mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Merge pull request #9 from sandboxie-plus/master 

Update Fork
This commit is contained in:
Sebastian G 2021-01-06 19:14:10 +01:00 committed by GitHub
parent 83695e000d 52bae6e563
commit 7fee00d685
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
52 changed files with 12400 additions and 3342 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
CHANGELOG.md
View File

@ -3,50 +3,105 @@ All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## [0.5.3b / 5.45.2] - 2021-01-02
### Added
- added settings for the portable boxed root folder option
- added process name to resource log
- added command line column to the process view in the SandMan UI
### Fixed
- fixed a few issues with group handling
- fixed issue with GetRawInputDeviceInfo when running a 32 bit program on a 64 bit system
- fixed issue when pressing apply in the "Resource Access" tab; the last edited value was not always applied
- fixed issue merging entries in resource access monitor
## [0.5.3a / 5.45.2] - 2020-12-29
### Added
- added prompt to choose if links in the SandMan UI should be opened in a sandboxed or unsandboxed browser
- added more recovery options
- added "ClosedClsid=" to block com objects from being used when they cause compatibility issues
- added "ClsidTrace=*" option to trace COM usage
- added "ClosedRT=" option to block access to problematic Windows RT interfaces
- added option to make a link for any selected process to SandMan UI
- added option to reset all hidden messages
- added more process presets "force program" and "allow internet access"
- added "SpecialImage=chrome,some_electron_app.exe" option to sandboxie.ini, valid image types "chrome", "firefox"
-- with this option you can enable special hardcoded workarounds to new obscure forks of those browsers
- added German translation (thanks bastik-1001) to the SandMan UI
- added Russian translation (thanks lufog) to the SandMan UI
- added Portuguese translation (thanks JNylson ) to the SandMan UI
### Changed
- changed docs and update URLs to the new sandboxie-plus.com domain
- greatly improved the setup script (thanks mpheath)
- "OpenClsid=" and "ClosedClsid=" now support specifying a program or group name
- by default, when started in portable mode, the sandbox folder will be located in the parent directory of the sandboxie instance
### Fixed
- grouping menu not fully working in the new SandMan UI
- fixed not being able to set quick recovery in SandMan UI
- fixed resource leak when loading process icons in SandMan UI
- fixed issue with OpenToken debug options
- fixed Chrome crashing on websites that cause the invocation of "FindAppUriHandlersAsync"
- fixed issue connecting to the driver when starting in portable mode
- fixed missing template setup when creating new boxes
### removed
- removed obsolete "OpenDefaultClsid=n" use "ClosedClsid=" with the apropriate values instead
- removed suspend/resume menu entry, pooling that state wastes substantial CPU cycles; use task explorer for that functionality
## [0.5.2a / 5.45.1] - 2020-12-23
### Fixed
- fixed translation support in the sandman ui
- fixed translation support in the SandMan UI
- fixed sandboxed explorer issue
- fixed simplified Chinese localization
## [0.5.2 / 5.45.1] - 2020-12-23
### Added
- added advanced new box creation dialog to sandman ui
- added advanced new box creation dialog to SandMan UI
- added show/hide tray context menu entry
- added refresh button to file recovery dialog
- added mechanism to load icons from {install-dir}/Icons/{icon}.png for UI customization
- added tray indicator to show disabled forced program status in the sandman ui
- added program name suggestions to box options in sandman ui
- added tray indicator to show disabled forced program status in the SandMan UI
- added program name suggestions to box options in SandMan UI
- added saving of column sizes in the options window
### Changed
- reorganized the advanced box options a bit
- changed icons (thanks Valinwolf for picking the new once)
- changed icons (thanks Valinwolf for picking the new ones)
- updated Template.ini (thanks isaak654)
- increates max value for disable forced process time in sandman ui
- increates max value for disable forced process time in SandMan UI
### Fixed
- fixed BSOD introduced in 5.45.0 when using windows 10 "Core isolation"
- fixed BSOD introduced in 5.45.0 when using Windows 10 "core isolation"
- fixed minor issue with lingering/leader processes
- fixed menu issue in sandman ui
- fixed issue with stop behaviour page in sandman ui
- fixed menu issue in SandMan UI
- fixed issue with stop behaviour page in SandMan UI
- fixed issue with Plus installer not displaying kmdutil window
- fixed sandman UI saving ui settings on windows shutdown
- fixed SandMan UI saving UI settings on windows shutdown
- fixed issue with Plus installer autorun
- fixed issue with legacy installer not removing all files
- fixed a driver compatibility issue with windows 20H1 and later
-- this solves "stop pending", line messager hanging and other issues...
- fixed a driver compatibility issue with Windows 20H1 and later
-- this solves "stop pending", LINE messenger hanging and other issues...
- fixed quick recovery issue in SbieCtrl.exe introduced in 5.45.0
- fixed issue advanced hide process settings, not saving
- fixed issue advanced hide process settings not saving
- fixed some typos in the UI (thanks isaak654)
- fixed issue with GetRawInputDeviceInfo failing when boxed processes are put in a job object
-- this fix resolves issues with CP2077 and other PC Games not getting keyboard input (thanks Rostok)
-- this fix resolves issues with CP2077 and other games not getting keyboard input (thanks Rostok)
- fixed failing ClipCursor won't longer span the message log
- fixed issue with adding recovery folders in sandman ui
- fixed issue with office 2019 template when using a non-default sbie install location
- fixed issue with adding recovery folders in SandMan UI
- fixed issue with Office 2019 template when using a non-default Sbie install location
- fixed issue setting last access attribute on sandboxed folders
- fixed issue with process start signal
@ -55,10 +110,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [0.5.1 / 5.45.0] - 2020-12-12
### Added
- Added simple view mode
- added simple view mode
### Changed
- Updated SandMan UI to use Qt5.15.1
- updated SandMan UI to use Qt5.15.1
### Fixed
- fixed crash issue with progress dialog

8
README.md
View File

@ -22,10 +22,14 @@ Open Source release
- isaak654 - UI fixes and Templates
- cricri-pingouin - UI fixes
- Valinwolf - UI / Icons
- mpheath - help with inno setup
### Translators
- nkh0472
- bastik-1001
- yuhao2348732 - ZH
- nkh0472 - CN
- bastik-1001 - DE
- JNylson - PT
- lufog - RU
More volunteers welcome ;)

4
Sandboxie/apps/common/RunBrowser.cpp
View File

@ -135,7 +135,7 @@ void CRunBrowser::OnNo()
CString CRunBrowser::GetTopicUrl(const CString &topic)
{
return L"https://xanasoft.com/Sandboxie/" + topic;
return L"https://sandboxie-plus.com/go.php?to=sbie-" + topic;
}
@ -156,5 +156,5 @@ void CRunBrowser::OpenHelp(CWnd *pParentWnd, const CString &topic)
void CRunBrowser::OpenForum(CWnd *pParentWnd)
{
CRunBrowser x(pParentWnd, L"https://forum.xanasoft.com/");
CRunBrowser x(pParentWnd, L"https://sandboxie-plus.com/go.php?to=sbie-forum");
}

4
Sandboxie/apps/control/MyFrame.cpp
View File

@ -230,7 +230,7 @@ CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync)
AdjustSizePosition(left, top, width, height);
ULONG exStyle = (CMyApp::m_LayoutRTL) ? WS_EX_LAYOUTRTL : 0;
CString strTitle = CMyApp::m_appTitle + " - xanasoft.com";
CString strTitle = CMyApp::m_appTitle + " - " MY_COMPANY_NAME_STRING;
CreateEx( exStyle, (LPCTSTR)CMyApp::m_atom, strTitle,
WS_OVERLAPPEDWINDOW | WS_CAPTION | WS_SYSMENU,
left, top, width, height,
@ -976,7 +976,7 @@ void CMyFrame::OnCmdConfReload()
void CMyFrame::OnCmdHelpSupport()
{
CRunBrowser x(this, L"https://xanasoft.com/go.php?to=donate");
CRunBrowser x(this, L"https://sandboxie-plus.com/go.php?to=donate");
}

1
Sandboxie/apps/control/SbieIni.cpp
View File

@ -36,7 +36,6 @@
#define REQUEST_LEN 4096
#define CONF_LINE_LEN 2000 // keep in sync with drv/conf.c
//---------------------------------------------------------------------------

2
Sandboxie/apps/control/Updater.cpp
View File

@ -250,7 +250,7 @@ BOOLEAN CUpdater::QueryUpdateData(UPDATER_DATA* Context)
if (!update_key.IsEmpty())
Path += L"&update_key=" + update_key;
if (!DownloadUpdateData(L"xanasoft.com", Path, &jsonString, NULL)) {
if (!DownloadUpdateData(L"sandboxie-plus.com", Path, &jsonString, NULL)) {
Context->ErrorCode = GetLastError();
goto CleanupExit;
}

