: Bağlantı Noktası: - + IP: IP: - + Protocol: Protokol: - + X X - + Add Rule Kural Ekle - - + + Action Eylem - - + + Port Bağlantı Noktası - - - + + + IP IP - + Protocol Protokol - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. DİKKAT: Windows Filtreleme Platformu sürücü ile etkinleştirilmemiştir, bu nedenle bu kurallar yalnızca kullanıcı modunda uygulanacaktır ve zorlanmaz! Bu, kötü amaçlı uygulamaların bunları atlayabileceği anlamına gelir. @@ -8167,8 +8167,8 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa Windows Yerel Güvenlik Yetkilisine açık erişim - - + + Network Firewall Ağ Güvenlik Duvarı @@ -8198,63 +8198,63 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa Windows Kimlik Bilgileri Deposunu aç (Kullanıcı modu) - + Prevent change to network and firewall parameters (user mode) Ağ ve güvenlik duvarı parametrelerinde değişikliği engelle (Kullanıcı modu) - + Prioritize rules based on their Specificity and Process Match Level Özgüllüklerine ve İşlem Eşleştirme Düzeylerine göre kurallara öncelik ver - + Privacy Mode, block file and registry access to all locations except the generic system ones Gizlilik Modu, genel sistem konumları dışındaki tüm konumlara yapılan dosya ve kayıt defteri erişimini engeller - + Access Mode Erişim Modu - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Gizlilik Modu etkinleştirildiğinde, korumalı alan işlemleri yalnızca C:\Windows\*, C:\Program Files\* ve HKLM kayıt defterinin bölümlerini okuyabilir, diğer tüm konumların okunabilir ve/veya yazılabilir olması için açık erişime ihtiyacı olacaktır. Bu modda, Kural Özgüllüğü her zaman etkindir. - + Rule Policies Kural İlkeleri - + Apply File and Key Open directives only to binaries located outside the sandbox. Dosya ve Anahtar Açma yönergelerini yalnızca korumalı alanın dışında bulunan ikili dosyalara uygula. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Korumalı alanlı RpcS'leri bir SİSTEM işlemi olarak başlat (Önerilmez) - + Allow only privileged processes to access the Service Control Manager Yalnızca ayrıcalıklı işlemlerin Hizmet Kontrol Yöneticisine erişmesine izin ver - + Drop critical privileges from processes running with a SYSTEM token Bir SİSTEM belirteci ile çalışan işlemlerden kritik ayrıcalıkları düşür - - + + (Security Critical) (Güvenlik Açısından Kritik) - + Protect sandboxed SYSTEM processes from unprivileged processes Korumalı SİSTEM işlemlerini ayrıcalıksız işlemlerden koru @@ -8289,68 +8289,68 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa Bu korumalı alanı her zaman sistem tepsisi listesinde göster (Sabitlenmiş) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Kural özgüllüğü, belirli bir kuralın belirli bir yolla ne kadar iyi eşleştiğinin bir ölçüsüdür. Basitçe söylemek gerekirse, özgüllük son eşleşen özel karakter olmayan alt dize dahil yolun başından sonuna kadar olan karakterlerin uzunluğudur. Yalnızca "*.tmp" gibi dosya türleriyle eşleşen bir kural, her zaman tüm dosya yolu ile eşleşeceği için en yüksek özgüllüğe sahip olacaktır. İşlem eşleştirme düzeyi, özgüllükten daha yüksek bir önceliğe sahiptir ve bir kuralın belirli bir işleme nasıl uygulanacağını tanımlar. İşlem adına veya grubuna göre uygulanan kurallar en güçlü eşleştirme düzeyine sahiptir. Ardından olumsuzlama ile eşleştirme gelir, yani belirtilen işlem dışındaki tüm işlemlere uygulanan kurallara aittir; en düşük eşleştirme düzeyleri ise genel eşleştirmelere, yani herhangi bir işleme uygulanan kurallara aittir. - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Varsayılan olarak RpcMgmtSetComTimeout kullanımını devre dışı bırak (Uyumluluk sorunlarını çözebilir) - + Triggers Tetikleyiciler - + Event Olay - - - - + + + + Run Command Komut Gir - + Start Service Hizmeti Gir - + These events are executed each time a box is started Bu olaylar, bir alan her başlatıldığında yürütülür - + On Box Start Alan Başlangıcında - - + + These commands are run UNBOXED just before the box content is deleted Bu komutlar alan içeriği silinmeden hemen önce ALAN DIŞINDAN çalıştırılır - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Bu komutlar yalnızca bir alan ilk kullanıma hazırlandığında yürütülür. Tekrar çalışması için alan içeriğinin silinmesi gerekir. - + On Box Init Alan İlk Kullanımında - + Here you can specify actions to be executed automatically on various box events. Burada, çeşitli alan olaylarında otomatik olarak yürütülecek eylemleri belirleyebilirsiniz. @@ -8365,7 +8365,7 @@ The process match level has a higher priority than the specificity and describes Bir işlem erişimi reddedildiğinde 2111 mesajını yayınla - + Allow use of nested job objects (works on Windows 8 and later) İç içe iş nesnelerinin kullanımına izin ver (Windows 8 ve sonraki sürümlerde çalışır) diff --git a/SandboxiePlus/SandMan/sandman_uk.ts b/SandboxiePlus/SandMan/sandman_uk.ts index 30358d85..7c612a9c 100644 --- a/SandboxiePlus/SandMan/sandman_uk.ts +++ b/SandboxiePlus/SandMan/sandman_uk.ts @@ -7021,8 +7021,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes Захистити систему від процесів у пісочниці @@ -7167,12 +7167,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Обмеження друку - + Network restrictions Обмеження мережі - + Block network files and folders, unless specifically opened. Блокувати файли та папки у мережі, якщо вони не відкриті. @@ -7188,18 +7188,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Назва @@ -7216,58 +7216,58 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Прибрати - - - - - - - + + + + + + + Type Тип - + Program Groups Група програм - + Add Group Додати групу - - - - - + + + + + Add Program Додати програму @@ -7276,42 +7276,42 @@ If you are a great patreaon supporter already, sandboxie can check online for an Примусові програми - + Force Folder Примусова папка - - - + + + Path Шлях - + Force Program Примусова програма - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Показати шаблони @@ -7365,7 +7365,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Відкрити Сховище Windows Credentials (user mode) - + Prevent change to network and firewall parameters (user mode) Заборонити змінювати налаштування мережі та файрволу (user mode) @@ -7375,18 +7375,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an Видавати повідомлення 2111, коли доступ до процесу заборонено - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Ви можете створити групу програм та дати назву їй. Назву групи можна використовувати замість назв програм. Групи, які визначені для пісочниці, перезаписуються в групи, які визначені в групи. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Програми, які є тут, або програми, які виконуються з вказаного місцерозташування, будуть автоматично переміщені в цю пісочницю, якщо вони не були запущені в інших пісочницях. - - + + Stop Behaviour Зупинити поведінки @@ -7411,12 +7411,12 @@ If leader processes are defined, all others are treated as lingering processes.< Якщо лідерські процеси визначені, всі інші стають, як затримані. - + Start Restrictions Обмеження на виконання - + Issue message 1308 when a program fails to start Повідомлення про проблему 1308, коли програма не може виконатись @@ -7445,32 +7445,32 @@ If leader processes are defined, all others are treated as lingering processes.< Обмеження Інтернету - + Process Restrictions Обмеження процесів - + Issue message 1307 when a program is denied internet access Повідомлення про проблему 1307, коли програма не має доступ до Інтернету - + Prompt user whether to allow an exemption from the blockade. Зробити підсказку користувачу про дозвіл на звільнення від обмежень. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Примітка: Програми, встановлені в пісочниці, не матимуть доступу до Інтернету. - - - - - - + + + + + + Access Доступ @@ -7568,13 +7568,13 @@ If leader processes are defined, all others are treated as lingering processes.< - + Move Up Перемістити вгору - + Move Down Перемістити вниз @@ -7630,65 +7630,65 @@ If leader processes are defined, all others are treated as lingering processes.< - + Use a Sandboxie login instead of an anonymous token - + Configure which processes can access Desktop objects like Windows and alike. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection - + Issue message 1305 when a program tries to load a sandboxed dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Advanced Security Adcanced Security @@ -7698,52 +7698,52 @@ This is done to prevent rogue processes inside the sandbox from creating a renam Використовувати логін Sandboxie замість анонімного токена (експериментально) - + Other isolation - + Privilege isolation - + Sandboxie token - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. - + Program Control Програмний контроль - + Force Programs - + Disable forced Process and Folder for this sandbox - + Breakout Programs - + Breakout Program - + Breakout Folder @@ -7792,223 +7792,223 @@ This is done to prevent rogue processes inside the sandbox from creating a renam - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - + Lingering Programs - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. - + Leader Programs - + If leader processes are defined, all others are treated as lingering processes. - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Files - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + Registry Реєстр - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. - + IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. - + Wnd - + Wnd Class Клас Wnd - + COM - + Class Id - + Configure which processes can access COM objects. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) - + Access Policies - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. - + Network Options - + Set network/internet access for unlisted processes: Налаштувати доступ до мережі/інтернету для процесів, які не входять до списку: - + Test Rules, Program: Перевірити правила, програми: - + Port: Порт: - + IP: IP: - + Protocol: Протокол: - + X Х - + Add Rule Додати правило - - - - - - - - - + + + + + + + + + Program Програма - - + + Action Дія - - + + Port Порт - - - + + + IP IP - + Protocol Протокол - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. УВАГА: Windows Filtering Platform не увімнений у драйвері, тому ці правила можуть працювати тільки в користувальницькому режимі та можуть бути не застосовані!!! Шкідливі програми можуть це обійти. - + Resource Access Доступ до ресурсів @@ -8025,92 +8025,92 @@ You can use 'Open for All' instead to make it apply to all programs, o Ви можете використовувати 'Відкритий для всіх', щоб застосувати для всіх програм, або змінити цю поведінку у вкладці політик. - + Add File/Folder Додати файл/папку - + Add Wnd Class Додати клас Wnd - + Add IPC Path Додати шлях IPC - + Add Reg Key Додати ключ реєстру - + Add COM Object Додати об'єкт COM - + File Recovery Відновлення файлів - + Quick Recovery - + Add Folder Додати папку - + Immediate Recovery Негайне відновлення - + Ignore Extension Ігнорувати розширення - + Ignore Folder Ігнорувати папку - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Увімкнути термінове відновлення файлів, щоб швидко відновити файли після їх створення. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Ви можете виключити деякі папки та типи файлів (або розширення файлів) з термінового відновлення. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Коли швидке відновлення викликано, ці папки будуть перевірені в пісочниці. - + Advanced Options Додаткові налаштування - + Miscellaneous Різне - + Don't alter window class names created by sandboxed programs Не змінювати ім' класів вікон програм у пісочниці - + Do not start sandboxed services using a system token (recommended) Не запускати служби пісочниці за допомогою системного токену (рекомендовано) @@ -8118,26 +8118,26 @@ You can use 'Open for All' instead to make it apply to all programs, o - - - - + + + + Protect the sandbox integrity itself Захистити цілісність пісочниці - + Drop critical privileges from processes running with a SYSTEM token Прибрати критичні привілеї у процесів з системним токеном - - + + (Security Critical) (критично для безпеки) - + Protect sandboxed SYSTEM processes from unprivileged processes Захистити системні процеси пісочниці від непривілегільованих процесів @@ -8146,7 +8146,7 @@ You can use 'Open for All' instead to make it apply to all programs, o Ізоляція пісочниці - + Force usage of custom dummy Manifest files (legacy behaviour) Примусове використання користувальницьких файлів маніфесту (застаріле) @@ -8159,34 +8159,34 @@ You can use 'Open for All' instead to make it apply to all programs, o Політика доступу до ресурсів - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Правило має таку специфікацію, що воно є мірою того, як добре це правило підходить певному шляху, кількості символів тощо. Правило, яке підходить для файлів типу "*.tmp", має велику специфікацію, оскільки більше підходить за місцерозтушуванням. Процес рівня має більший пріорітет, чим специфікація та описує правило для процесу. Правила, які застосовуються до назви процесу або групи має більший рівень, за співпаданням по запереченням (тобто правила застосовуються для всіх процесів, але крім одного), поки найнижчі рівні мають глобальні збіги, тобто ті, які завжди застосовуються для будь-якого процесу. - + Prioritize rules based on their Specificity and Process Match Level Пріорітет правил, які побудовані на основі специфікації та рівня процесу - + Privacy Mode, block file and registry access to all locations except the generic system ones Приватний режим, блокує доступ до файлів та реєстру для всіх шляхів, окрім системних - + Access Mode Режим доступу - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Коли приватний режим увімнений, процеси в пісочниці мають доступ лише до C:\Windows\*, C:\Program Files\* та частинам реєстру HKLM, всі інших потрібен доступ на зчитування/записуванняю. У цьому режимі, специфікація правил увімкнена завжди. - + Rule Policies Політика правил @@ -8195,23 +8195,23 @@ The process match level has a higher priority than the specificity and describes Застсувати правило для закриття...=!<програм>,... та для всі бінарних файлам у пісочниці. - + Apply File and Key Open directives only to binaries located outside the sandbox. Застосувати правила відкриття файлів тільки для бінарних у пісочниці. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Запустити RpcSc в пісочниці, як системний процес (не рекомендовано) - + Allow only privileged processes to access the Service Control Manager Дозволити доступ до Service Control Manager тільки привільованим процесам - - + + Compatibility Сумістність @@ -8225,12 +8225,12 @@ The process match level has a higher priority than the specificity and describes Додати процеси у пісочниці до об'єктів завдань (рекомендовано) - + Emulate sandboxed window station for all processes Емулювати віконну станцію для всіх процесів у пісочниці - + Allow use of nested job objects (works on Windows 8 and later) Дозволити використання вкладених об'єктів завдань (працює тільки в Windows 8 та вище) @@ -8297,7 +8297,7 @@ The process match level has a higher priority than the specificity and describes COM/RPC - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Вимкнути використання RpcMgmtSetComTimeout за замовчуванням (може визивати проблеми з сумісністю) @@ -8326,41 +8326,41 @@ The process match level has a higher priority than the specificity and describes Ізоляція доступу - + Triggers Тригери - + Event Подія - - - - + + + + Run Command Виконати команду - + Start Service Запустити слубжу - + These events are executed each time a box is started Ці події виконуються щоразу, коли запускається контейнер - + On Box Start При запуску контейнера - - + + These commands are run UNBOXED just before the box content is deleted Ці команди виконуються ПОЗА ПІСОЧНИЦЕЮ безпосередньо перед видаленням вмісту контейнера @@ -8369,52 +8369,52 @@ The process match level has a higher priority than the specificity and describes При видаленні контейнера - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Ці команди виконуються лише після ініціалізації контейнера. Щоб запустити їх знову, вміст контейнера потрібно видалити. - + On Box Init При ініціалізації контейнера - + Here you can specify actions to be executed automatically on various box events. Тут ви можете вказати дії, які будуть виконуватися автоматично для різних подій контейнера. - + Hide Processes Сховати процеси - + Add Process Додати процес - + Hide host processes from processes running in the sandbox. Сховати процеси хоста від процесів, які виконуються в пісочниці. - + Don't allow sandboxed processes to see processes running in other boxes Не дозволяти ізольованим процесам бачити процеси, що виконуються в інших контейнерах - + Users Користувачі - + Restrict Resource Access monitor to administrators only Обмежити монітор доступу до ресурсів лише адміністраторам - + Add User Додати користувача @@ -8423,7 +8423,7 @@ The process match level has a higher priority than the specificity and describes Видалити користувача - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8432,23 +8432,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Примітка: Примусові налаштування програм і примусових папок для пісочниці не застосовуються до облікових записів користувачів, які не можуть використовувати пісочницю. - + Add Option - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. - + Option - + Tracing Відстежування @@ -8458,22 +8458,22 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Відстежування викликів API (потрібен logapi, який повинен бути встановлений у папку sbie) - + Pipe Trace Трасування pipe - + Log all SetError's to Trace log (creates a lot of output) Записувати всі SetError у журналі трасування (створює багато вихідних даних) - + Log Debug Output to the Trace Log Записувати дані відладки до журналу трасування - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8496,78 +8496,78 @@ instead of "*". Трасування системних викликів NTDLL (створює багато даних у виході) - + File Trace Трасування файлів - + Disable Resource Access Monitor Виключити монітор доступу до ресурсів - + IPC Trace Трасування IPC - + GUI Trace Трасування GUI - + Resource Access Monitor Монітор доступу до ресурсів - + Access Tracing Трасування доступу - + COM Class Trace Трасування COM Class - + Key Trace Трасування Key Trace - - + + Network Firewall Мережевий брандмауер - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Syscall Trace (creates a lot of output) - + Debug Відладка - + WARNING, these options can disable core security guarantees and break sandbox security!!! УВАГА, ці налаштування можуть вимкнути захист ядра та зламати захист пісочниці!!