mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.12.6

This commit is contained in:
DavidXanatos 2023-12-21 14:26:33 +01:00
parent 6419d1c5d8
commit 731a5796bf
5 changed files with 41 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -10,6 +10,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
todo: improve behaviorue of toolbar customization menu todo: improve behaviorue of toolbar customization menu
### Fixed ### Fixed
- fixed Sandboxie-Plus 1.12.4 + failed to start start.exe in confidential box [#3514](https://github.com/sandboxie-plus/Sandboxie/issues/3514)
- fixed fix for [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475) not working without FileRootPath being explicitly set - fixed fix for [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475) not working without FileRootPath being explicitly set
- fixed "The directory name is invalid" when starting a process in a encrypted private box [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475) - fixed "The directory name is invalid" when starting a process in a encrypted private box [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475)

6
Sandboxie/core/drv/file_flt.c
View File

@ -505,7 +505,11 @@ check:
//DbgPrint("IRP_MJ_CREATE: %S\n", root->file_root); //DbgPrint("IRP_MJ_CREATE: %S\n", root->file_root);
if (Util_IsProtectedProcess(PsGetCurrentProcessId())) //
// csrss.exe needs acces to binaries of starting up processes,
//
if (Util_IsCsrssProcess(PsGetCurrentProcessId()))
break; break;
status = STATUS_ACCESS_DENIED; status = STATUS_ACCESS_DENIED;

4
Sandboxie/core/drv/thread.c
View File

@ -1202,7 +1202,9 @@ _FX ACCESS_MASK Thread_CheckObject_CommonEx(
// //
if (protect_process /*&& MyIsProcessRunningAsSystemAccount(cur_pid)*/) { if (protect_process /*&& MyIsProcessRunningAsSystemAccount(cur_pid)*/) {
if ((_wcsicmp(nptr, SBIESVC_EXE) == 0) || Util_IsProtectedProcess(cur_pid) if ((_wcsicmp(nptr, SBIESVC_EXE) == 0)
|| Util_IsCsrssProcess(cur_pid)
|| Util_IsProtectedProcess(cur_pid)
|| (_wcsicmp(nptr, L"conhost.exe") == 0) || (_wcsicmp(nptr, L"conhost.exe") == 0)
|| (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0)) || (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0))
protect_process = FALSE; protect_process = FALSE;

30
Sandboxie/core/drv/util.c
View File

@ -446,6 +446,36 @@ retry:
} }
//---------------------------------------------------------------------------
// Util_IsCsrssProcess
//---------------------------------------------------------------------------
NTKERNELAPI PCHAR NTAPI PsGetProcessImageFileName(_In_ PEPROCESS Process);
_FX BOOLEAN Util_IsCsrssProcess(HANDLE pid)
{
PEPROCESS ProcessObject;
NTSTATUS status;
PCHAR ImageFileName;
BOOLEAN ret = FALSE;
if (!MyIsProcessRunningAsSystemAccount(pid))
return FALSE;
status = PsLookupProcessByProcessId(pid, &ProcessObject);
if (NT_SUCCESS(status)) {
ImageFileName = PsGetProcessImageFileName(ProcessObject);
ret = (_stricmp(ImageFileName, "csrss.exe") == 0);
ObDereferenceObject(ProcessObject);
}
return ret;
}
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// Util_IsProtectedProcess // Util_IsProtectedProcess
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------

2
Sandboxie/core/drv/util.h
View File

@ -109,6 +109,8 @@ NTSTATUS MyValidateCertificate(void);
HANDLE Util_GetProcessPidByName(const WCHAR* name); HANDLE Util_GetProcessPidByName(const WCHAR* name);
BOOLEAN Util_IsCsrssProcess(HANDLE pid);
BOOLEAN Util_IsProtectedProcess(HANDLE pid); BOOLEAN Util_IsProtectedProcess(HANDLE pid);
LARGE_INTEGER Util_GetTimestamp(void); LARGE_INTEGER Util_GetTimestamp(void);