10
Sandboxie/common/my_version.h
View File

@ -21,8 +21,8 @@
#ifndef _MY_VERSION_H
#define _MY_VERSION_H
#define MY_VERSION_BINARY 5,45,1
#define MY_VERSION_STRING "5.45.1"
#define MY_VERSION_BINARY 5,45,2
#define MY_VERSION_STRING "5.45.2"
#define MY_VERSION_COMPAT "5.45.0" // this refers to the driver ABI compatibility
// These #defines are used by either Resource Compiler, or by NSIC installer
@ -31,9 +31,9 @@
#define SBIE_INSTALLER_PATH_64 "..\\Bin\\x64\\SandboxieInstall64.exe"
#define MY_PRODUCT_NAME_STRING "Sandboxie"
#define MY_COMPANY_NAME_STRING "xanasoft.com"
#define MY_COPYRIGHT_STRING "Copyright © 2020-2021 by David Xanatos (xanasoft.com)"
#define MY_COPYRIGHT_STRING_OLD "Copyright © 2004-2020 by Sandboxie Holdings, LLC"
#define MY_COMPANY_NAME_STRING "sandboxie-plus.com"
#define MY_COPYRIGHT_STRING "Copyright © 2020-2021 by David Xanatos (xanasoft.com)"
#define MY_COPYRIGHT_STRING_OLD "Copyright © 2004-2020 by Sandboxie Holdings, LLC"
#define SANDBOXIE L"Sandboxie"
#define SBIE L"SBIE"

380
Sandboxie/core/dll/com.c
View File

@ -156,6 +156,8 @@ static void Com_Trace(
static void Com_Monitor(REFCLSID rclsid, USHORT monflag);
#define HSTRING void*
static HRESULT Com_RoGetActivationFactory(HSTRING activatableClassId, REFIID iid, void** factory);
//---------------------------------------------------------------------------
@ -210,6 +212,9 @@ typedef HRESULT (*P_CreateStubFromTypeInfo)(
typedef void *(*P_CoTaskMemAlloc)(ULONG cb);
typedef HRESULT (*P_RoGetActivationFactory)(HSTRING activatableClassId, REFIID iid, void** factory);
typedef const wchar_t* (*P_WindowsGetStringRawBuffer)(HSTRING string, unsigned int* length);
//---------------------------------------------------------------------------
@ -235,6 +240,8 @@ P_CreateStubFromTypeInfo __sys_CreateStubFromTypeInfo = NULL;
P_CoTaskMemAlloc __sys_CoTaskMemAlloc = NULL;
P_IIDFromString __sys_IIDFromString = NULL;
P_RoGetActivationFactory __sys_RoGetActivationFactory = NULL;
P_WindowsGetStringRawBuffer __sys_WindowsGetStringRawBuffer = NULL;
//---------------------------------------------------------------------------
// Variables
@ -244,6 +251,11 @@ P_IIDFromString __sys_IIDFromString = NULL;
static ULONG Com_NumOpenClsids = -1;
static GUID *Com_OpenClsids = NULL;
static ULONG Com_NumClosedClsids = -1;
static GUID *Com_ClosedClsids = NULL;
static WCHAR* Com_ClosedRT = NULL;
static BOOLEAN Com_TraceFlag = FALSE;
static const WCHAR *Com_Mem_Trace = NULL;
@ -273,6 +285,115 @@ static const GUID IID_INetFwRule = {
{ 0xAC, 0xED, 0xF5, 0x24, 0xF2, 0x2C, 0xFC, 0xE2 } };
//---------------------------------------------------------------------------
// Com_LoadClsidList
//---------------------------------------------------------------------------
_FX void Com_LoadClsidList(const WCHAR* setting, GUID** pClsids, ULONG* pNumClsids, const WCHAR* BoxName)
{
//
// for SbieSvc, re-create the list every time, in case
// the configuration was reloaded
//
if (BoxName) {
if (*pClsids) {
Com_Free(*pClsids);
*pClsids = NULL;
}
*pNumClsids = -1;
}
if (*pNumClsids != -1)
return; // already done
ULONG index;
ULONG counter;
GUID* guid;
NTSTATUS status;
WCHAR wbuf[196];
WCHAR* buf = wbuf;
const WCHAR* ImageName = NULL;
if (BoxName == NULL) // sandboxed process not in service
ImageName = Dll_ImageName;
counter = 0;
for (index = 0; ; ++index) {
status = SbieApi_QueryConfAsIs(
BoxName, setting, index, buf, 190 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* ptr = wcschr(buf, L',');
if (ptr) {
*ptr = L'\0';
if (ImageName && !SbieDll_MatchImage(buf, ImageName, BoxName))
continue;
buf = ptr + 1;
}
if (*buf != L'{') continue;
++counter;
}
if (counter) {
*pClsids = Com_Alloc(sizeof(GUID) * counter);
if (!*pClsids)
counter = 0;
}
*pNumClsids = counter;
if (counter) {
for (index = 0; counter > 0; ++index) {
status = SbieApi_QueryConfAsIs(
BoxName, setting, index, buf, 190 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* ptr = wcschr(buf, L',');
if (ptr) {
*ptr = L'\0';
if (ImageName && !SbieDll_MatchImage(buf, ImageName, BoxName))
continue;
buf = ptr + 1;
}
if (*buf != L'{') continue;
--counter;
WCHAR* space = wcschr(buf, L' ');
if (space)
*space = L'\0';
guid = &(*pClsids)[index];
if (!__sys_IIDFromString) {
// if called from SbieSvc
HMODULE module =
GetModuleHandle(DllName_ole32_or_combase);
GETPROCADDR_SYS(IIDFromString);
}
if ((!__sys_IIDFromString) ||
__sys_IIDFromString(buf, guid) != 0) {
memzero(guid, sizeof(GUID));
}
}
}
}
//---------------------------------------------------------------------------
// SbieDll_IsOpenClsid
//---------------------------------------------------------------------------
@ -306,7 +427,6 @@ _FX BOOLEAN SbieDll_IsOpenClsid(
// check against list of built-in CLSID exclusions
//
if (SbieApi_QueryConfBool(BoxName, L"OpenDefaultClsid", TRUE))
if (memcmp(rclsid, &CLSID_WinMgmt, sizeof(GUID)) == 0 ||
memcmp(rclsid, &CLSID_NetworkListManager, sizeof(GUID)) == 0 ||
memcmp(rclsid, &CLSID_ShellServiceHostBrokerProvider, sizeof(GUID)) == 0 ||
@ -320,84 +440,8 @@ _FX BOOLEAN SbieDll_IsOpenClsid(
// initialize list of user-configured CLSID exclusions
//
if (BoxName) {
//
// for SbieSvc, re-create the list every time, in case
// the configuration was reloaded
//
if (Com_OpenClsids) {
Com_Free(Com_OpenClsids);
Com_OpenClsids = NULL;
}
Com_NumOpenClsids = -1;
}
if (Com_NumOpenClsids == -1) {
static const WCHAR *setting = L"OpenClsid";
NTSTATUS status;
WCHAR buf[96];
if (Dll_BoxName) {
status = SbieApi_QueryConfAsIs(
NULL, L"ClsidTrace", 0, buf, 90 * sizeof(WCHAR));
if (buf[0] && buf[0] != L'.')
Com_TraceFlag = TRUE;
}
index = 0;
while (1) {
status = SbieApi_QueryConfAsIs(
BoxName, setting, index, buf, 90 * sizeof(WCHAR));
if (! NT_SUCCESS(status))
break;
++index;
}
if (index) {
Com_OpenClsids = Com_Alloc(sizeof(GUID) * index);
if (! Com_OpenClsids)
index = 0;
}
Com_NumOpenClsids = index;
if (Com_NumOpenClsids) {
for (index = 0; index < Com_NumOpenClsids; ++index) {
status = SbieApi_QueryConfAsIs(
BoxName, setting, index, buf, 90 * sizeof(WCHAR));
if (NT_SUCCESS(status)) {
WCHAR *space = wcschr(buf, L' ');
if (space)
*space = L'\0';
guid = &Com_OpenClsids[index];
if (! __sys_IIDFromString) {
// if called from SbieSvc
HMODULE module =
GetModuleHandle(DllName_ole32_or_combase);
GETPROCADDR_SYS(IIDFromString);
}
if ((! __sys_IIDFromString) ||
__sys_IIDFromString(buf, guid) != 0) {
memzero(guid, sizeof(GUID));
}
}
}
}
}
static const WCHAR* setting = L"OpenClsid";
Com_LoadClsidList(setting , &Com_OpenClsids, &Com_NumOpenClsids, BoxName);
//
// check against list of user-configured CLSID exclusions
@ -410,7 +454,6 @@ _FX BOOLEAN SbieDll_IsOpenClsid(
}
}
if (SbieApi_QueryConfBool(BoxName, L"OpenDefaultClsid", TRUE))
if (Com_IsFirewallClsid(rclsid, BoxName))
return TRUE;
@ -486,6 +529,27 @@ _FX BOOLEAN Com_IsClosedClsid(REFCLSID rclsid)
if (memcmp(rclsid, EventSystemTier2, 16) == 0)
return TRUE;
ULONG index;
GUID* guid;
//
// initialize list of user-configured CLSID blocks
// Note: the service threads everythign not explicitly open as closed anyways
//
static const WCHAR* setting = L"ClosedClsid";
Com_LoadClsidList(setting, &Com_ClosedClsids, &Com_NumClosedClsids, NULL);
//
// check against list of user-configured CLSID blocks
//
for (index = 0; index < Com_NumClosedClsids; ++index) {
guid = &Com_ClosedClsids[index];
if (memcmp(guid, rclsid, sizeof(GUID)) == 0)
return TRUE;
}
return FALSE;
}
@ -511,6 +575,7 @@ _FX HRESULT Com_CoGetClassObject(
if (Com_IsClosedClsid(rclsid)) {
*ppv = NULL;
Com_Monitor(rclsid, MONITOR_DENY);
return E_ACCESSDENIED;
}
@ -604,6 +669,7 @@ _FX HRESULT Com_CoCreateInstance(
if (Com_IsClosedClsid(rclsid)) {
*ppv = NULL;
Com_Monitor(rclsid, MONITOR_DENY);
return E_ACCESSDENIED;
}
@ -675,8 +741,10 @@ _FX HRESULT Com_CoCreateInstanceEx(
// special cases
//
if (Com_IsClosedClsid(rclsid))
if (Com_IsClosedClsid(rclsid)) {
Com_Monitor(rclsid, MONITOR_DENY);
return E_ACCESSDENIED;
}
if (Dll_ImageType == DLL_IMAGE_WINDOWS_LIVE_MAIL) {
@ -1291,6 +1359,22 @@ _FX BOOLEAN Com_Init_ComBase(HMODULE module)
SBIEDLL_HOOK(Com_, CoMarshalInterface);
SbieDll_IsOpenClsid(&IID_IUnknown, CLSCTX_LOCAL_SERVER, NULL);
}
if (Dll_OsBuild >= 8400) { // win8 and above
__sys_WindowsGetStringRawBuffer = (P_WindowsGetStringRawBuffer)GetProcAddress(module, "WindowsGetStringRawBuffer");
P_RoGetActivationFactory RoGetActivationFactory = (P_RoGetActivationFactory)GetProcAddress(module, "RoGetActivationFactory");
if (RoGetActivationFactory) {
SBIEDLL_HOOK(Com_, RoGetActivationFactory);
}
}
{
WCHAR buf[96];
NTSTATUS status = SbieApi_QueryConfAsIs(NULL, L"ClsidTrace", 0, buf, 90 * sizeof(WCHAR));
if (buf[0] == L'*')
Com_TraceFlag = TRUE;
}
return TRUE;
}
@ -3253,9 +3337,11 @@ _FX void Com_Trace(
}
}
ptr[0] = L'\n';
ptr[1] = L'\0';
OutputDebugString(text);
//ptr[0] = L'\n';
//ptr[1] = L'\0';
//OutputDebugString(text);
*ptr = L'\0';
SbieApi_MonitorPut(MONITOR_COMCLASS | MONITOR_TRACE, text);
Com_Free(text);
}
@ -3275,3 +3361,129 @@ _FX void Com_Monitor(REFCLSID rclsid, USHORT monflag)
SbieApi_MonitorPut(MONITOR_COMCLASS | monflag, text);
}
}
//---------------------------------------------------------------------------
// Com_LoadRTList
//---------------------------------------------------------------------------
_FX void Com_LoadRTList(const WCHAR* setting, WCHAR** pNames)
{
if (*pNames != NULL)
return; // already done
ULONG index;
ULONG total_len;
ULONG cur_pos;
NTSTATUS status;
WCHAR wbuf[196];
WCHAR* buf = wbuf;
const WCHAR* ImageName = Dll_ImageName;
total_len = 1;
for (index = 0; ; ++index) {
status = SbieApi_QueryConfAsIs(
NULL, setting, index, buf, 190 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* ptr = wcschr(buf, L',');
if (ptr) {
*ptr = L'\0';
if (ImageName && !SbieDll_MatchImage(buf, ImageName, NULL))
continue;
buf = ptr + 1;
}
if (*buf != L'\0') continue;
total_len += wcslen(buf) + 1;
}
//
// We store the data as a list of \0 separated strings the first empty string indicated the end
//
*pNames = Com_Alloc(sizeof(WCHAR) * total_len);
if (!*pNames)
return;
cur_pos = 0;
for (index = 0; total_len > cur_pos; ++index) {
status = SbieApi_QueryConfAsIs(
NULL, setting, index, buf, 190 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* ptr = wcschr(buf, L',');
if (ptr) {
*ptr = L'\0';
if (ImageName && !SbieDll_MatchImage(buf, ImageName, NULL))
continue;
buf = ptr + 1;
}
if (*buf != L'\0') continue;
wcscpy((*pNames) + cur_pos, buf);
cur_pos += wcslen(buf) + 1;
}
(*pNames)[total_len - 1] = L'\0'; // indicated the end of data
}
//---------------------------------------------------------------------------
// Com_IsClosedRT
//---------------------------------------------------------------------------
_FX BOOLEAN Com_IsClosedRT(const wchar_t* strClassId)
{
//
// Chrome uses the FindAppUriHandlersAsync which when we dont have com open and more rights than we should have
// fails returning a NULl value, chrome does no check for thsi faulure mode and dereferences it resulting in a fatal crash.
// Since we don't support modern app features anyways the simplest workaround is to block this interface.
//
if (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) {
if (wcscmp(strClassId, L"Windows.System.Launcher") == 0)
return TRUE;
}
static const WCHAR* setting = L"ClosedRT";
Com_LoadRTList(setting, &Com_ClosedRT);
for (const WCHAR* pName = Com_ClosedRT; pName && *pName; pName += wcslen(pName) + 1) {
if (wcscmp(strClassId, pName) == 0)
return TRUE;
}
return FALSE;
}
//---------------------------------------------------------------------------
// Com_RoGetActivationFactory
//---------------------------------------------------------------------------
_FX HRESULT Com_RoGetActivationFactory(HSTRING activatableClassId, REFIID iid, void** factory)
{
if (__sys_WindowsGetStringRawBuffer == NULL)
return E_NOTIMPL; // if we can't inspect this modern RT stuff just fail.
const wchar_t* strClassId = __sys_WindowsGetStringRawBuffer(activatableClassId, NULL);
if (Com_IsClosedRT(strClassId)) {
SbieApi_MonitorPut(MONITOR_COMCLASS | MONITOR_DENY, strClassId);
return E_ACCESSDENIED;
}
SbieApi_MonitorPut(MONITOR_COMCLASS, strClassId);
return __sys_RoGetActivationFactory(activatableClassId, iid, factory);
}