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Ці параметри призначені для налагодження проблем із сумісністю, будь ласка, не використовуйте їх у виробництві. - + App Templates Шаблони для додатків @@ -8576,22 +8576,22 @@ instead of "*". Шаблони сумісності - + Filter Categories Категорії фільтрів - + Text Filter Текстовий фільтр - + Add Template Додати шаблон - + This list contains a large amount of sandbox compatibility enhancing templates Цей список має багату кількість шаблонів сумісності @@ -8600,17 +8600,17 @@ instead of "*". Прибрати - + Category Категорія - + Template Folders Папка з шаблонами - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8619,23 +8619,23 @@ Please note that this values are currently user specific and saved globally for Зауважте, що наразі ці значення є специфічними для користувача та зберігаються глобально для всіх контейнерів. - - + + Value Значення - + Accessibility Доступність - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Щоб компенсувати втрачений захист, зверніться до сторінки налаштувань Скинути права у групі налаштувань Обмежень. - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Читачі екрану: JAWS, NVDA, Window-Eyes, System Access @@ -8645,43 +8645,43 @@ Please note that this values are currently user specific and saved globally for - + Various Options - + Apply ElevateCreateProcess Workaround (legacy behaviour) - + Use desktop object workaround for all processes - + This command will be run before the box content will be deleted - + On File Recovery - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked - + Run File Checker - + On Delete Content @@ -8707,103 +8707,103 @@ Please note that this values are currently user specific and saved globally for - + Process Процес - + Other Options - + Port Blocking - + Block common SAMBA ports - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. - + Resolve hostnames via proxy - + Block DNS, UDP port 53 - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8813,79 +8813,79 @@ Please note that this values are currently user specific and saved globally for - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + API call Trace (traces all SBIE hooks) - + DNS Request Logging - + Templates - + Open Template - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Ці налаштування допомагають використовувати Sandboxie з програмний забезпеченням для спеціальних можливостей. Зауважте, що при використанні цих параметрів, деякі функції захисту можуть не діяти. - + Edit ini Section Редагувати розділ ini файлу - + Edit ini Редагувати ini - + Cancel Скасувати - + Save Зберігти diff --git a/SandboxiePlus/SandMan/sandman_vi.ts b/SandboxiePlus/SandMan/sandman_vi.ts index 5be5b3ef..8f8020c3 100644 --- a/SandboxiePlus/SandMan/sandman_vi.ts +++ b/SandboxiePlus/SandMan/sandman_vi.ts @@ -6949,8 +6949,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes Bảo vệ hệ thống khỏi các tiến trình Sandbox @@ -7091,12 +7091,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an Hạn chế in ấn - + Network restrictions Hạn chế mạng - + Block network files and folders, unless specifically opened. Chặn các tệp và thư mục mạng, trừ khi được mở cụ thể. @@ -7112,18 +7112,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name Tên @@ -7140,98 +7140,98 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove Loại bỏ - - - - - - - + + + + + + + Type Loại - + Program Groups Nhóm chương trình - + Add Group Thêm nhóm - - - - - + + + + + Add Program Thêm chương trình - + Force Folder Buộc thư mục - - - + + + Path Đường dẫn - + Force Program Chương trình bắt buộc - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates Hiển thị Mẫu @@ -7281,7 +7281,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an Mở Windows Credentials Store (chế độ người dùng) - + Prevent change to network and firewall parameters (user mode) Ngăn chặn sự thay đổi đối với các thông số mạng và tường lửa (chế độ người dùng) @@ -7313,48 +7313,48 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. Bạn có thể nhóm các chương trình lại với nhau và đặt tên nhóm cho chúng. Nhóm chương trình có thể được sử dụng với một số cài đặt thay vì tên chương trình. Các nhóm được xác định cho Sandbox sẽ ghi đè các nhóm được xác định trong mẫu. - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. Các chương trình được nhập tại đây hoặc các chương trình được bắt đầu từ các vị trí đã nhập sẽ tự động được đưa vào Sandbox cát này, trừ khi chúng được khởi động rõ ràng trong Sandbox cát khác. - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. - - + + Stop Behaviour Ngừng hành vi - + Stop Options - + Use Linger Leniency - + Don't stop lingering processes with windows - + Start Restrictions Bắt đầu hạn chế - + Issue message 1308 when a program fails to start Thông báo sự cố 1308 khi một chương trình không khởi động được @@ -7379,32 +7379,32 @@ If you are a great patreaon supporter already, sandboxie can check online for an * Ghi chú: Các chương trình được cài đặt vào Sandbox này sẽ không thể khởi động được. - + Process Restrictions Hạn chế Tiến trình - + Issue message 1307 when a program is denied internet access Thông báo sự cố 1307 khi một chương trình bị từ chối truy cập internet - + Prompt user whether to allow an exemption from the blockade. Nhắc người dùng xem có cho phép miễn lệnh phong tỏa hay không. - + Note: Programs installed to this sandbox won't be able to access the internet at all. Ghi chú: Các chương trình được cài đặt vào Sandbox này sẽ không thể truy cập internet. - - - - - - + + + + + + Access Truy cập @@ -7502,13 +7502,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Move Up Đi lên - + Move Down Đi xuống @@ -7575,65 +7575,65 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Use a Sandboxie login instead of an anonymous token - + Configure which processes can access Desktop objects like Windows and alike. - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. - + Image Protection - + Issue message 1305 when a program tries to load a sandboxed dll - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox - + Dlls && Extensions - + Description - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. - + Advanced Security Adcanced Security Bảo mật nâng cao @@ -7643,119 +7643,119 @@ This is done to prevent rogue processes inside the sandbox from creating a renam Sử dụng thông tin đăng nhập Sandboxie thay vì mã thông báo ẩn danh (thử nghiệm) - + Other isolation Cách ly khác - + Privilege isolation Cô lập đặc quyền - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. Sử dụng Mã thông báo Sandbox tùy chỉnh cho phép cô lập các Sandbox riêng lẻ với nhau tốt hơn và nó hiển thị trong cột người dùng của người quản lý tác vụ tên của Sandbox mà một quy trình thuộc về. Tuy nhiên, một số giải pháp bảo mật của bên thứ 3 có thể gặp sự cố với mã thông báo tùy chỉnh. - + Program Control Kiểm soát chương trình - + Force Programs Chương trình bắt buộc - + Disable forced Process and Folder for this sandbox - + Breakout Programs Chương trình đột phá - + Breakout Program Chương trình đột phá - + Breakout Folder Thư mục đột phá - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. Các chương trình được nhập ở đây sẽ được phép thoát ra khỏi Sandbox này khi chúng bắt đầu. Cũng có thể thu thập chúng vào một Sandbox khác, chẳng hạn như để trình duyệt web của bạn luôn mở trong một Sandbox chuyên dụng. - + Lingering Programs Chương trình kéo dài - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. Các chương trình kéo dài sẽ tự động bị chấm dứt nếu chúng vẫn đang chạy sau khi tất cả các quá trình khác đã được chấm dứt. - + Leader Programs Các chương trình dẫn đầu - + If leader processes are defined, all others are treated as lingering processes. If các quy trình của nhà lãnh đạo được xác định, tất cả các quy trình khác được coi là các quy trình kéo dài. - + Files Các tập tin - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Định cấu hình quy trình nào có thể truy cập Tệp, Thư mục và Đường ống. 'Mở' quyền truy cập chỉ áp dụng cho các mã nhị phân của chương trình nằm bên ngoài Sandbox, bạn có thể dùng 'Mở cho tất cả' thay vào đó để làm cho nó áp dụng cho tất cả các chương trình hoặc thay đổi hành vi này trong tab Chính sách. - + Registry Registry - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. Định cấu hình những tiến trình nào có thể truy cập vào Registry. 'Mở' quyền truy cập chỉ áp dụng cho các mã nhị phân của chương trình nằm bên ngoài Sandbox, bạn có thể dùng 'Mở cho tất cả' thay vào đó để làm cho nó áp dụng cho tất cả các chương trình hoặc thay đổi hành vi này trong tab Chính sách. - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. Định cấu hình quy trình nào có thể truy cập các đối tượng NT IPC như cổng ALPC và bộ nhớ và ngữ cảnh quy trình khác. Để chỉ định một quy trình sử dụng '$:program.exe' như đường dẫn. - + Wnd Wnd - + Wnd Class Wnd Class @@ -7765,132 +7765,132 @@ To specify a process use '$:program.exe' as path. Định cấu hình các tiến trình nào có thể truy cập các đối tượng Máy tính để bàn như Windows và các quy trình tương tự. - + COM COM - + Class Id Class Id - + Configure which processes can access COM objects. Định cấu hình tiến trình nào có thể truy cập các đối tượng COM. - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) Không sử dụng COM ảo hóa, Mở quyền truy cập vào máy chủ cơ sở hạ tầng COM (không được khuyến nghị) - + Access Policies Chính sách truy cập - + Network Options Tùy chọn mạng - + Set network/internet access for unlisted processes: Đặt quyền truy cập mạng / internet cho các quy trình không công khai: - + Test Rules, Program: Quy tắc kiểm tra, chương trình: - + Port: Port: - + IP: IP: - + Protocol: Giao thức: - + X X - + Add Rule Thêm quy tắc - - - - - - - - - + + + + + + + + + Program Chương trình - - + + Action Hoạt động - - + + Port Port - - - + + + IP IP - + Protocol Giao thức - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. THẬN TRỌNG:Nền tảng lọc của Windows không được kích hoạt với trình điều khiển, do đó các quy tắc này sẽ chỉ được áp dụng trong chế độ người dùng và không thể được thực thi !!! Điều này có nghĩa là các ứng dụng độc hại có thể bỏ qua chúng. - + Resource Access Quyền truy cập tài nguyên - + Add File/Folder Thêm tệp / thư mục - + Add Wnd Class Thêm Wnd Class - + Add IPC Path Thêm IPC Path @@ -7928,87 +7928,87 @@ To specify a process use '$:program.exe' as path. Truy cập cách ly - + Sandboxie token Mã thông báo Sandboxie - + Add Reg Key Thêm Reg Key - + Add COM Object Thêm Đối tượng COM - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. Áp dụng Đóng...