mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Update NewBoxWizard 

- added checkbox for PromptForInternetAccess option
- improved boxToken checkbox
This commit is contained in:
offhub 2024-06-14 19:09:00 +03:00
parent 7a2a6e1728
commit 7b771c35a8
No known key found for this signature in database
GPG Key ID: 7B12A8941851DA59
3 changed files with 60 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -12,6 +12,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- fixed issue with "UseCreateToken=y" when using a MSFT online account
- fixed Export sandbox not containing hidden files [#3980](https://github.com/sandboxie-plus/Sandboxie/issues/3980) (thanks L4cache)
### Added
- added checkbox for PromptForInternetAccess option to the New Box Wizard

73
SandboxiePlus/SandMan/Wizards/NewBoxWizard.cpp
View File

@ -21,7 +21,7 @@ CNewBoxWizard::CNewBoxWizard(bool bAlowTemp, QWidget *parent)
setPage(Page_Isolation, new CIsolationPage);
setPage(Page_Advanced, new CAdvancedPage);
setPage(Page_Summary, new CSummaryPage);
m_bAdvanced = theConf->GetBool("Options/AdvancedBoxWizard", false);
setWizardStyle(ModernStyle);
@ -96,7 +96,7 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
if (!Status.IsError())
{
CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName);
// SharedTemplate
QElapsedTimer timer;
timer.start();
@ -187,12 +187,12 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
case CSandBoxPlus::eHardened:
pBox->SetBool("UseSecurityMode", true);
break;
case CSandBoxPlus::eDefaultPlus:
pBox->SetBool("UsePrivacyMode", true);
case CSandBoxPlus::eDefault:
break;
case CSandBoxPlus::eAppBoxPlus:
pBox->SetBool("UsePrivacyMode", true);
case CSandBoxPlus::eAppBox:
@ -201,22 +201,22 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
pBox->InsertText("Template", "RpcPortBindingsExt");
break;
}
if (BlackBox) {
pBox->SetBool("UseFileImage", true);
pBox->SetBool("ConfidentialBox", true);
}
QRgb rgb = theGUI->GetBoxColor(BoxType);
pBox->SetText("BorderColor", QString("#%1%2%3").arg(qBlue(rgb), 2, 16, QChar('0')).arg(qGreen(rgb), 2, 16, QChar('0')).arg(qRed(rgb), 2, 16, QChar('0')) + ",ttl");
QString Location = field("boxLocation").toString();
if (!Location.isEmpty()) {
pBox->SetText("FileRootPath", Location);
theAPI->UpdateBoxPaths(pBox.data());
}
if (field("boxVersion").toInt() == 1) {
pBox->SetBool("UseFileDeleteV2", true);
pBox->SetBool("UseRegDeleteV2", true);
@ -225,7 +225,7 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
pBox->SetBool("SeparateUserFolders", false);
if(field("useVolumeSN").toBool())
pBox->SetBool("UseVolumeSerialNumbers", true);
if (field("autoRemove").toBool()) {
pBox->SetBool("AutoDelete", true);
pBox->SetBool("AutoRemove", true);
@ -234,7 +234,7 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
pBox->SetBool("AutoDelete", true);
if(field("autoRecover").toBool())
pBox->SetBool("AutoRecover", true);
if (field("blockNetwork").toInt() == 1) { // device based
//pBox->InsertText("AllowNetworkAccess", "<BlockNetAccess>,n");
pBox->InsertText("ClosedFilePath", "!<InternetAccess>,InternetAccessDevices");
@ -247,7 +247,12 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
}
pBox->SetBool("BlockNetworkFiles", !field("shareAccess").toBool());