85
Sandboxie/core/dll/custom.c
View File

@ -22,6 +22,7 @@
#include "dll.h"
#include "common/my_version.h"
#include "core/svc/SbieIniWire.h"
#include <stdio.h>
@ -1473,3 +1474,87 @@ _FX void Custom_Load_UxTheme(void)
}
}
}
//---------------------------------------------------------------------------
// SbieDll_MatchImage
//---------------------------------------------------------------------------
BOOLEAN SbieDll_MatchImage_Impl(const WCHAR* pat_str, ULONG pat_len, const WCHAR* test_str, const WCHAR* BoxName, ULONG depth)
{
if (*pat_str == L'<') {
ULONG index;
WCHAR buf[CONF_LINE_LEN];
if (depth >= 6)
return FALSE;
for (index = 0; ; ++index) {
//
// get next process group setting, compare to passed group name.
// if the setting is <passed_group_name>= then we accept it.
//
NTSTATUS status = SbieApi_QueryConfAsIs(
BoxName, L"ProcessGroup", index, buf, CONF_LINE_LEN * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* value = buf;
ULONG value_len = wcslen(value);
if (value_len <= pat_len + 1)
continue;
if (_wcsnicmp(value, pat_str, pat_len) != 0)
continue;
value += pat_len;
if (*value != L',')
continue;
++value;
//
// value now points at the comma-separated
// list of processes in this process group
//
while (*value) {
WCHAR* ptr = wcschr(value, L',');
if (ptr)
value_len = (ULONG)(ULONG_PTR)(ptr - value);
else
value_len = wcslen(value);
if (value_len) {
if (SbieDll_MatchImage_Impl(value, value_len, test_str, BoxName, depth + 1))
return TRUE;
}
value += value_len;
while (*value == L',')
++value;
}
}
}
else {
ULONG test_len = wcslen(test_str);
if (test_len == pat_len)
return (_wcsnicmp(test_str, pat_str, test_len) == 0);
}
return FALSE;
}
BOOLEAN SbieDll_MatchImage(const WCHAR* pat_str, const WCHAR* test_str, const WCHAR* BoxName)
{
ULONG pat_len = wcslen(pat_str);
return SbieDll_MatchImage_Impl(pat_str, pat_len, test_str, BoxName, 1);
}