=!<chương trình>,... quy tắc cũng cho tất cả các tệp nhị phân nằm trong Sandbox. - + File Recovery Phục hồi tập tin - + Quick Recovery Khôi phục nhanh - + Add Folder Thêm thư mục - + Immediate Recovery Phục hồi ngay lập tức - + Ignore Extension Bỏ qua phần mở rộng - + Ignore Folder Bỏ qua thư mục - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. Bật lời nhắc Khôi phục ngay lập tức để có thể khôi phục tệp ngay sau khi chúng được tạo. - + You can exclude folders and file types (or file extensions) from Immediate Recovery. Bạn có thể loại trừ các thư mục và loại tệp (hoặc phần mở rộng tệp) khỏi Khôi phục ngay lập tức. - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. Khi chức năng Khôi phục nhanh được gọi, các thư mục sau sẽ được kiểm tra nội dung Sandbox. - + Advanced Options Tùy chọn nâng cao - + Miscellaneous Khác - + Don't alter window class names created by sandboxed programs Không thay đổi tên lớp cửa sổ được tạo bởi các chương trình Sandbox - + Do not start sandboxed services using a system token (recommended) Không khởi động các dịch vụ Sandbox bằng mã thông báo hệ thống (được khuyến nghị) @@ -8016,84 +8016,84 @@ To specify a process use '$:program.exe' as path. - - - - + + + + Protect the sandbox integrity itself Bảo vệ tính toàn vẹn của hộp cát - + Drop critical privileges from processes running with a SYSTEM token Bỏ các đặc quyền quan trọng khỏi các quy trình đang chạy với mã thông báo HỆ THỐNG - - + + (Security Critical) (Bảo mật quan trọng) - + Protect sandboxed SYSTEM processes from unprivileged processes Bảo vệ các quy trình HỆ THỐNG hộp cát khỏi các quy trình không có đặc quyền - + Force usage of custom dummy Manifest files (legacy behaviour) Buộc sử dụng các tệp Tệp kê khai giả tùy chỉnh (hành vi kế thừa) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. Độ cụ thể của quy tắc là thước đo mức độ phù hợp của một quy tắc nhất định với một đường dẫn cụ thể, chỉ cần đặt độ cụ thể là độ dài của các ký tự từ đầu đường dẫn đến và bao gồm chuỗi con không phải ký tự đại diện phù hợp cuối cùng. Quy tắc chỉ khớp với các loại tệp như "*.tmp" sẽ có độ đặc hiệu cao nhất vì nó sẽ luôn khớp với toàn bộ đường dẫn tệp. Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức độ cụ thể và mô tả cách áp dụng quy tắc cho một tiến trình nhất định. Các quy tắc áp dụng theo tên tiến trình hoặc nhóm có mức đối sánh mạnh nhất, tiếp theo là đối sánh bằng phủ định (tức là các quy tắc áp dụng cho tất cả các tiến trình trừ quy trình đã cho), trong khi các cấp đối sánh thấp nhất có các đối sánh toàn cục, tức là các quy tắc áp dụng cho bất kỳ tiến trình nào. - + Prioritize rules based on their Specificity and Process Match Level Ưu tiên các quy tắc dựa trên Mức độ cụ thể và Đối sánh quy trình của chúng - + Privacy Mode, block file and registry access to all locations except the generic system ones Chế độ bảo mật, chặn tệp và quyền truy cập đăng ký vào tất cả các vị trí ngoại trừ các vị trí hệ thống chung - + Access Mode Chế độ truy cập - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. Khi Chế độ bảo mật được bật, các quy trình Sandbox sẽ chỉ có thể đọc C:\Windows\*, C:\Program Files\* và các phần của sổ đăng ký HKLM, tất cả các vị trí khác sẽ cần quyền truy cập rõ ràng để có thể đọc được và / hoặc có thể ghi được. Trong chế độ này, Tính cụ thể của quy tắc luôn được bật. - + Rule Policies Chính sách Quy tắc - + Apply File and Key Open directives only to binaries located outside the sandbox. Chỉ áp dụng lệnh Mở tệp và Khóa cho các tệp nhị phân nằm bên ngoài Sandbox. - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) Bắt đầu các RpcS có Sandbox dưới dạng quy trình HỆ THỐNG (không được khuyến nghị) - + Allow only privileged processes to access the Service Control Manager Chỉ cho phép các quy trình đặc quyền truy cập Trình quản lý kiểm soát dịch vụ - - + + Compatibility Khả năng tương thích @@ -8103,7 +8103,7 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức Thêm các quy trình Sandbox vào các đối tượng công việc (được khuyến nghị) - + Emulate sandboxed window station for all processes Mô phỏng trạm cửa sổ Sandbox cho tất cả các quy trình @@ -8137,7 +8137,7 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức Cho phép đọc bộ nhớ của các quy trình không trong Sandbox (không được khuyến nghị) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) Vô hiệu hóa việc sử dụng RpcMgmtSetComTimeout theo mặc định (điều này có thể giải quyết các vấn đề tương thích) @@ -8162,81 +8162,81 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức Các tùy chọn dưới đây có thể được sử dụng một cách an toàn khi bạn không cấp quyền quản trị viên. - + Triggers Triggers - + Event Event - - - - + + + + Run Command Chạy lệnh - + Start Service Bắt đầu dịch vụ - + These events are executed each time a box is started Các sự kiện này được thực thi mỗi khi một Sandbox được khởi động - + On Box Start Khi bắt đầu Sandbox - - + + These commands are run UNBOXED just before the box content is deleted Các lệnh này được chạy ngoài Sandbox ngay trước khi nội dung Sandbox bị xóa - + Allow use of nested job objects (works on Windows 8 and later) Cho phép sử dụng các đối tượng công việc lồng ghép nhau (hoạt động trên Windows 8 trở lên) - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. Các lệnh này chỉ được thực thi khi một Sandbox được khởi tạo. Để làm cho chúng chạy lại, nội dung Sandbox phải được xóa. - + On Box Init Khi khởi động Sandbox - + These commands are run UNBOXED after all processes in the sandbox have finished. - + Here you can specify actions to be executed automatically on various box events. Tại đây, bạn có thể chỉ định các hành động được thực thi tự động trên các sự kiện Sandbox khác nhau. - + Hide Processes Ẩn các tiến trình - + Add Process Thêm tiến trình - + Hide host processes from processes running in the sandbox. Ẩn các tiến trình máy chủ khỏi các tiến trình đang chạy trong Sandbox. @@ -8246,48 +8246,48 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức Những hạn chế - + Various Options Các tùy chọn khác nhau - + Apply ElevateCreateProcess Workaround (legacy behaviour) Áp dụng ElevateCreateProcess Workaround (hành vi cũ) - + Use desktop object workaround for all processes - + This command will be run before the box content will be deleted Lệnh này sẽ được chạy trước khi nội dung Sandbox bị xóa - + On File Recovery Khi phục hồi tệp - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked Lệnh này sẽ được chạy trước khi tệp được khôi phục và đường dẫn tệp sẽ được chuyển làm đối số đầu tiên. Nếu lệnh này trả về bất kỳ điều gì khác với 0, quá trình khôi phục sẽ bị chặn - + Run File Checker Chạy trình kiểm tra tệp - + On Delete Content Khi xóa nội dung - + Don't allow sandboxed processes to see processes running in other boxes Không cho phép các tiến trình trong Sandbox cát xem các quy trình đang chạy trong các Sandbox khác @@ -8298,7 +8298,7 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức - + Process Tiến trình @@ -8307,22 +8307,22 @@ Mức độ đối sánh tiến trình có mức độ ưu tiên cao hơn mức Chặn cũng đọc quyền truy cập vào các tiến trình trong Sandbox này - + Users Người dùng - + Restrict Resource Access monitor to administrators only Giới hạn giám sát Quyền truy cập tài nguyên chỉ dành cho quản trị viên - + Add User Thêm người dùng - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8331,23 +8331,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to Ghi chú: Cài đặt Buộc chương trình và Thư mục bắt buộc cho Sandbox không áp dụng cho các tài khoản người dùng không thể sử dụng Sandbox. - + Add Option Thêm tùy chọn - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. Tại đây, bạn có thể định cấu hình các tùy chọn nâng cao cho mỗi quy trình để cải thiện khả năng tương thích và / hoặc tùy chỉnh hành vi Sandbox. - + Option Tuỳ chọn - + Tracing Truy tìm @@ -8356,22 +8356,22 @@ Ghi chú: Cài đặt Buộc chương trình và Thư mục bắt buộc cho Sa Theo dõi cuộc gọi API (yêu cầu phải cài đặt LogAPI trong thư mục Sbie) - + Pipe Trace Pipe Trace - + Log all SetError's to Trace log (creates a lot of output) Ghi lại tất cả SetError' đến Nhật ký theo dõi (tạo ra nhiều đầu ra) - + Log Debug Output to the Trace Log Ghi đầu ra Gỡ lỗi vào Nhật ký theo dõi - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8394,113 +8394,113 @@ thay vì "*". Ntdll syscall Trace (tạo ra nhiều đầu ra) - + File Trace Theo dõi tệp - + Disable Resource Access Monitor Tắt tính năng giám sát quyền truy cập tài nguyên - + IPC Trace Theo dõi IPC - + GUI Trace Theo dõi giao diện người dùng - + Resource Access Monitor Giám sát truy cập tài nguyên - + Access Tracing Truy cập theo dõi - + COM Class Trace Theo dõi lớp COM - + Key Trace Theo dõi khoá - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. Để bù đắp cho sự bảo vệ đã mất, vui lòng tham khảo trang cài đặt Quyền thả trong nhóm cài đặt Hạn chế. - - + + Network Firewall Tường lửa mạng - + API call Trace (traces all SBIE hooks) - + Debug Gỡ lỗi - + WARNING, these options can disable core security guarantees and break sandbox security!!! CẢNH BÁO, các tùy chọn này có thể vô hiệu hóa các đảm bảo bảo mật cốt lõi và phá vỡ bảo mật Sandbox !!! - + These options are intended for debugging compatibility issues, please do not use them in production use. Các tùy chọn này nhằm gỡ lỗi các vấn đề tương thích, vui lòng không sử dụng chúng trong sản xuất. - + App Templates Mẫu ứng dụng - + Filter Categories Lọc danh mục - + Text Filter Bộ lọc văn bản - + Add Template Thêm mẫu - + This list contains a large amount of sandbox compatibility enhancing templates Danh sách này chứa một lượng lớn các mẫu nâng cao khả năng tương thích với Sandbox - + Category Loại - + Template Folders Thư mục Mẫu - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8509,8 +8509,8 @@ Please note that this values are currently user specific and saved globally for Xin lưu ý rằng các giá trị này hiện là dành riêng cho người dùng và được lưu trên toàn cầu cho tất cả các Sandbox. - - + + Value Giá trị @@ -8530,72 +8530,72 @@ Xin lưu ý rằng các giá trị này hiện là dành riêng cho người dù - + Other Options - + Port Blocking - + Block common SAMBA ports - + DNS Filter - + Add Filter - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. - + Domain - + Internet Proxy - + Add Proxy - + Test Proxy - + Auth - + Login - + Password - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. @@ -8606,40 +8606,40 @@ Xin lưu ý rằng các giá trị này hiện là dành riêng cho người dù - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. - + Resolve hostnames via proxy - + Block DNS, UDP port 53 - + Limit restrictions - - + + Leave it blank to disable the setting(Unit:KB) - + Leave it blank to disable the setting @@ -8654,89 +8654,89 @@ Xin lưu ý rằng các giá trị này hiện là dành riêng cho người dù - + Total Processes Memory Limit: - + Single Process Memory Limit: - + On Box Terminate - + Don't allow sandboxed processes to see processes running outside any boxes - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. - + DNS Request Logging - + Syscall Trace (creates a lot of output) - + Templates Mẫu - + Open Template - + Accessibility Khả năng tiếp cận - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access Trình đọc màn hình: JAWS, NVDA, Window-Eyes, System Access - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. Các cài đặt sau cho phép sử dụng Sandboxie kết hợp với phần mềm trợ năng. Xin lưu ý rằng một số biện pháp bảo vệ Sandboxie nhất thiết bị mất khi các cài đặt này có hiệu lực. - + Edit ini Section Chỉnh sửa file .ini - + Edit ini Chỉnh sửa ini - + Cancel Hủy bỏ - + Save Lưu diff --git a/SandboxiePlus/SandMan/sandman_zh_CN.ts b/SandboxiePlus/SandMan/sandman_zh_CN.ts index a7927244..4a2d5a93 100644 --- a/SandboxiePlus/SandMan/sandman_zh_CN.ts +++ b/SandboxiePlus/SandMan/sandman_zh_CN.ts @@ -7129,8 +7129,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes 保护系统免受沙盒内进程的影响 @@ -7140,7 +7140,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an 提权限制 - + Block network files and folders, unless specifically opened. 拦截对网络文件和文件夹的访问,除非专门开放访问权限 @@ -7150,7 +7150,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an 使应用程序认为自己已被提权运行(允许安全地运行安装程序) - + Network restrictions 网络限制 @@ -7293,18 +7293,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name 名称 @@ -7321,98 +7321,98 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove 移除 - - - - - - - + + + + + + + Type 类型 - + Program Groups 程序组 - + Add Group 添加组 - - - - - + + + + + Add Program 添加程序 - + Force Folder 必沙目录 - - - + + + Path 路径 - + Force Program 必沙程序 - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates 显示模板 @@ -7447,7 +7447,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an 开放 Windows 凭据存储访问权限 (用户态) - + Prevent change to network and firewall parameters (user mode) 拦截对网络及防火墙参数的更改 (用户态) @@ -7461,48 +7461,48 @@ If you are a great patreaon supporter already, sandboxie can check online for an 阻止干预用户操作(移动鼠标,使窗口Z序靠前等) - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. 可以在此处将应用程序分组并给它们分配一个组名,程序组可用于代替程序名被用于某些设置,在此处定义的沙盒程序组将覆盖模板中定义的程序组 - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. 此处指定的程序或者指定位置中的程序,将自动进入此沙盒,除非已明确在其它沙盒中启动它 - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>SECURITY ADVISORY</font>:</b> 将 <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 和/或 <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> 结合 Open[File/Pipe]Path directives 功能会造成安全性下降。请在使用前阅读文档中相应选项的安全小节。 - - + + Stop Behaviour 停止行为 - + Stop Options 停止选项 - + Use Linger Leniency 使用停留宽容度 - + Don't stop lingering processes with windows 不要停止含有窗口的驻留进程 - + Start Restrictions 启动限制 - + Issue message 1308 when a program fails to start 程序启动失败时,提示问题代码 1308 @@ -7527,131 +7527,131 @@ If you are a great patreaon supporter already, sandboxie can check online for an * 注意:安装在此沙盒里的程序将完全无法启动 - + Process Restrictions 程序限制 - + Issue message 1307 when a program is denied internet access 程序被拒绝访问网络时,提示问题代码 1307 - + Note: Programs installed to this sandbox won't be able to access the internet at all. 注意:安装在此沙盒中的程序将完全无法访问网络 - + Prompt user whether to allow an exemption from the blockade. 询问用户是否允许例外 - + Resource Access 资源访问 - - - - - - - - - + + + + + + + + + Program 程序 - - - - - - + + + + + + Access 访问 - + Add Reg Key 添加注册表键值 - + Add File/Folder 添加文件/文件夹 - + Add Wnd Class 添加窗口类 - + Add COM Object 添加 COM 对象 - + Add IPC Path 添加 IPC 路径 - + File Recovery 文件恢复 - + Add Folder 添加文件夹 - + Ignore Extension 忽略扩展名 - + Ignore Folder 忽略文件夹 - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. 启用快速恢复提示,以便快速恢复创建的文件 - + You can exclude folders and file types (or file extensions) from Immediate Recovery. 可以在此处从快速恢复中排除特定目录和文件类型(扩展名) - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. 当快速恢复功能被调用时,检查沙盒内的下列文件夹 - + Advanced Options 高级选项 - + Miscellaneous 杂项 - + Do not start sandboxed services using a system token (recommended) 不使用系统令牌启动沙盒化的服务 (推荐) - + Don't alter window class names created by sandboxed programs 不要改变由沙盒内程序创建的窗口类名 @@ -7659,16 +7659,16 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - + + + + Protect the sandbox integrity itself 沙盒完整性保护 - - + + Compatibility 兼容性 @@ -7678,17 +7678,17 @@ If you are a great patreaon supporter already, sandboxie can check online for an 添加沙盒化进程到作业对象 (推荐) - + Force usage of custom dummy Manifest files (legacy behaviour) 强制使用自定义虚拟 Manifest 文件 (传统行为) - + Allow only privileged processes to access the Service Control Manager 仅允许特权进程访问“服务控制管理器” - + Emulate sandboxed window station for all processes 为所有进程模拟沙盒化窗口工作站 @@ -7699,22 +7699,22 @@ If you are a great patreaon supporter already, sandboxie can check online for an 开放 Windows 安全帐户管理器 (SAM) 的访问权限 - + Hide Processes 隐藏进程 - + Add Process 添加进程 - + Hide host processes from processes running in the sandbox. 对沙盒内运行的进程隐藏宿主的进程 - + Don't allow sandboxed processes to see processes running in other boxes 不允许沙盒内的进程查看其它沙盒里运行的进程 @@ -7747,30 +7747,30 @@ If you are a great patreaon supporter already, sandboxie can check online for an 仅管理员账户可以对这个沙盒做出更改 - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. 该设置可用于防止程序在未经用户知情或同意的情况下在已解锁的加密沙盒中运行。 - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. 在从外部源启动沙盒中的进程之前显示弹出警告 - + Limit restrictions 限制 - - + + Leave it blank to disable the setting(Unit:KB) 留空以禁用此设置(单位:KB) - + Leave it blank to disable the setting 留空以禁用此设置 @@ -7785,54 +7785,54 @@ If you are a great patreaon supporter already, sandboxie can check online for an 作业对象 - + Total Processes Memory Limit: 所有进程内存占用限制: - + Single Process Memory Limit: 单个进程内存占用限制: - + These commands are run UNBOXED after all processes in the sandbox have finished. 沙盒中的所有进程结束后,这些命令将在无沙盒的环境下运行。 - + Don't allow sandboxed processes to see processes running outside any boxes 不允许沙盒内的进程查看任何沙盒外运行的进程 - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI 防止沙盒内的进程通过 WMI 访问系统信息 - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. 一些程序通过 WMI(一个Windows内置数据库) 读取系统信息,而不是通过正常方式。例如,尽管已经打开 "隐藏其它沙盒" ,"tasklist.exe" 仍然可以通过访问 WMI 获取全部进程列表。开启此选项来阻止这些行为。 - + Users 用户 - + Restrict Resource Access monitor to administrators only 仅允许管理员访问“资源访问监视器” - + Add User 添加用户 - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -7841,32 +7841,32 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to 注意:沙盒的必沙程序及文件夹设置不适用于不能运行沙盒的系统用户 - + Tracing 跟踪 - + API call Trace (traces all SBIE hooks) API 调用跟踪 (跟踪所有 SBIE 钩子) - + COM Class Trace COM 类跟踪 - + IPC Trace IPC 跟踪 - + Key Trace 键值跟踪 - + GUI Trace GUI 跟踪 @@ -7911,13 +7911,13 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to - + Move Up 上移 - + Move Down 下移 @@ -7947,33 +7947,33 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to 访问隔离 - + Image Protection 映像保护 - + Issue message 1305 when a program tries to load a sandboxed dll 当一个程序试图加载一个沙盒内部的动态链接库(.dll)文件时,提示问题代码 1305 - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox 阻止安装在宿主上的沙盒程序从沙盒内部加载DLL(动态链接库)文件 - + Dlls && Extensions Dll && 扩展 - + Description 说明 - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Sandboxie 的资源访问规则通常对位于沙盒内的二进制程序具有歧视性 @@ -7992,13 +7992,13 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 使用主机映像保护,可以通过阻止在沙盒内运行的应用程序(安装在宿主上的)加载来自沙盒的动态链接库来防止此类现象 - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. 沙盒功能可以使用可选的.dll文件来获得增强,这些.dll文件可以在SbieDll.dll启动时加载到每个沙盒进程中。全局设置中的插件管理器提供了一些有用的扩展。安装后,就可以在这里为当前的沙盒启用。 - + Advanced Security Adcanced Security 安全性(高级) @@ -8008,53 +8008,53 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 使用 Sandboxie 限权用户,而不是匿名令牌 (实验性) - + Other isolation 其它隔离 - + Privilege isolation 特权隔离 - + Sandboxie token 沙盒令牌 - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. 使用自定义沙盒令牌可以更好地将各个沙盒相互隔离,同时可以实现在任务管理器的用户栏中显示进程所属的沙盒 但是,某些第三方安全解决方案可能会与自定义令牌产生兼容性问题 - + Program Control 程序控制 - + Force Programs 必沙程序 - + Disable forced Process and Folder for this sandbox 禁用此沙盒的“强制进程/目录 规则” - + Breakout Programs 分离程序 - + Breakout Program 分离程序 - + Breakout Folder 分离目录 @@ -8063,39 +8063,39 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 阻止通过Windows公共方法获取未沙盒化窗口的图像 - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. 此处设置的程序在启动时将被允许脱离这个沙盒,利用此选项可以将程序捕获到另一个沙盒里 例如,让网络浏览器总是在一个专门的沙盒里打开 - + Lingering Programs 驻留程序 - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. 其它所有程序被终止后,仍在运行的驻留程序将自动终止 - + Leader Programs 引导进程 - + If leader processes are defined, all others are treated as lingering processes. 如果定义了引导进程,其它进程将被视作驻留进程 - + Files 文件 - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 配置哪些进程可以访问文件、文件夹和管道 @@ -8103,12 +8103,12 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 你可以使用“完全开放”来对所有程序开放所有权限,或者在策略标签中改变这一行为 - + Registry 注册表 - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 配置哪些进程可以读写注册表 @@ -8116,24 +8116,24 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 你可以使用“完全开放”来对所有程序开放所有权限,或者在策略标签中改变这一行为 - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. 