bool bAllowNetwork = field("blockNetwork").toInt() == 0;
if (field("promptAccess").toBool() && !bAllowNetwork)
pBox->SetBool("PromptForInternetAccess", true);
bool bHardened = (BoxType == CSandBoxPlus::eHardenedPlus || BoxType == CSandBoxPlus::eHardened);
bool bAppBox = (BoxType == CSandBoxPlus::eAppBoxPlus || BoxType == CSandBoxPlus::eAppBox);
bool bDropAdmin = field("dropAdmin").toBool();
if (field("dropAdmin").toBool() && !bHardened)
pBox->SetBool("DropAdminRights", true);
@ -258,7 +263,7 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
if(field("msiServer").toBool() && !bDropAdmin && !bHardened)
pBox->SetBool("MsiInstallerExemptions", true);
if(field("boxToken").toBool())
if(field("boxToken").toBool() && !bAppBox)
pBox->SetBool("SandboxieLogon", true);
if(field("imagesProtection").toBool())
@ -278,7 +283,7 @@ SB_STATUS CNewBoxWizard::TryToCreateBox()
" please switch to the Virtualization Scheme to Version 1 and report the issue,"
" the option to change this preset can be found in the Box Options in the Box Structure group.")
, tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information);
if (State)
theConf->SetValue("Options/WarnDeleteV2", false);
}
@ -404,7 +409,7 @@ CBoxTypePage::CBoxTypePage(bool bAlowTemp, QWidget *parent)
AddBoxType(tr("<a href=\"sbie://docs/compartment-mode\">Application Compartment</a> Box"), (int)CSandBoxPlus::eAppBox,
tr("This box type prioritizes compatibility while still providing a good level of isolation. It is designed for running trusted applications within separate compartments. \n"
"While the level of isolation is reduced compared to other box types, it offers improved compatibility with a wide range of applications, ensuring smooth operation within the sandboxed environment."));
QWidget* pGap = new QWidget();
pGap->setMinimumHeight(4);
layout->addWidget(pGap, row++, 1, 1, 2);
@ -597,7 +602,7 @@ CFilesPage::CFilesPage(QWidget *parent)
layout->addWidget(pFileLabel, row++, 0);
layout->addItem(new QSpacerItem(40, 20, QSizePolicy::Expanding, QSizePolicy::Minimum), 0, 2, 1, 1);
// Location
QLineEdit* pDummy = new QLineEdit();
pDummy->setVisible(false);
@ -668,7 +673,7 @@ int CFilesPage::nextId() const
{
return CNewBoxWizard::Page_Isolation;
}
void CFilesPage::initializePage()
{
m_pBoxLocation->clear();
@ -729,6 +734,7 @@ CIsolationPage::CIsolationPage(QWidget *parent)
pNetAccess->addItem(tr("Block network/internet using Windows Filtering Platform"));
pNetAccess->setCurrentIndex(theConf->GetInt("BoxDefaults/BlockNetwork", 0));
layout->addWidget(pNetAccess, row++, 1, 1, 3);
connect(pNetAccess, SIGNAL(currentIndexChanged(int)), this, SLOT(OnBlockNetworkChanged(int)));
registerField("blockNetwork", pNetAccess);
m_pShareAccess = new QCheckBox(tr("Allow access to network files and folders"));
@ -737,6 +743,11 @@ CIsolationPage::CIsolationPage(QWidget *parent)
layout->addWidget(m_pShareAccess, row++, 1, 1, 3);
registerField("shareAccess", m_pShareAccess);
m_pPromptAccess = new QCheckBox(tr("Prompt user whether to allow an exemption from the blockade"));
m_pPromptAccess->setChecked(theConf->GetBool("BoxDefaults/PromptAccess", false));
layout->addWidget(m_pPromptAccess, row++, 1, 1, 3);
registerField("promptAccess", m_pPromptAccess);