50
Sandboxie/core/dll/dllmain.c
View File

@ -499,6 +499,39 @@ _FX void Dll_InitExeEntry(void)
_FX void Dll_SelectImageType(void)
{
//
// check for custom configured special images
//
ULONG index;
NTSTATUS status;
WCHAR wbuf[96];
WCHAR* buf = wbuf;
for (index = 0; ; ++index) {
status = SbieApi_QueryConfAsIs(
NULL, L"SpecialImage", index, buf, 90 * sizeof(WCHAR));
if (!NT_SUCCESS(status))
break;
WCHAR* ptr = wcschr(buf, L',');
if (!ptr) continue;
*ptr++ = L'\0';
if (_wcsicmp(Dll_ImageName, ptr) == 0) {
if (_wcsicmp(L"chrome", buf) == 0)
Dll_ImageType = DLL_IMAGE_GOOGLE_CHROME;
else if (_wcsicmp(L"firefox", buf) == 0)
Dll_ImageType = DLL_IMAGE_MOZILLA_FIREFOX;
else
Dll_ImageType = DLL_IMAGE_LAST; // invalid type set place holder such that we keep this image uncustomized
break;
}
}
//
// keep image names in sync with enum at top of dll.h
//
@ -521,12 +554,14 @@ _FX void Dll_SelectImageType(void)
L"iexplore.exe", (WCHAR *)DLL_IMAGE_INTERNET_EXPLORER,
L"firefox.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX,
L"wmplayer.exe", (WCHAR *)DLL_IMAGE_WINDOWS_MEDIA_PLAYER,
L"winamp.exe", (WCHAR *)DLL_IMAGE_NULLSOFT_WINAMP,
L"kmplayer.exe", (WCHAR *)DLL_IMAGE_PANDORA_KMPLAYER,
L"wlmail.exe", (WCHAR *)DLL_IMAGE_WINDOWS_LIVE_MAIL,
L"ServiceModelReg.exe", (WCHAR *)DLL_IMAGE_SERVICE_MODEL_REG,
L"wisptis.exe", (WCHAR *)DLL_IMAGE_WISPTIS,
L"iron.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
L"dragon.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
L"chrome.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
@ -536,6 +571,7 @@ _FX void Dll_SelectImageType(void)
L"vivaldi.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
L"msedge.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, // modern edge is chromium based
L"GoogleUpdate.exe", (WCHAR *)DLL_IMAGE_GOOGLE_UPDATE,
L"AcroRd32.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER,
L"Acrobat.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER,
L"plugin-container.exe", (WCHAR *)DLL_IMAGE_PLUGIN_CONTAINER,
@ -544,12 +580,13 @@ _FX void Dll_SelectImageType(void)
NULL, NULL
};
int i;
if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED) {
for (i = 0; _ImageNames[i]; i += 2) {
if (_wcsicmp(Dll_ImageName, _ImageNames[i]) == 0) {
Dll_ImageType = (ULONG)(ULONG_PTR)_ImageNames[i + 1];
break;
for (int i = 0; _ImageNames[i]; i += 2) {
if (_wcsicmp(Dll_ImageName, _ImageNames[i]) == 0) {
Dll_ImageType = (ULONG)(ULONG_PTR)_ImageNames[i + 1];
break;
}
}
}
@ -578,6 +615,9 @@ _FX void Dll_SelectImageType(void)
SbieApi_Log(2205, Dll_ImageName);
}
if (Dll_ImageType == DLL_IMAGE_LAST)
Dll_ImageType = DLL_IMAGE_UNSPECIFIED;
//
// we have some special cases for programs running under a restricted
// token, such as a Chromium sandbox processes, or Microsoft Office 2010

3
Sandboxie/core/dll/file_misc.c
View File

@ -514,6 +514,9 @@ BOOL File_WriteProcessMemory(
SIZE_T nSize,
SIZE_T * lpNumberOfBytesWritten)
{
//
// this function is only hooked when Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX
//
if (lpBaseAddress && lpBaseAddress == GetProcAddress(Dll_Ntdll, "NtSetInformationThread"))
{

3
Sandboxie/core/dll/sbiedll.h
View File

@ -199,6 +199,9 @@ SBIEDLL_EXPORT ULONG SbieDll_InjectLow_InitHelper();
SBIEDLL_EXPORT ULONG SbieDll_InjectLow_InitSyscalls(BOOLEAN drv_init);
SBIEDLL_EXPORT ULONG SbieDll_InjectLow(HANDLE hProcess, BOOLEAN is_wow64, BOOLEAN bHostInject, BOOLEAN dup_drv_handle);
SBIEDLL_EXPORT BOOLEAN SbieDll_MatchImage(const WCHAR* pat_str, const WCHAR* test_str, const WCHAR* BoxName);
//---------------------------------------------------------------------------

52
Sandboxie/core/drv/process.c
View File

@ -1169,7 +1169,7 @@ _FX void Process_NotifyImage(
{
static const WCHAR *_Ntdll32 = L"\\syswow64\\ntdll.dll"; // 19 chars
PROCESS *proc;
BOOLEAN ok;
ULONG fail = 0;
//
// the notify routine is invoked for any image mapped for any purpose.
@ -1219,60 +1219,58 @@ _FX void Process_NotifyImage(
// create the sandbox space
//
ok = TRUE;
if (!proc->bHostInject)
{
if (ok)
ok = File_CreateBoxPath(proc);
if (!fail && !File_CreateBoxPath(proc))
fail = 0x01;
if (ok)
ok = Ipc_CreateBoxPath(proc);
if (!fail && !Ipc_CreateBoxPath(proc))
fail = 0x02;
if (ok)
ok = Key_MountHive(proc);
if (!fail && !Key_MountHive(proc))
fail = 0x03;
//
// initialize the filtering components
//
if (ok)
ok = File_InitProcess(proc);
if (!fail && !File_InitProcess(proc))
fail = 0x04;
if (ok)
ok = Key_InitProcess(proc);
if (!fail && !Key_InitProcess(proc))
fail = 0x05;
if (ok)
ok = Ipc_InitProcess(proc);
if (!fail && !Ipc_InitProcess(proc))
fail = 0x06;
if (ok)
ok = Gui_InitProcess(proc);
if (!fail && !Gui_InitProcess(proc))
fail = 0x07;
if (ok)
ok = Process_Low_InitConsole(proc);
if (!fail && !Process_Low_InitConsole(proc))
fail = 0x08;
if (ok)
ok = Token_ReplacePrimary(proc);
if (!fail && !Token_ReplacePrimary(proc))
fail = 0x09;
if (ok)
ok = Thread_InitProcess(proc);
if (!fail && !Thread_InitProcess(proc))
fail = 0x0A;
}
//
// terminate process if initialization failed
//
if (ok && !Ipc_IsRunRestricted(proc)) {
if (!fail && !Ipc_IsRunRestricted(proc)) {
proc->initialized = TRUE;
} else {
if (!ok)
Log_Status_Ex_Process(MSG_1231, 0xA0, STATUS_UNSUCCESSFUL, NULL, proc->box->session_id, proc->pid);
if (fail)
Log_Status_Ex_Process(MSG_1231, 0xA0 + fail, STATUS_UNSUCCESSFUL, NULL, proc->box->session_id, proc->pid);
proc->terminated = TRUE;
proc->reason = ok ? -1 : 0;
proc->reason = (!fail) ? -1 : 0;
Process_CancelProcess(proc);
}