配置哪些进程可以访问 NT IPC 对象,如 ALPC 端口及其他进程的内存和相关运行状态环境 如需指定一个进程,使用“$:program.exe”作为路径值(不含双引号) - + Wnd 窗口 - + Wnd Class 窗口类 @@ -8143,167 +8143,167 @@ To specify a process use '$:program.exe' as path. 配置哪些进程可以访问桌面对象,如 Windows 或其它类似对象 - + COM COM - + Class Id 类 Id - + Configure which processes can access COM objects. 配置哪些进程可以访问 COM 对象 - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) 不虚拟化 COM 对象,而是开放主机的 COM 基础结构 (不推荐) - + Access Policies 权限策略 - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. 将 Close...=!<program>,... 规则,应用到位于沙盒内的所有相关二进制文件 - + Network Options 网络选项 - + Set network/internet access for unlisted processes: 不在列表中的程序的网络访问权限: - + Test Rules, Program: 测试规则或程序: - + Port: 端口: - + IP: IP: - + Protocol: 协议: - + X X - + Add Rule 添加规则 - - + + Action 动作 - - + + Port 端口 - - - + + + IP IP - + Protocol 协议 - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. 警告:未在此驱动程序启用 Windows 筛选平台,因此以下规则只能在用户模式下生效,无法被强制执行!!!恶意程序可能会绕过这些规则的限制 - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. 规则的特异度是衡量一个给定规则对特定路径的匹配程度,简单地说,特异度是指从路径的最开始到最后一个匹配的非通配符子串之间的字符长度,一个只匹配 “*.tmp” 这样的文件类型的规则将具有最高的特异性,因为它总是匹配整个文件路径 进程匹配级别的优先级高于特异度,它描述了一条规则如何适用于一个给定的进程,按进程名称或程序组应用的规则具有最高的匹配级别,其次是否定匹配模式(即适用于匹配除给定进程以外的所有进程的规则),而匹配级别最低的是全局匹配,即适用于任何进程的规则 - + Prioritize rules based on their Specificity and Process Match Level 基于规则的特异度和进程匹配级别对规则进行优先级排序 - + Privacy Mode, block file and registry access to all locations except the generic system ones 隐私模式,阻止对通用系统目录之外的所有文件位置和注册表节点的访问 - + Access Mode 访问权限模式 - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. 当启用隐私模式时,沙盒进程将只能读取 C:\Windows\* 、 C:\Program Files\* 和注册表 HKLM 节点下的部分内容,除此之外的所有其它位置都需要明确的访问授权才能被读取或写入,在此模式下,专有规则将总是被应用 - + Rule Policies 规则策略 - + Apply File and Key Open directives only to binaries located outside the sandbox. 只对位于沙盒之外的二进制文件应用文件和密钥权限开放指令 - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) 以系统进程启动沙盒服务 RpcSs (不推荐) - + Allow use of nested job objects (works on Windows 8 and later) Allow use of nested job objects (experimental, works on Windows 8 and later) 允许使用嵌套作业对象(job object) (仅适用于 Windows 8 及更高版本) - + Drop critical privileges from processes running with a SYSTEM token 撤销以系统令牌运行中的程序的关键特权 - - + + (Security Critical) (安全关键) - + Protect sandboxed SYSTEM processes from unprivileged processes 保护沙盒中的系统进程免受非特权进程的影响 @@ -8333,7 +8333,7 @@ The process match level has a higher priority than the specificity and describes 进程被拒绝访问非沙盒进程内存时,提示问题代码 2111 - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) 默认禁用 RpcMgmtSetComTimeout (或许可以解决兼容性问题) @@ -8362,56 +8362,56 @@ The process match level has a higher priority than the specificity and describes 以下选项可以在你未授予管理员权限时安全的使用 - + Triggers 触发器 - + Event 事件 - - - - + + + + Run Command 执行命令 - + Start Service 启动服务 - + These events are executed each time a box is started 这些事件当沙盒每次启动时都会被执行 - + On Box Start 沙盒启动阶段 - - + + These commands are run UNBOXED just before the box content is deleted 这些命令将在删除沙盒的内容之前,以非沙盒化的方式被执行 - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. 这些命令只在沙盒被初始化时执行,要使它们再次运行,必须删除沙盒内容 - + On Box Init 沙盒初始阶段 - + Here you can specify actions to be executed automatically on various box events. 在此处可以配置各种沙盒事件中自动执行特定的动作 @@ -8421,32 +8421,32 @@ The process match level has a higher priority than the specificity and describes API 调用跟踪 (需要安装 LogAPI 模块到沙盒目录) - + Log all SetError's to Trace log (creates a lot of output) 记录所有 SetError 到跟踪日志 (将产生大量输出) - + File Trace 文件跟踪 - + Pipe Trace 管道跟踪 - + Access Tracing 访问跟踪 - + Log Debug Output to the Trace Log 调试日志输出到跟踪日志 - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8469,73 +8469,73 @@ instead of "*". Ntdll 系统调用跟踪 (将产生大量输出) - + Disable Resource Access Monitor 禁用资源访问监控器 - + Resource Access Monitor 资源访问监控 - - + + Network Firewall 网络防火墙 - + Debug 调试 - + WARNING, these options can disable core security guarantees and break sandbox security!!! 警告,这些选项可使核心安全保障失效并且破坏沙盒安全! - + These options are intended for debugging compatibility issues, please do not use them in production use. 这些选项是为调试兼容性问题提供的,日常使用者勿碰。 - + App Templates 应用模板 - + Filter Categories 类别筛选 - + Text Filter 文本筛选 - + Add Template 添加模板 - + This list contains a large amount of sandbox compatibility enhancing templates 此列表含有大量的沙盒兼容性增强模板 - + Category 类别 - + Template Folders 目录模板 - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8544,23 +8544,23 @@ Please note that this values are currently user specific and saved globally for 请注意,这些值对当前用户的所有沙盒保存 - - + + Value - + Accessibility 无障碍功能 - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. 要弥补失去的保护,请参考“限制”设置组中的降低权限部分 - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access 屏幕阅读器:JAWS、NVDA、Window-Eyes、系统无障碍接口 @@ -8739,7 +8739,7 @@ Sandboxie 提供了针对这些情况的处理选项,可以在此页面进行 阻止沙盒进程捕获窗口图像(实验性,可能会导致UI故障) - + Use a Sandboxie login instead of an anonymous token 使用 Sandboxie 限权用户替代匿名令牌 @@ -8748,122 +8748,122 @@ Sandboxie 提供了针对这些情况的处理选项,可以在此页面进行 <b><font color='red'>安全提示</font>:</b> 使用 <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 或 <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> 结合 Open[File/Pipe]Path directives 功能会造成安全性下降, <a href="sbie://docs/breakoutdocument">BreakoutDocument</a>允许任意拓展名 * 或不安全拓展名 (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) . 请您在使用前,自行阅读文档中关于安全的部分。 - + Configure which processes can access Desktop objects like Windows and alike. 配置那些进程可以访问桌面组件(例如窗口等) - + DNS Filter DNS 过滤器 - + Add Filter 添加过滤器 - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. 使用 DNS 过滤器可以根据每个进程禁用单个域(域名)。保留 IP 列为空以阻止域名解析或输入 IP 以重定向域名解析。 - + Domain - + Internet Proxy 互联网代理 - + Add Proxy 添加代理 - + Test Proxy 测试代理 - + Auth 认证 - + Login 登陆 - + Password 密码 - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. 沙盒化进程可以被强制使用一个预设的套接字5代理。 - + Resolve hostnames via proxy 通过代理解析主机名 - + Other Options 其它选项 - + Port Blocking 阻止端口 - + Block common SAMBA ports 阻止常见 SAMBA 端口 - + Block DNS, UDP port 53 阻止 DNS、UDP 端口 53 - + Quick Recovery 快速恢复 - + Immediate Recovery 即时恢复 - + Various Options 其它杂项 - + Apply ElevateCreateProcess Workaround (legacy behaviour) 应用 ElevateCreateProcess 解决方案 (传统行为) - + Use desktop object workaround for all processes 对所有进程应用桌面对象解决方案 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. 当短时间连续按下全局热键3次时,此异常将被忽略。 - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. 当调用“终止所有进程”时,排除终止此沙盒的进程。 @@ -8872,33 +8872,33 @@ Sandboxie 提供了针对这些情况的处理选项,可以在此页面进行 此命令在沙盒中的所有进程终止后运行。 - + On Box Terminate 在沙盒所有进程终止时 - + This command will be run before the box content will be deleted 该命令将在删除沙盒内容之前运行 - + On File Recovery 文件恢复阶段 - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked 该命令将在文件恢复前运行,文件路径将作为最先被传递的参数,如果该命令的返回值不为 0,恢复动作将被终止 - + Run File Checker 运行文件检查 - + On Delete Content 内容删除阶段 @@ -8909,7 +8909,7 @@ Sandboxie 提供了针对这些情况的处理选项,可以在此页面进行 - + Process 进程 @@ -8918,63 +8918,63 @@ Sandboxie 提供了针对这些情况的处理选项,可以在此页面进行 阻止对位于该沙盒中的进程的读取访问 - + Add Option 添加选项 - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. 在此处可以配置各个进程的高级选项,以提高兼容性或自定义沙盒的某些行为 - + Option 选项 - + DNS Request Logging DNS 请求日志 - + Syscall Trace (creates a lot of output) 系统调用追踪(产生大量输出) - + Templates 模板 - + Open Template 打开模板 - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. 以下设置允许 Sandboxie 与辅助功能软件结合,请注意:当这些设置生效时,会使 Sandboxie 的部分保护措施失效 - + Edit ini Section 配置文本 - + Edit ini 编辑配置 - + Cancel 取消 - + Save 保存 diff --git a/SandboxiePlus/SandMan/sandman_zh_TW.ts b/SandboxiePlus/SandMan/sandman_zh_TW.ts index 70cc8d99..a6642024 100644 --- a/SandboxiePlus/SandMan/sandman_zh_TW.ts +++ b/SandboxiePlus/SandMan/sandman_zh_TW.ts @@ -7112,8 +7112,8 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - + + Protect the system from sandboxed processes 保護系統免受來自沙箱化處理程序的存取 @@ -7250,12 +7250,12 @@ If you are a great patreaon supporter already, sandboxie can check online for an 列印限制 - + Network restrictions 區域網路限制 - + Block network files and folders, unless specifically opened. 阻止區域網路檔案和資料夾的存取,除非額外開啟。 @@ -7271,18 +7271,18 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - + + + + + + + + + + + + Name 名稱 @@ -7299,98 +7299,98 @@ If you are a great patreaon supporter already, sandboxie can check online for an - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + Remove 移除 - - - - - - - + + + + + + + Type 類型 - + Program Groups 程式群組 - + Add Group 加入群組 - - - - - + + + + + Add Program 加入程式 - + Force Folder 強制執行資料夾 - - - + + + Path 路徑 - + Force Program 強制執行程式 - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + Show Templates 顯示範本 @@ -7465,7 +7465,7 @@ If you are a great patreaon supporter already, sandboxie can check online for an 開放 Windows 憑證儲存存取權限 (使用者模式) - + Prevent change to network and firewall parameters (user mode) 防止對區域網路及防火牆參數的變更 (使用者模式) @@ -7527,17 +7527,17 @@ If you are a great patreaon supporter already, sandboxie can check online for an 允許實用 Windows 處理程序存取受保護的處理程序 - + Use a Sandboxie login instead of an anonymous token 使用 Sandboxie 登入程序替代匿名權杖 - + You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names. Groups defined for the box overwrite groups defined in templates. 您可將程式分組並且給它們一個群組名稱。程式群組可以代替程式名稱被用於某些設定。在沙箱中定義的程式群組將覆蓋範本中定義的程式群組。 - + Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox. 此處輸入的程式,或指定位置啟動的程式,將自動加入此沙箱,除非它們被確定已在其他沙箱啟動。 @@ -7546,33 +7546,33 @@ If you are a great patreaon supporter already, sandboxie can check online for an <b><font color='red'>安全性建議</font>: </b>使用 <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 和/或 <a href=" sbie://docs/breakoutprocess">BreakoutProcess</a> 與 Open[File/Pipe]Path 指令結合使用可能會損害安全性,使用 <a href="sbie://docs/breakoutdocument">BreakoutDocument< /a > 將允許任何 * 或不安全的 (*.exe;*.dll;*.ocx;*.cmd;*.bat;*.lnk;*.pif;*.url;*.ps1;etc…) 副檔名。