QLabel* pAdminLabel = new QLabel(tr("Admin Options"), this);
pAdminLabel->setFont(fnt);
@ -785,7 +796,7 @@ int CIsolationPage::nextId() const
{
return CNewBoxWizard::Page_Advanced;
}
void CIsolationPage::initializePage()
{
int BoxType = wizard()->field("boxType").toInt();
@ -798,7 +809,14 @@ void CIsolationPage::initializePage()
m_pDropAdmin->setChecked(bDropAdmin || bHardened);
bool bAppBox = (BoxType == CSandBoxPlus::eAppBoxPlus || BoxType == CSandBoxPlus::eAppBox);
bool bBoxToken = field("boxToken").toBool();
m_pBoxToken->setEnabled(!bAppBox);
m_pBoxToken->setChecked(!bAppBox && bBoxToken);
bool bAllowNetwork = field("blockNetwork").toInt() == 0;
bool bPromptAccess = field("promptAccess").toBool();
m_pPromptAccess->setEnabled(!bAllowNetwork);
m_pPromptAccess->setChecked(!bAllowNetwork && bPromptAccess);
}
bool CIsolationPage::validatePage()
@ -815,6 +833,20 @@ void CIsolationPage::OnDropAdminChanged(int state) {
else {
// If m_pDropAdmin is unchecked, enable m_pMSIServer
m_pMSIServer->setEnabled(true);
m_pMSIServer->setChecked(theConf->GetBool("BoxDefaults/MsiExemptions", false));
}
}
void CIsolationPage::OnBlockNetworkChanged(int index) {
if (index == 0) {
// If network access is allowed, disable m_pPromptAccess
m_pPromptAccess->setEnabled(false);
m_pPromptAccess->setChecked(false);
}
else {
// If network access is blocked, enable m_pPromptAccess
m_pPromptAccess->setEnabled(true);
m_pPromptAccess->setChecked(theConf->GetBool("BoxDefaults/PromptAccess", false));
}
}
@ -892,7 +924,7 @@ int CAdvancedPage::nextId() const
{
return CNewBoxWizard::Page_Summary;
}
void CAdvancedPage::initializePage()
{
}
@ -944,7 +976,7 @@ CSummaryPage::CSummaryPage(QWidget *parent)
m_pSetInstant = new QCheckBox(tr("Skip this summary page when advanced options are not set"));
m_pSetInstant->setChecked(theConf->GetBool("Options/InstantBoxWizard", false));
layout->addWidget(m_pSetInstant, row++, 1, 1, 2);
setLayout(layout);
}
@ -993,6 +1025,7 @@ bool CSummaryPage::validatePage()
theConf->SetValue("BoxDefaults/BlockNetwork", field("blockNetwork").toInt());
theConf->SetValue("BoxDefaults/ShareAccess", field("shareAccess").toBool());
theConf->SetValue("BoxDefaults/PromptAccess", field("promptAccess").toBool());
theConf->SetValue("BoxDefaults/DropAdmin", field("dropAdmin").toBool());
theConf->SetValue("BoxDefaults/FakeAdmin", field("fakeAdmin").toBool());
@ -1000,7 +1033,7 @@ bool CSummaryPage::validatePage()
theConf->SetValue("BoxDefaults/BoxToken", field("boxToken").toBool());
theConf->SetValue("BoxDefaults/ImagesProtection", field("imagesProtection").toBool());
theConf->SetValue("BoxDefaults/CoverBoxedWindows", field("coverBoxedWindows").toBool());
theConf->SetValue("BoxDefaults/CoverBoxedWindows", field("coverBoxedWindows").toBool());
theConf->SetValue("BoxDefaults/SharedTemplate", field("sharedTemplate").toInt());
}

4
SandboxiePlus/SandMan/Wizards/NewBoxWizard.h
View File

@ -118,11 +118,15 @@ public:
bool validatePage() override;
void OnDropAdminChanged(int state);
private slots:
void OnBlockNetworkChanged(int index);
private:
QCheckBox* m_pShareAccess;
QCheckBox* m_pMSIServer;
QCheckBox* m_pDropAdmin;
QCheckBox* m_pBoxToken;
QCheckBox* m_pPromptAccess;
};