41
Sandboxie/core/drv/token.c
View File

@ -816,14 +816,42 @@ _FX void *Token_Restrict(
TOKEN_GROUPS *groups;
TOKEN_PRIVILEGES *privs;
TOKEN_USER *user;
void *NewTokenObject;
void *NewTokenObject = NULL;
// OpenToken BEGIN
if (Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnrestrictedToken", 0, FALSE)) {
SeFilterToken(TokenObject, 0, NULL, NULL, NULL, &NewTokenObject);
//NTSTATUS status = SeFilterToken(TokenObject, 0, NULL, NULL, NULL, &NewTokenObject);
//if(!NT_SUCCESS(status))
// Log_Status_Ex_Process(MSG_1222, 0xA0, status, NULL, proc->box->session_id, proc->pid);
HANDLE OldTokenHandle;
NTSTATUS status = ObOpenObjectByPointer(
TokenObject, OBJ_KERNEL_HANDLE, NULL, TOKEN_ALL_ACCESS,
*SeTokenObjectType, KernelMode, &OldTokenHandle);
if (NT_SUCCESS(status)) {
HANDLE NewTokenHandle;
status = ZwDuplicateToken(OldTokenHandle, TOKEN_ALL_ACCESS, NULL,
FALSE, TokenPrimary, &NewTokenHandle);
if (NT_SUCCESS(status)) {
status = ObReferenceObjectByHandle(NewTokenHandle, 0, *SeTokenObjectType,
UserMode, &NewTokenObject, NULL);
if (!NT_SUCCESS(status))
Log_Status_Ex_Process(MSG_1222, 0xA3, status, NULL, proc->box->session_id, proc->pid);
NtClose(NewTokenHandle);
}
else
Log_Status_Ex_Process(MSG_1222, 0xA2, status, NULL, proc->box->session_id, proc->pid);
ZwClose(OldTokenHandle);
}
else
Log_Status_Ex_Process(MSG_1222, 0xA1, status, NULL, proc->box->session_id, proc->pid);
return NewTokenObject;
//ObReferenceObject(TokenObject);
//return TokenObject;
}
// OpenToken END
@ -1768,6 +1796,11 @@ _FX BOOLEAN Token_ReplacePrimary(PROCESS *proc)
if (RestrictedToken) {
#ifdef _WIN64
// OpenToken BEGIN
if (!Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE)
&& !Conf_Get_Boolean(proc->box->name, L"UnrestrictedToken", 0, FALSE)
&& Conf_Get_Boolean(proc->box->name, L"AnonymousLogon", 0, TRUE))
// OpenToken END
if (Driver_OsVersion >= DRIVER_WINDOWS_8)
{
UCHAR* pTokenAuthId = (UCHAR*)RestrictedToken;

1
Sandboxie/core/svc/sbieiniwire.h
View File

@ -26,6 +26,7 @@
#include "msgids.h"
#define CONF_LINE_LEN 2000 // keep in sync with drv/conf.c
//---------------------------------------------------------------------------
// Get Version

BIN
Sandboxie/install/Templates.ini
View File

Binary file not shown.

BIN
Sandboxie/msgs/Text-Italian-1040.txt
View File

Binary file not shown.

1
SandboxiePlus/LICENSE Normal file
View File

@ -0,0 +1 @@
Please see the individual modules for their respective licenses.

11
SandboxiePlus/MiscHelpers/Common/PanelView.cpp
View File

@ -5,6 +5,10 @@ bool CPanelView::m_SimpleFormat = false;
int CPanelView::m_MaxCellWidth = 0;
QString CPanelView::m_CellSeparator = "\t";
QString CPanelView::m_CopyCell = "Copy Cell";
QString CPanelView::m_CopyRow = "Copy Row";
QString CPanelView::m_CopyPanel = "Copy Panel";
CPanelView::CPanelView(QWidget *parent)
:QWidget(parent)
{
@ -21,12 +25,12 @@ void CPanelView::AddPanelItemsToMenu(bool bAddSeparator)
{
if(bAddSeparator)
m_pMenu->addSeparator();
m_pCopyCell = m_pMenu->addAction(tr("Copy Cell"), this, SLOT(OnCopyCell()));
m_pCopyRow = m_pMenu->addAction(tr("Copy Row"), this, SLOT(OnCopyRow()));
m_pCopyCell = m_pMenu->addAction(m_CopyCell, this, SLOT(OnCopyCell()));
m_pCopyRow = m_pMenu->addAction(m_CopyRow, this, SLOT(OnCopyRow()));
m_pCopyRow->setShortcut(QKeySequence::Copy);
m_pCopyRow->setShortcutContext(Qt::WidgetWithChildrenShortcut);
this->addAction(m_pCopyRow);
m_pCopyPanel = m_pMenu->addAction(tr("Copy Panel"), this, SLOT(OnCopyPanel()));
m_pCopyPanel = m_pMenu->addAction(m_CopyPanel, this, SLOT(OnCopyPanel()));
}
void CPanelView::OnMenu(const QPoint& Point)
@ -35,6 +39,7 @@ void CPanelView::OnMenu(const QPoint& Point)
m_pCopyCell->setEnabled(Index.isValid());
m_pCopyRow->setEnabled(Index.isValid());
m_pCopyPanel->setEnabled(true);
m_pMenu->popup(QCursor::pos());
}

4
SandboxiePlus/MiscHelpers/Common/PanelView.h
View File

@ -13,6 +13,10 @@ public:
static void SetMaxCellWidth(int iMaxWidth) { m_MaxCellWidth = iMaxWidth; }
static void SetCellSeparator(const QString& Sep) { m_CellSeparator = Sep; }
static QString m_CopyCell;
static QString m_CopyRow;
static QString m_CopyPanel;
protected slots:
virtual void OnMenu(const QPoint& Point);

4
SandboxiePlus/MiscHelpers/MiscHelpers.vcxproj
View File

@ -68,6 +68,10 @@
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
<IntDir>$(Platform)\$(Configuration)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
<IntDir>$(Platform)\$(Configuration)\</IntDir>
</PropertyGroup>
<ImportGroup Condition="Exists('$(QtMsBuild)\qt_defaults.props')">
<Import Project="$(QtMsBuild)\qt_defaults.props" />
</ImportGroup>

5
SandboxiePlus/QSbieAPI/QSbieAPI.vcxproj
View File

@ -65,6 +65,10 @@
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<IntDir>$(Platform)\$(Configuration)\</IntDir>
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
<IntDir>$(Platform)\$(Configuration)\</IntDir>
</PropertyGroup>
@ -135,6 +139,7 @@
<GenerateDebugInformation>true</GenerateDebugInformation>
<TargetMachine>MachineX86</TargetMachine>
<AdditionalOptions> /SUBSYSTEM:WINDOWS</AdditionalOptions>
<AdditionalDependencies>ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">