使用前請查看文件中每個選項的 安全性 部分。 - - + + Stop Behaviour 停止行為 - + Stop Options 停止選項 - + Use Linger Leniency 使用延遲寬容性 - + Don't stop lingering processes with windows 不停止 Windows 的延遲處理程序 - + Start Restrictions 啟動限制 - + Issue message 1308 when a program fails to start 當程式啟動失敗時提示錯誤代碼 1308 @@ -7597,37 +7597,37 @@ If you are a great patreaon supporter already, sandboxie can check online for an * 注意: 安裝至此沙箱內的程式將完全無法啟動。 - + Configure which processes can access Desktop objects like Windows and alike. 設定哪些處理程序可以存取 Windows 等桌面物件。 - + Process Restrictions 處理程序限制 - + Issue message 1307 when a program is denied internet access 當程式被拒絕存取網路時提示錯誤代碼 1307 - + Prompt user whether to allow an exemption from the blockade. 詢問使用者是否允許封鎖豁免。 - + Note: Programs installed to this sandbox won't be able to access the internet at all. 注意: 安裝在此沙箱中的程式將完全無法存取網路。 - - - - - - + + + + + + Access 存取 @@ -7701,13 +7701,13 @@ If you are a great patreaon supporter already, sandboxie can check online for an - + Move Up 向上移 - + Move Down 向下移 @@ -7727,46 +7727,46 @@ If you are a great patreaon supporter already, sandboxie can check online for an 存取隔離 - + Image Protection 映像保護 - + Issue message 1305 when a program tries to load a sandboxed dll 當一個程式試圖載入一個沙箱內部的應用程式擴充 (DLL) 檔案時,提示錯誤代碼 1305 - + Prevent sandboxed programs installed on the host from loading DLLs from the sandbox Prevent sandboxes programs installed on host from loading dll's from the sandbox 防止主機上安裝的沙箱化程式從沙箱載入應用程式擴充 (DLL) 檔案 - + Dlls && Extensions Dll && 擴充功能 - + Description 說明 - + Sandboxie’s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ‘ClosedFilePath=! iexplore.exe,C:Users*’ will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the “Access policies” page. This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself. Sandboxie 的資源存取規則通常對位於沙箱內的二進位程式具有歧視性。OpenFilePath 和 OpenKeyPath 只對主機上的原生程式 (安裝在主機上的) 有效。為了定義沒有此類限制的規則,則必須使用 OpenPipePath 和 OpenConfPath。同樣的,透過否定來定義所有的 Closed(File|Key|Ipc)Path 指令例如:'ClosedFilePath=! iexplore.exe,C:Users*' 將限制沙箱內的程式存取相應資源。這兩種限制原則都可以透過「存取原則」頁面來停用。 這樣做是為了防止沙箱內的流氓處理程序建立自己的重新命名複本並存取受保護的資源。另一個漏洞載體是將一個動態連結程式庫注入到一個被授權處理程序中,以取得對被授權處理程序所允許存取的一切資源的存取權。使用主機映像保護,可以透過阻止在沙箱內執行的應用程式 (安裝在主機上的) 載入來自沙箱的動態連結程式庫來防止此類現象。 - + Sandboxie's functionality can be enhanced by using optional DLLs which can be loaded into each sandboxed process on start by the SbieDll.dll file, the add-on manager in the global settings offers a couple of useful extensions, once installed they can be enabled here for the current box. Sandboxies functionality can be enhanced using optional dll’s which can be loaded into each sandboxed process on start by the SbieDll.dll, the add-on manager in the global settings offers a couple useful extensions, once installed they can be enabled here for the current box. Sandboxie 的功能可以透過使用可選 DLL 加以增強,這些 DLL 可在啟動時透過 SbieDll.dll 檔案載入到每個沙箱處理程序中,全域設定中的附加元件管理員提供了一些實用擴充套件,安裝後可以在此處對目前沙箱啟用。 - + Advanced Security Adcanced Security 進階安全性 @@ -7776,52 +7776,52 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 使用 Sandboxie 限權使用者,而不是匿名權杖 (實驗性) - + Other isolation 其他隔離 - + Privilege isolation 權限隔離 - + Using a custom Sandboxie Token allows to isolate individual sandboxes from each other better, and it shows in the user column of task managers the name of the box a process belongs to. Some 3rd party security solutions may however have problems with custom tokens. 使用自訂 Sandboxie 權杖可以更好地將各個沙箱相互隔離,同時可以實現在工作管理員的使用者欄位中顯示處理程序所屬的沙箱。但是,某些第三方安全性解決方案可能會與自訂權杖產生相容性問題。 - + Program Control 應用程式控制 - + Force Programs 強制沙箱程式 - + Disable forced Process and Folder for this sandbox 停用此沙箱的「強制處理程序/資料夾」規則 - + Breakout Programs 分離程式 - + Breakout Program 分離程式 - + Breakout Folder 分離資料夾 - + Programs entered here will be allowed to break out of this sandbox when they start. It is also possible to capture them into another sandbox, for example to have your web browser always open in a dedicated box. Programs entered here will be allowed to break out of this box when thay start, you can capture them into an other box. For example to have your web browser always open in a dedicated box. This feature requires a valid supporter certificate to be installed. 在此處設定的程式,在啟動時將被允許脫離這個沙箱,您可以把它們擷取到另一個沙箱中。例如,讓網頁瀏覽器總是在一個專門的沙箱內開啟。 @@ -7860,85 +7860,85 @@ This is done to prevent rogue processes inside the sandbox from creating a renam 工作物件 - + <b><font color='red'>SECURITY ADVISORY</font>:</b> Using <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> and/or <a href="sbie://docs/breakoutprocess">BreakoutProcess</a> in combination with Open[File/Pipe]Path directives can compromise security. Please review the security section for each option in the documentation before use. <b><font color='red'>安全性建議</font>:</b> 使用 <a href="sbie://docs/breakoutfolder">BreakoutFolder</a> 和/或 <a href=" sbie://docs/breakoutprocess">BreakoutProcess</a> 與 Open[File/Pipe]Path 指令結合使用可能會損害安全性。使用前請檢查說明文件中每個選項的安全性章節。 - + Lingering Programs 駐留程式 - + Lingering programs will be automatically terminated if they are still running after all other processes have been terminated. 其他所有程式得到終止後,仍在執行的駐留程式將自動終止。 - + Leader Programs 引導程式 - + If leader processes are defined, all others are treated as lingering processes. 如果定義了引導處理程序,其他處理程序將被視作駐留處理程序。 - + This setting can be used to prevent programs from running in the sandbox without the user's knowledge or consent. This can be used to prevent a host malicious program from breaking through by launching a pre-designed malicious program into an unlocked encrypted sandbox. 此設定可用於防止程式在使用者不知情或未經使用者同意的情況下在沙箱中運作。 - + Display a pop-up warning before starting a process in the sandbox from an external source A pop-up warning before launching a process into the sandbox from an external source. 在從外部來源的沙箱中開始執行處理程序前,顯示一則跳出式警告 - + Files 檔案 - + Configure which processes can access Files, Folders and Pipes. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 設定哪些處理程序可以存取檔案、資料夾和管道。 「開放」存取權限只適用於原先已位於沙箱之外的程式二進位檔,您可以使用「完全開放」來對所有程式開放所有權限,或者在「原則」頁籤中改變這一行為。 - + Registry 登錄 - + Configure which processes can access the Registry. 'Open' access only applies to program binaries located outside the sandbox, you can use 'Open for All' instead to make it apply to all programs, or change this behavior in the Policies tab. 設定哪些處理程序可以存取檔案、資料夾和管道。 「開放」存取權限只適用於原先已位於沙箱之外的程式二進位檔,您可以使用「完全開放」來對所有程式開放所有權限,或者在「原則」頁籤中改變這一行為。 - + IPC IPC - + Configure which processes can access NT IPC objects like ALPC ports and other processes memory and context. To specify a process use '$:program.exe' as path. 設定哪些處理程序可以存取 NT IPC 物件,如 ALPC 連接埠及其他處理程序的記憶體和相關執行狀態環境。 如需指定一個處理程序,使用「$:program.exe」作為路徑值。 - + Wnd 視窗 - + Wnd Class Wnd 元件 @@ -7947,132 +7947,132 @@ To specify a process use '$:program.exe' as path. 設定哪些處理程序可以存取桌面物件,如 Windows 或其它類似物件。 - + COM COM - + Class Id 類別識別碼 - + Configure which processes can access COM objects. 設定哪些處理程序可以存取 COM 物件。 - + Don't use virtualized COM, Open access to hosts COM infrastructure (not recommended) 不使用虛擬化 COM,而是開放主機 COM 基礎結構的存取 (不推薦) - + Access Policies 存取原則 - + Network Options 區域網路選項 - + Set network/internet access for unlisted processes: 為未列出的處理程序設定區域網路/網際網路存取權限: - + Test Rules, Program: 測試規則、程式: - + Port: 連接埠: - + IP: IP: - + Protocol: 協定: - + X X - + Add Rule 加入規則 - - - - - - - - - + + + + + + + + + Program 程式 - - + + Action 動作 - - + + Port 連接埠 - - - + + + IP IP - + Protocol 協定 - + CAUTION: Windows Filtering Platform is not enabled with the driver, therefore these rules will be applied only in user mode and can not be enforced!!! This means that malicious applications may bypass them. 警告: 未在驅動程式中啟動 Windows 篩選平台,因此以下規則只能在使用者模式下生效,無法被強制執行!!!惡意程式可能會繞過這些規則的限制。 - + Resource Access 資源存取 - + Add File/Folder 加入檔案/資料夾 - + Add Wnd Class 加入視窗類別 - + Add IPC Path 加入 IPC 路徑 @@ -8117,167 +8117,167 @@ To specify a process use '$:program.exe' as path. 防止沙箱化處理程序擷取視窗影像 (實驗性,可能造成 UI 故障) - + Sandboxie token Sandboxie 權杖 - + Add Reg Key 加入登錄機碼 - + Add COM Object 加入 COM 物件 - + Apply Close...=!<program>,... rules also to all binaries located in the sandbox. 將 Close...=!<program>,... 規則,套用到位於沙箱內的所有相關二進位檔。 - + DNS Filter DNS 過濾器 - + Add Filter 新增過濾器 - + With the DNS filter individual domains can be blocked, on a per process basis. Leave the IP column empty to block or enter an ip to redirect. 使用 DNS 過濾器,可以按處理程序阻止各個網域。將 IP 位址列留空以將其阻止,或輸入 IP 位址以進行重新導向。 - + Domain 域名 - + Internet Proxy 網際網路 Proxy - + Add Proxy 新增 Proxy - + Test Proxy 測試 Proxy - + Auth 憑據 - + Login 登入 - + Password 密碼 - + Sandboxed programs can be forced to use a preset SOCKS5 proxy. 可以強制沙箱化程式使用預定義的 SOCKS5 Proxy。 - + Resolve hostnames via proxy 透過 Proxy 解析主機名稱 - + Other Options 其他選項 - + Port Blocking 封鎖連接埠 - + Block common SAMBA ports 封鎖常見 SAMBA 連接埠 - + Block DNS, UDP port 53 封鎖 DNS UDP 連接埠 53 - + File Recovery 檔案復原 - + Quick Recovery 快速復原 - + Add Folder 加入資料夾 - + Immediate Recovery 即時復原 - + Ignore Extension 忽略副檔名 - + Ignore Folder 忽略資料夾 - + Enable Immediate Recovery prompt to be able to recover files as soon as they are created. 啟用快速復原提示,以便快速復原建立的檔案。 - + You can exclude folders and file types (or file extensions) from Immediate Recovery. 您可以從快速復原中排除特定目錄和檔案類型 (副檔名)。 - + When the Quick Recovery function is invoked, the following folders will be checked for sandboxed content. 當快速復原功能被執行時,下列資料夾將為沙箱化內容被檢查。 - + Advanced Options 進階選項 - + Miscellaneous 雜項 - + Don't alter window class names created by sandboxed programs 不要改變由沙箱化程式建立的視窗類別名稱 - + Do not start sandboxed services using a system token (recommended) 不啟動使用系統權杖的沙箱化服務 (建議) @@ -8285,84 +8285,84 @@ To specify a process use '$:program.exe' as path. - - - - + + + + Protect the sandbox integrity itself 保護沙箱本身的完整性 - + Drop critical privileges from processes running with a SYSTEM token 廢棄以系統權杖執行中的程式的關鍵特權 - - + + (Security Critical) (安全性關鍵) - + Protect sandboxed SYSTEM processes from unprivileged processes 保護沙箱中的系統處理程序免受非特權處理程序的影響 - + Force usage of custom dummy Manifest files (legacy behaviour) 強制使用自訂虛擬 Manifest 檔案 (遺留行為) - + The rule specificity is a measure to how well a given rule matches a particular path, simply put the specificity is the length of characters from the begin of the path up to and including the last matching non-wildcard substring. A rule which matches only file types like "*.tmp" would have the highest specificity as it would always match the entire file path. The process match level has a higher priority than the specificity and describes how a rule applies to a given process. Rules applying by process name or group have the strongest match level, followed by the match by negation (i.e. rules applying to all processes but the given one), while the lowest match levels have global matches, i.e. rules that apply to any process. 規則的明確性是衡量一個給定規則對特定路徑的相符程度,簡單地說,明確性是指從路徑的開始到最後一個相符的非萬用字元子串之間的字元長度。一個只相符「*.tmp」這樣的檔案類型規則將具有最高的明確性,因為它總是符合整個檔案路徑。 處理程序相符級別的優先順序高於明確性,它描述了一條規則如何適用於一個給定的處理程序。按處理程序名稱或組應用的規則具有最高的相符級別,其次是否定式相符 (例如: 適用於相符除給定處理程序以外的所有處理程序的規則),而最低的相符級別是全域符合,即適用於任何處理程序的規則。 - + Prioritize rules based on their Specificity and Process Match Level 基於規則的明確性和處理程序相符級別,對規則進行優先順序排序 - + Privacy Mode, block file and registry access to all locations except the generic system ones 隱私模式,阻止對通用系統目錄之外的所有檔案位置和登錄的存取 - + Access Mode 存取權限模式 - + When the Privacy Mode is enabled, sandboxed processes will be only able to read C:\Windows\*, C:\Program Files\*, and parts of the HKLM registry, all other locations will need explicit access to be readable and/or writable. In this mode, Rule Specificity is always enabled. 當啟用隱私模式時,沙箱化處理程序將只能讀取 C:\Windows\*、C:\Program Files\* 和登錄 HKLM 的部分內容,除此之外的所有其它位置都需要明確的存取授權才能被讀取或寫入。在此模式下,明確性規則將總是被啟用。 - + Rule Policies 規則原則 - + Apply File and Key Open directives only to binaries located outside the sandbox. 套用檔案和金鑰開放指令權限 (僅對位於沙箱之外的二進位檔)。 - + Start the sandboxed RpcSs as a SYSTEM process (not recommended) 以系統處理程序啟動沙箱化服務 RpcSs (不推薦) - + Allow only privileged processes to access the Service Control Manager 僅允許已有特權的處理程序存取服務控制管理員 - - + + Compatibility 相容性 @@ -8372,7 +8372,7 @@ The process match level has a higher priority than the specificity and describes 加入沙箱化處理程序至作業物件 (推薦) - + Emulate sandboxed window station for all processes 為所有處理程序模擬沙箱化視窗站台 @@ -8406,7 +8406,7 @@ The process match level has a higher priority than the specificity and describes 允許讀取非沙箱處理程序的記憶體 (不推薦) - + Disable the use of RpcMgmtSetComTimeout by default (this may resolve compatibility issues) 預設情況下停用 RpcMgmtSetComTimeout (這可能會解決相容性問題) @@ -8431,56 +8431,56 @@ The process match level has a higher priority than the specificity and describes 以下選項可以在您未授予管理員許可時安全的使用。 - + Triggers 觸發器 - + Event 事件 - - - - + + + + Run Command 執行命令 - + Start Service 啟動服務 - + These events are executed each time a box is started 這些事件當沙箱每次啟動時都會被執行 - + On Box Start 沙箱啟動階段 - - + + These commands are run UNBOXED just before the box content is deleted 這些命令將在刪除沙箱的內容之前,以非沙箱化的方式被執行 - + Allow use of nested job objects (works on Windows 8 and later) 允許使用嵌套作業物件 (job object) (適用於 Windows 8 及更高版本) - + These commands are executed only when a box is initialized. To make them run again, the box content must be deleted. 這些命令只在沙箱被初始化時執行。要使它們再次執行,必須刪除沙箱內容。 - + On Box Init 沙箱初始化階段 @@ -8489,27 +8489,27 @@ The process match level has a higher priority than the specificity and describes 此命令在沙箱中所有處理程序完成後執行。 - + On Box Terminate 沙箱終止階段 - + Here you can specify actions to be executed automatically on various box events. 在這裡,您可以設定各種沙箱事件中自動執行特定的動作。 - + Hide Processes 隱藏處理程序 - + Add Process 加入處理程序 - + Hide host processes from processes running in the sandbox. 面向沙箱內執行的處理程序隱藏的主機處理程序。 @@ -8524,63 +8524,63 @@ The process match level has a higher priority than the specificity and describes 限制 - + Various Options 差異性選項 - + Apply ElevateCreateProcess Workaround (legacy behaviour) 套用 ElevateCreateProcess 因應措施 (遺留行為) - + Use desktop object workaround for all processes 對所有處理程序使用桌面物件因應措施 - + When the global hotkey is pressed 3 times in short succession this exception will be ignored. 當全域性快速鍵在短時間連續按下 3 次時,此異常將被忽略。 - + Exclude this sandbox from being terminated when "Terminate All Processes" is invoked. 當呼叫「終止所有處理程序」時,排除此沙箱。 - + These commands are run UNBOXED after all processes in the sandbox have finished. 這些指令將在沙箱內全部處理程序完成後以「未沙箱化」狀態執行。 - + This command will be run before the box content will be deleted 該命令將在刪除沙箱內容之前執行 - + On File Recovery 檔案復原階段 - + This command will be run before a file is being recovered and the file path will be passed as the first argument. If this command returns anything other than 0, the recovery will be blocked This command will be run before a file is being recoverd and the file path will be passed as the first argument, if this command return something other than 0 the recovery will be blocked 該命令將在檔案復原前執行,檔案路徑將作為第一個參數被傳遞,如果該命令的返回值不是 0,則復原將被阻止 - + Run File Checker 執行檔案檢查程式 - + On Delete Content 內容刪除階段 - + Don't allow sandboxed processes to see processes running in other boxes 不允許沙箱內的處理程序檢視其他沙箱內執行的處理程序 @@ -8591,7 +8591,7 @@ The process match level has a higher priority than the specificity and describes - + Process 處理程序 @@ -8600,22 +8600,22 @@ The process match level has a higher priority than the specificity and describes 阻止對位於該沙箱中的處理程序的讀取 - + Users 使用者 - + Restrict Resource Access monitor to administrators only 僅允許管理員存取資源存取監控 - + Add User 加入使用者 - + Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts. Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox. @@ -8624,23 +8624,23 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to 注意: 沙箱的強制沙箱程式及資料夾設定不適用於不能使用沙箱的帳戶。 - + Add Option 加入選項 - + Here you can configure advanced per process options to improve compatibility and/or customize sandboxing behavior. Here you can configure advanced per process options to improve compatibility and/or customize sand boxing behavior. 在此處可以設定各個處理程序的進階選項,以提高相容性或自訂沙箱的某些行為。 - + Option 選項 - + Tracing 追蹤 @@ -8649,22 +8649,22 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to API 呼叫追蹤 (需要在沙箱資料夾中安裝 LogAPI) - + Pipe Trace Pipe 追蹤 - + Log all SetError's to Trace log (creates a lot of output) 記錄所有 SetError 至追蹤日誌 (產生大量輸出) - + Log Debug Output to the Trace Log 紀錄偵錯輸出至追蹤日誌 - + Log all access events as seen by the driver to the resource access log. This options set the event mask to "*" - All access events @@ -8687,113 +8687,113 @@ instead of "*". Ntdll 系統呼叫追蹤 (將產生大量輸出) - + File Trace 檔案追蹤 - + Disable Resource Access Monitor 停用資源存取監控 - + IPC Trace IPC 追蹤 - + GUI Trace GUI 追蹤 - + Resource Access Monitor 資源存取監控 - + Access Tracing 存取追蹤 - + COM Class Trace COM 類別追蹤 - + Key Trace 機碼追蹤 - + To compensate for the lost protection, please consult the Drop Rights settings page in the Restrictions settings group. 為了彌補失去的保護,請參考「限制」設定組中的「廢棄許可」部分。 - - + + Network Firewall 區域網路防火牆 - + API call Trace (traces all SBIE hooks) API 呼叫追蹤 (追蹤全部 SBIE 勾點) - + Debug 偵錯 - + WARNING, these options can disable core security guarantees and break sandbox security!!! 警告,這些選項可使核心安全性保障失效並且破壞沙箱安全性! - + These options are intended for debugging compatibility issues, please do not use them in production use. 這些選項是為偵錯相容性問題設計的,請勿用於生產力用途。 - + App Templates 軟體範本 - + Filter Categories 篩選類別 - + Text Filter 篩選文字 - + Add Template 加入範本 - + This list contains a large amount of sandbox compatibility enhancing templates 此清單含有大量的相容性增強範本 - + Category 類別 - + Template Folders 範本資料夾 - + Configure the folder locations used by your other applications. Please note that this values are currently user specific and saved globally for all boxes. @@ -8802,24 +8802,24 @@ Please note that this values are currently user specific and saved globally for 請注意,這些值為目前使用者針對所有沙箱儲存。 - - + + Value - + Limit restrictions 上限限制 - - + + Leave it blank to disable the setting(Unit:KB) 留空以停用設定 (單位: KB) - + Leave it blank to disable the setting 留空以停用設定 @@ -8829,84 +8829,84 @@ Please note that this values are currently user specific and saved globally for 總計處理程序數量限制: - + Total Processes Memory Limit: 總計處理程序記憶體限制: - + Single Process Memory Limit: 單一處理程序記憶體限制: - + Don't allow sandboxed processes to see processes running outside any boxes 不允許沙箱化處理程序發現在任何沙箱外執行的處理程序 - + Prevent sandboxed processes from accessing system details through WMI Prevent sandboxed processes from accessing system deatils through WMI 阻止沙箱化處理程序透過 WMI 存取系統詳細資訊 - + Some programs retrieve system details via WMI (Windows Management Instrumentation), a built-in Windows database, rather than using conventional methods. For instance, 'tasklist.exe' can access a complete list of processes even if 'HideOtherBoxes' is enabled. Enable this option to prevent such behavior. Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior. 某些程式透過 WMI (Windows 管理規範),一個內建的 Windows 資料庫,檢索作業系統詳細資訊,而不是使用通常方法。例如,即使啟用了「HideOtherBoxes」(隱藏其他沙箱),「tasklist.exe」也可以存取完整的處理程序清單。啟用此選項可以防止此類行為。 - + DNS Request Logging DNS 請求日誌紀錄 - + Syscall Trace (creates a lot of output) Syscall 追蹤 (建立大量輸出) - + Templates 範本 - + Open Template 開啟範本 - + Accessibility 協助工具 - + Screen Readers: JAWS, NVDA, Window-Eyes, System Access 螢幕閱讀器: JAWS、NVDA、Window-Eyes、系統協助工具 - + The following settings enable the use of Sandboxie in combination with accessibility software. Please note that some measure of Sandboxie protection is necessarily lost when these settings are in effect. 以下設定允許 Sandboxie 與協助工具軟體結合。請注意當這些設定生效時,必然會失去部分 Sandboxie 保護措施。 - + Edit ini Section 編輯 ini 區段 - + Edit ini 編輯 ini - + Cancel 取消 - + Save 儲存 diff --git a/SandboxiePlus/version.h b/SandboxiePlus/version.h index 46116b7c..f7782510 100644 --- a/SandboxiePlus/version.h +++ b/SandboxiePlus/version.h @@ -2,7 +2,7 @@ #define VERSION_MJR 1 #define VERSION_MIN 14 -#define VERSION_REV 3 +#define VERSION_REV 4 #define VERSION_UPD 0 #ifndef STR