136
SandboxiePlus/QSbieAPI/Sandboxie/BoxedProcess.cpp
View File

@ -28,6 +28,8 @@ typedef long NTSTATUS;
#include "..\..\Sandboxie\common\win32_ntddk.h"
#include <psapi.h> // For access to GetModuleFileNameEx
#include <winnt.h>
//struct SBoxedProcess
//{
//};
@ -44,7 +46,7 @@ CBoxedProcess::CBoxedProcess(quint32 ProcessId, class CSandBox* pBox)
m_SessionId = 0;
m_uTerminated = 0;
m_bSuspended = IsSuspended();
//m_bSuspended = IsSuspended();
}
CBoxedProcess::~CBoxedProcess()
@ -52,12 +54,114 @@ CBoxedProcess::~CBoxedProcess()
//delete m;
}
typedef enum _PEB_OFFSET
{
PhpoCurrentDirectory,
PhpoDllPath,
PhpoImagePathName,
PhpoCommandLine,
PhpoWindowTitle,
PhpoDesktopInfo,
PhpoShellInfo,
PhpoRuntimeData,
PhpoTypeMask = 0xffff,
PhpoWow64 = 0x10000
} PEB_OFFSET;
typedef struct _STRING32
{
USHORT Length;
USHORT MaximumLength;
ULONG Buffer;
} UNICODE_STRING32, * PUNICODE_STRING32;
QString CBoxedProcess__GetPebString(HANDLE ProcessHandle, PEB_OFFSET Offset)
{
BOOL is64BitOperatingSystem = FALSE;
BOOL isWow64Process = FALSE;
#ifdef _WIN64
is64BitOperatingSystem = TRUE;
#else // ! _WIN64
IsWow64Process(GetCurrentProcess(), &isWow64Process);
is64BitOperatingSystem = isWow64Process;
#endif _WIN64
BOOL isTargetWow64Process = FALSE;
IsWow64Process(ProcessHandle, &isTargetWow64Process);
BOOL isTarget64BitProcess = is64BitOperatingSystem && !isTargetWow64Process;
ULONG processParametersOffset = isTarget64BitProcess ? 0x20 : 0x10;
ULONG offset = 0;
switch (Offset)
{
case PhpoCurrentDirectory: offset = isTarget64BitProcess ? 0x38 : 0x24; break;
case PhpoCommandLine: offset = isTarget64BitProcess ? 0x70 : 0x40; break;
default:
return QString();
}
wstring s;
if (isTargetWow64Process) // OS : 64Bit, Cur : 32 or 64, Tar: 32bit
{
PVOID peb32;
if (!NT_SUCCESS(NtQueryInformationProcess(ProcessHandle, ProcessWow64Information, &peb32, sizeof(PVOID), NULL)))
return QString();
ULONG procParams;
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)((ULONG64)peb32 + processParametersOffset), &procParams, sizeof(ULONG), NULL)))
return QString();
UNICODE_STRING32 us;
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)(procParams + offset), &us, sizeof(UNICODE_STRING32), NULL)))
return QString();
if ((us.Buffer == 0) || (us.Length == 0))
return QString();
s.resize(us.Length / 2);
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)us.Buffer, (PVOID)s.c_str(), s.length() * 2, NULL)))
return QString();
}
else if (isWow64Process) //Os : 64Bit, Cur 32, Tar 64
{
return QString(); // not supported
}
else // Os,Cur,Tar : 64 or 32
{
PROCESS_BASIC_INFORMATION pbi;
if (!NT_SUCCESS(NtQueryInformationProcess(ProcessHandle, ProcessBasicInformation, &pbi, sizeof(PROCESS_BASIC_INFORMATION), NULL)))
return QString();
ULONG_PTR procParams;
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)((ULONG64)pbi.PebBaseAddress + processParametersOffset), &procParams, sizeof(ULONG_PTR), NULL)))
return QString();
UNICODE_STRING us;
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)(procParams + offset), &us, sizeof(UNICODE_STRING), NULL)))
return QString();
if ((us.Buffer == 0) || (us.Length == 0))
return QString();
s.resize(us.Length / 2);
if (!NT_SUCCESS(NtReadVirtualMemory(ProcessHandle, (PVOID)us.Buffer, (PVOID)s.c_str(), s.length() * 2, NULL)))
return QString();
}
return QString::fromWCharArray(s.c_str());
}
bool CBoxedProcess::InitProcessInfo()
{
HANDLE ProcessHandle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, (DWORD)m_ProcessId);
HANDLE ProcessHandle;
ProcessHandle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, (DWORD)m_ProcessId);
if (ProcessHandle == INVALID_HANDLE_VALUE) // try with less rights
ProcessHandle = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, (DWORD)m_ProcessId);
if (ProcessHandle == INVALID_HANDLE_VALUE)
return false;
PROCESS_BASIC_INFORMATION BasicInformation;
NTSTATUS status = NtQueryInformationProcess(ProcessHandle, ProcessBasicInformation, &BasicInformation, sizeof(PROCESS_BASIC_INFORMATION), NULL);
if (NT_SUCCESS(status)) {
@ -68,6 +172,27 @@ bool CBoxedProcess::InitProcessInfo()
if (DWORD size = GetModuleFileNameEx(ProcessHandle, NULL, filename, MAX_PATH))
m_ImagePath = QString::fromWCharArray(filename);
if (1) // windows 8.1 and later // todo add os version check
{
#define ProcessCommandLineInformation ((PROCESSINFOCLASS)60)
ULONG returnLength = 0;
NTSTATUS status = NtQueryInformationProcess(ProcessHandle, ProcessCommandLineInformation, NULL, 0, &returnLength);
if (!(status != STATUS_BUFFER_OVERFLOW && status != STATUS_BUFFER_TOO_SMALL && status != STATUS_INFO_LENGTH_MISMATCH))
{
PUNICODE_STRING commandLine = (PUNICODE_STRING)malloc(returnLength);
status = NtQueryInformationProcess(ProcessHandle, ProcessCommandLineInformation, commandLine, returnLength, &returnLength);
if (NT_SUCCESS(status) && commandLine->Buffer != NULL)
m_CommandLine = QString::fromWCharArray(commandLine->Buffer);
free(commandLine);
}
#undef ProcessCommandLineInformation
}
if (m_CommandLine.isEmpty()) // fall back to teh win 7 method - requirers PROCESS_VM_READ
{
m_CommandLine = CBoxedProcess__GetPebString(ProcessHandle, PhpoCommandLine);
}
NtClose(ProcessHandle);
return true;
}
@ -103,7 +228,7 @@ bool CBoxedProcess::IsTerminated(quint64 forMs) const
return ::GetTickCount64() - m_uTerminated > forMs;
}
SB_STATUS CBoxedProcess::SetSuspend(bool bSet)
/*SB_STATUS CBoxedProcess::SetSuspend(bool bSet)
{
HANDLE ProcessHandle = OpenProcess(PROCESS_SUSPEND_RESUME, FALSE, (DWORD)m_ProcessId);
if (ProcessHandle != INVALID_HANDLE_VALUE)
@ -146,7 +271,7 @@ bool CBoxedProcess::IsSuspended() const
HANDLE hThread = OpenThread(THREAD_QUERY_INFORMATION, FALSE, te32.th32ThreadID);
ULONG SuspendCount = 0;
NTSTATUS status = NtQueryInformationThread(hThread, (THREADINFOCLASS)35/*ThreadSuspendCount*/, &SuspendCount, sizeof(ULONG), NULL);
NTSTATUS status = NtQueryInformationThread(hThread, (THREADINFOCLASS)35/ThreadSuspendCount/, &SuspendCount, sizeof(ULONG), NULL);
CloseHandle(hThread);
@ -163,6 +288,7 @@ bool CBoxedProcess::IsSuspended() const
return isSuspended;
}
*/
QString CBoxedProcess::GetBoxName() const
{

8
SandboxiePlus/QSbieAPI/Sandboxie/BoxedProcess.h
View File

@ -34,6 +34,7 @@ public:
virtual quint32 GetProcessId() const { return m_ProcessId; }
virtual quint32 GetParendPID() const { return m_ParendPID; }
virtual QString GetProcessName() const { return m_ImageName; }
virtual QString GetCommandLine() const { return m_CommandLine; }
virtual QString GetFileName() const { return m_ImagePath; }
virtual QDateTime GetTimeStamp() const { return m_StartTime; }
@ -41,8 +42,8 @@ public:
virtual bool IsTerminated(quint64 forMs = 0) const;
virtual void SetTerminated();
virtual SB_STATUS SetSuspend(bool bSet);
virtual bool IsSuspended() const;
//virtual SB_STATUS SetSuspend(bool bSet);
//virtual bool IsSuspended() const;
virtual QString GetBoxName() const;
@ -53,10 +54,11 @@ protected:
quint32 m_ParendPID;
QString m_ImageName;
QString m_ImagePath;
QString m_CommandLine;
quint32 m_SessionId;
QDateTime m_StartTime;
quint64 m_uTerminated;
bool m_bSuspended;
//bool m_bSuspended;
class CSandBox* m_pBox;

35
SandboxiePlus/QSbieAPI/Sandboxie/SandBox.cpp
View File

@ -45,26 +45,27 @@ CSandBox::CSandBox(const QString& BoxName, class CSbieAPI* pAPI) : CSbieIni(BoxN
return;
SetNum("ConfigLevel", 7);
if (cfglvl == 6) {
//SetDefaultTemplates7(*this);
}
else if (cfglvl >= 1) {
//UpdateTemplates(*this);
}
else
{
SetBool("AutoRecover", false);
SetBool("BlockNetworkFiles", true);
SetBool("AutoRecover", false);
SetBool("BlockNetworkFiles", true);
//SetDefaultTemplates6(*this); // why 6?
// templates L6
InsertText("Template", "AutoRecoverIgnore");
InsertText("Template", "Firefox_Phishing_DirectAccess");
InsertText("Template", "Chrome_Phishing_DirectAccess");
InsertText("Template", "LingerPrograms");
// templates L7
InsertText("Template", "BlockPorts");
InsertText("Template", "WindowsFontCache");
InsertText("Template", "qWave");
InsertText("RecoverFolder", "%Desktop%");
//InsertText("RecoverFolder", "%Favorites%"); // obsolete
InsertText("RecoverFolder", "%Personal%");
InsertText("RecoverFolder", "%{374DE290-123F-4565-9164-39C4925E467B}%"); // %USERPROFILE%\Downloads
// recovery
InsertText("RecoverFolder", "%Desktop%");
//InsertText("RecoverFolder", "%Favorites%"); // obsolete
InsertText("RecoverFolder", "%Personal%");
InsertText("RecoverFolder", "%{374DE290-123F-4565-9164-39C4925E467B}%"); // %USERPROFILE%\Downloads
SetText("BorderColor", "#00FFFF,ttl"); // "#00FFFF,off"
}
SetText("BorderColor", "#00FFFF,ttl"); // "#00FFFF,off"
}
CSandBox::~CSandBox()

34
SandboxiePlus/QSbieAPI/SbieAPI.cpp
View File

@ -281,7 +281,8 @@ SB_STATUS CSbieAPI::Connect(bool withQueue)
m->lastRecordNum = 0;
#ifndef _DEBUG
QStringList CompatVersions = QStringList () << "5.45.0";
// Note: this lib is not using all functions hence it can be compatible with multiple driver ABI revisions
QStringList CompatVersions = QStringList () << "5.45.0" << "5.46.0";
QString CurVersion = GetVersion();
if (!CompatVersions.contains(CurVersion))
{
@ -1079,7 +1080,9 @@ SB_STATUS CSbieAPI::UpdateProcesses(bool bKeep)
SB_STATUS CSbieAPI__GetProcessPIDs(SSbieAPI* m, const QString& BoxName, ULONG* boxed_pids_512)
{
wstring box_name = BoxName.toStdWString(); // WCHAR [34]
WCHAR box_name[34];
BoxName.toWCharArray(box_name); // fix-me: potential overflow
box_name[BoxName.size()] = L'\0';
BOOLEAN all_sessions = TRUE;
ULONG which_session = 0; // -1 for current session
@ -1088,19 +1091,22 @@ SB_STATUS CSbieAPI__GetProcessPIDs(SSbieAPI* m, const QString& BoxName, ULONG* b
memset(parms, 0, sizeof(parms));
parms[0] = API_ENUM_PROCESSES;
parms[1] = (ULONG64)boxed_pids_512;
parms[2] = (ULONG64)box_name.c_str();
parms[2] = (ULONG64)box_name;
parms[3] = (ULONG64)all_sessions;
parms[4] = (ULONG64)which_session;
return m->IoControl(parms);
NTSTATUS status = m->IoControl(parms);
if (!NT_SUCCESS(status))
return SB_ERR(status);
return SB_OK;
}
SB_STATUS CSbieAPI::UpdateProcesses(bool bKeep, const CSandBoxPtr& pBox)
{
ULONG boxed_pids[512]; // ULONG [512]
NTSTATUS status = CSbieAPI__GetProcessPIDs(m, pBox->GetName(), boxed_pids);
if (!NT_SUCCESS(status))
return SB_ERR(status);
SB_STATUS Status = CSbieAPI__GetProcessPIDs(m, pBox->GetName(), boxed_pids);
if (Status.IsError())
return Status;
QMap<quint32, CBoxedProcessPtr> OldProcessList = pBox->m_ProcessList;
@ -1762,6 +1768,8 @@ CBoxedProcessPtr CSbieAPI::OnProcessBoxed(quint32 ProcessId, const QString& Path
pProcess = CBoxedProcessPtr(NewBoxedProcess(ProcessId, pBox.data()));
pBox->m_ProcessList.insert(ProcessId, pProcess);
m_BoxedProxesses.insert(ProcessId, pProcess);
pProcess->InitProcessInfo();
}
if (pProcess->m_ParendPID == 0){
@ -1891,9 +1899,8 @@ bool CSbieAPI::GetMonitor()
CResLogEntryPtr LogEntry = CResLogEntryPtr(new CResLogEntry(pid, type, Data));
QWriteLocker Lock(&m_ResLogMutex);
if (!m_ResLogList.isEmpty() && m_ResLogList.last()->GetValue() == LogEntry->GetValue())
{
m_ResLogList.last()->IncrCounter();
if (!m_ResLogList.isEmpty() && m_ResLogList.last()->Equals(LogEntry)) {
m_ResLogList.last()->Merge(LogEntry);
return true;
}
m_ResLogList.append(LogEntry);
@ -1954,12 +1961,11 @@ QString CResLogEntry::GetStautsStr() const
if (m_Type.Trace)
return "Trace";
QString Str;
if(m_Type.Open)
Str += "O ";
return "Open";
if(m_Type.Deny)
Str += "X ";
return Str;
return "Closed";
return "";
}
///////////////////////////////////////////////////////////////////////////////

8
SandboxiePlus/QSbieAPI/SbieAPI.h
View File

@ -38,9 +38,15 @@ public:
QString GetValue() const { return m_Name; }
QString GetTypeStr() const;
QString GetStautsStr() const;
void IncrCounter() { m_Counter++; }
int GetCount() const { return m_Counter; }
bool Equals(const QSharedDataPointer<CResLogEntry>& pOther) const {
return pOther->m_ProcessId == this->m_ProcessId
//&& pOther->m_Type.Flags == this->m_Type.Flags
&& pOther->m_Name == this->m_Name;
}
void Merge(const QSharedDataPointer<CResLogEntry>& pOther) { m_Counter++; this->m_Type.Flags |= pOther->m_Type.Flags; }
quint64 GetUID() const { return m_uid; }
protected:

2
SandboxiePlus/QSbieAPI/SbieUtils.h
View File

@ -30,7 +30,7 @@ public:
static void AddContextMenu(const QString& StartPath);
static void RemoveContextMenu();
static bool CreateShortcut(class CSbieAPI* pApi, const QString &LinkPath, const QString &LinkName, const QString &boxname, const QString &arguments, const QString &iconPath, int iconIndex, const QString &workdir, bool bRunElevated = false);
static bool CreateShortcut(class CSbieAPI* pApi, const QString &LinkPath, const QString &LinkName, const QString &boxname, const QString &arguments, const QString &iconPath = QString(), int iconIndex = 0, const QString &workdir = QString(), bool bRunElevated = false);
static bool GetStartMenuShortcut(class CSbieAPI* pApi, QString &BoxName, QString &LinkPath, QString &IconPath, quint32& IconIndex, QString &WorkDir);
private:

2
SandboxiePlus/SandMan/Forms/NewBoxWindow.ui
View File

@ -6,7 +6,7 @@
<rect>
<x>0</x>
<y>0</y>
<width>357</width>
<width>372</width>
<height>274</height>
</rect>
</property>

755
SandboxiePlus/SandMan/Forms/OptionsWindow.ui
View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>622</width>
<height>412</height>
<height>473</height>
</rect>
</property>
<property name="sizePolicy">
@ -64,20 +64,17 @@
<layout class="QGridLayout" name="gridLayout_27">
<item row="1" column="0">
<layout class="QGridLayout" name="gridLayout_8">
<item row="2" column="0" colspan="2">
<widget class="QLabel" name="label_21">
<item row="1" column="0" colspan="3">
<widget class="QLabel" name="label_20">
<property name="text">
<string>Sandboxed window border:</string>
<string>Sandbox Indicator in title:</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="2" column="2" colspan="2">
<widget class="QComboBox" name="cmbBoxBorder"/>
</item>
<item row="2" column="5">
<item row="2" column="6">
<widget class="QSpinBox" name="spinBorderWidth">
<property name="minimum">
<number>1</number>
@ -90,7 +87,61 @@
</property>
</widget>
</item>
<item row="2" column="6">
<item row="2" column="3" colspan="2">
<widget class="QComboBox" name="cmbBoxBorder"/>
</item>
<item row="8" column="1" colspan="6">
<widget class="QCheckBox" name="chkBlockSpooler">
<property name="text">
<string>Block access to the printer spooler</string>
</property>
</widget>
</item>
<item row="4" column="1" colspan="6">
<widget class="QCheckBox" name="chkBlockNetShare">
<property name="text">
<string>Block network files and folders, unless specifically opened.</string>
</property>
</widget>
</item>
<item row="6" column="1" colspan="6">
<widget class="QCheckBox" name="chkDropRights">
<property name="text">
<string>Drop rights from Administrators and Power Users groups</string>
</property>
</widget>
</item>
<item row="2" column="0" colspan="3">
<widget class="QLabel" name="label_21">
<property name="text">
<string>Sandboxed window border:</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="5" column="1" colspan="6">
<widget class="QCheckBox" name="chkBlockNetParam">
<property name="text">
<string>Prevent change to network and firewall parameters</string>
</property>
</widget>
</item>
<item row="11" column="2" colspan="5">
<spacer name="horizontalSpacer_2">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="7">
<widget class="QLabel" name="label_14">
<property name="text">
<string>px Width</string>
@ -100,17 +151,26 @@
</property>
</widget>
</item>
<item row="2" column="4">
<widget class="QToolButton" name="btnBorderColor">
<item row="0" column="1">
<widget class="QLabel" name="label_30">
<property name="sizePolicy">
<sizepolicy hsizetype="Minimum" vsizetype="Minimum">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="maximumSize">
<size>
<width>16</width>
<height>16777215</height>
</size>
</property>
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="1" column="2" colspan="2">
<widget class="QComboBox" name="cmbBoxIndicator"/>
</item>
<item row="0" column="0" colspan="2">
<item row="0" column="0">
<widget class="QLabel" name="label_7">
<property name="font">
<font>
@ -123,30 +183,10 @@
</property>
</widget>
</item>
<item row="1" column="0" colspan="2">
<widget class="QLabel" name="label_20">
<property name="text">
<string>Sandbox Indicator in title:</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
<item row="1" column="3" colspan="2">
<widget class="QComboBox" name="cmbBoxIndicator"/>
</item>
<item row="6" column="2">
<spacer name="verticalSpacer_4">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="0" colspan="2">
<item row="3" column="0" colspan="3">
<widget class="QLabel" name="label_10">
<property name="font">
<font>
@ -162,17 +202,59 @@
</property>
</widget>
</item>
<item row="4" column="1" colspan="6">
<widget class="QCheckBox" name="chkBlockShare">
<item row="2" column="5">
<widget class="QToolButton" name="btnBorderColor">
<property name="text">
<string>Block network files and folders, unless specifically opened.</string>
<string/>
</property>
</widget>
</item>
<item row="5" column="1" colspan="6">
<widget class="QCheckBox" name="chkDropRights">
<item row="10" column="2" colspan="5">
<widget class="QCheckBox" name="chkPrintToFile">
<property name="sizePolicy">
<sizepolicy hsizetype="Minimum" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="text">
<string>Drop rights from Administrators and Power Users groups</string>
<string>Allow the print spooler to print to files outside the sandbox</string>
</property>
</widget>
</item>
<item row="11" column="1">
<spacer name="verticalSpacer_17">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="7" column="0" colspan="3">
<widget class="QLabel" name="label_31">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text">
<string>Printing</string>
</property>
</widget>
</item>
<item row="9" column="2" colspan="6">
<widget class="QCheckBox" name="chkOpenSpooler">
<property name="text">
<string>Remove spooler restriction, printers can be installed outside the sandbox</string>
</property>
</widget>
</item>
@ -185,13 +267,6 @@
<string>Run Menu</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_33">
<item row="1" column="1">
<widget class="QPushButton" name="btnAddExe">
<property name="text">
<string>Browse</string>
</property>
</widget>
</item>
<item row="0" column="0">
<widget class="QLabel" name="label_8">
<property name="text">
@ -202,27 +277,6 @@
</property>
</widget>
</item>
<item row="1" column="0" rowspan="4">
<widget class="QTreeWidget" name="treeRun">
<column>
<property name="text">
<string>Name</string>
</property>
</column>
<column>
<property name="text">
<string>Command Line</string>
</property>
</column>
</widget>
</item>
<item row="4" column="1">
<widget class="QPushButton" name="btnDelCmd">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="3" column="1">
<spacer name="verticalSpacer_15">
<property name="orientation">
@ -236,10 +290,55 @@
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QPushButton" name="btnAddCmd">
<item row="1" column="0" rowspan="4">
<widget class="QTreeWidget" name="treeRun">
<column>
<property name="text">
<string>Name</string>
</property>
</column>
<column>
<property name="text">
<string>Command Line</string>
</property>
</column>
</widget>
</item>
<item row="1" column="1">
<widget class="QToolButton" name="btnAddCmd">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Add Command</string>
<string>Add program</string>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="QToolButton" name="btnDelCmd">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
@ -340,6 +439,107 @@
</item>
</layout>
</widget>
<widget class="QWidget" name="tab_6">
<attribute name="title">
<string>Auto Start</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_4">
<item row="0" column="0">
<widget class="QLabel" name="label_32">
<property name="text">
<string>Here you can specify programs and/or services that are to be started automatically in the sandbox when it is activated</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="1" column="0" rowspan="4">
<widget class="QTreeWidget" name="treeAutoStart">
<column>
<property name="text">
<string>Type</string>
</property>
</column>
<column>
<property name="text">
<string notr="true">Program/Service</string>
</property>
</column>
</widget>
</item>
<item row="4" column="1">
<widget class="QToolButton" name="btnDelAuto">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="3" column="1">
<spacer name="verticalSpacer_4">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="1" column="1">
<widget class="QToolButton" name="btnAddAutoExe">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Add program</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QToolButton" name="btnAddAutoSvc">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>0</width>
<height>23</height>
</size>
</property>
<property name="text">
<string>Add service</string>
</property>
</widget>
</item>
</layout>
</widget>
</widget>
</item>
</layout>
@ -836,7 +1036,7 @@ If leader processes are defined, all others are treated as lingering processes.<
</widget>
</item>
<item row="4" column="1">
<widget class="QToolButton" name="btnAddClsId">
<widget class="QToolButton" name="btnAddWnd">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
@ -1100,113 +1300,13 @@ For files access you can use 'Direct All' instead to make it apply to all progra
<layout class="QGridLayout" name="gridLayout_26">
<item row="0" column="1">
<layout class="QGridLayout" name="gridLayout_2">
<item row="2" column="1" colspan="2">
<widget class="QCheckBox" name="chkPreferExternalManifest">
<property name="text">
<string>Force usage of custom dummy Manifest files (legacy behaviour)</string>
</property>
</widget>
</item>
<item row="6" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectRpcSs">
<property name="text">
<string>Start the sandboxed RpcSs as a SYSTEM process (breaks some compatibility)</string>
</property>
</widget>
</item>
<item row="14" column="2">
<spacer name="horizontalSpacer_6">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="9" column="1" colspan="2">
<widget class="QCheckBox" name="chkAddToJob">
<property name="text">
<string>Add sandboxed processes to job objects (recommended)</string>
</property>
</widget>
</item>
<item row="5" column="1" colspan="2">
<item row="8" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectSCM">
<property name="text">
<string>Limit access to the emulated service control manager to privileged processes</string>
</property>
</widget>
</item>
<item row="11" column="1" colspan="2">
<widget class="QCheckBox" name="chkOpenProtectedStorage">
<property name="text">
<string>Open System Protected Storage</string>
</property>
</widget>
</item>
<item row="14" column="1">
<spacer name="verticalSpacer">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="10" column="0" colspan="2">
<widget class="QLabel" name="label_18">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text">
<string>Lift restrictions</string>
</property>
</widget>
</item>
<item row="12" column="2">
<widget class="QCheckBox" name="chkOpenCredentials">
<property name="text">
<string>Open Windows Credentials Store</string>
</property>
</widget>
</item>
<item row="3" column="1" colspan="2">
<widget class="QCheckBox" name="chkNoWindowRename">
<property name="text">
<string>Don't alter window class names created by sandboxed programs</string>
</property>
</widget>
</item>
<item row="4" column="0" colspan="2">
<widget class="QLabel" name="label_12">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="toolTip">
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Sandbox protection</string>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_5">
<property name="font">
@ -1220,14 +1320,128 @@ For files access you can use 'Direct All' instead to make it apply to all progra
</property>
</widget>
</item>
<item row="7" column="1" colspan="2">
<item row="9" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectRpcSs">
<property name="text">
<string>Start the sandboxed RpcSs as a SYSTEM process (breaks some compatibility)</string>
</property>
</widget>
</item>
<item row="7" column="0" colspan="3">
<widget class="QLabel" name="label_12">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="toolTip">
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Sandbox protection</string>
</property>
</widget>
</item>
<item row="15" column="2">
<spacer name="horizontalSpacer_6">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="1" colspan="2">
<widget class="QCheckBox" name="chkNoWindowRename">
<property name="text">
<string>Don't alter window class names created by sandboxed programs</string>
</property>
</widget>
</item>
<item row="13" column="2">
<widget class="QCheckBox" name="chkOpenCredentials">
<property name="text">
<string>Open Windows Credentials Store</string>
</property>
</widget>
</item>
<item row="6" column="1" colspan="2">
<widget class="QCheckBox" name="chkRestrictServices">
<property name="text">
<string>Do not start sandboxed services using a system token (recommended)</string>
</property>
</widget>
</item>
<item row="12" column="1" colspan="2">
<widget class="QCheckBox" name="chkOpenProtectedStorage">
<property name="text">
<string>Open System Protected Storage</string>
</property>
</widget>
</item>
<item row="14" column="1" colspan="2">
<widget class="QCheckBox" name="chkOpenSmartCard">
<property name="text">
<string>Allow access to Smart Cards</string>
</property>
</widget>
</item>
<item row="2" column="1" colspan="2">
<widget class="QCheckBox" name="chkPreferExternalManifest">
<property name="text">
<string>Force usage of custom dummy Manifest files (legacy behaviour)</string>
</property>
</widget>
</item>
<item row="15" column="1">
<spacer name="verticalSpacer">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="10" column="1" colspan="2">
<widget class="QCheckBox" name="chkProtectSystem">
<property name="text">
<string>Protect sandboxed SYSTEM processes from unprivileged unsandboxed processes</string>
</property>
</widget>
</item>
<item row="8" column="0" colspan="2">
<item row="5" column="1" colspan="2">
<widget class="QCheckBox" name="chkAddToJob">
<property name="text">
<string>Add sandboxed processes to job objects (recommended)</string>
</property>
</widget>
</item>
<item row="11" column="0" colspan="3">
<widget class="QLabel" name="label_18">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text">
<string>Lift security restrictions</string>
</property>
</widget>
</item>
<item row="4" column="0">
<widget class="QLabel" name="label_22">
<property name="font">
<font>
@ -1239,7 +1453,7 @@ For files access you can use 'Direct All' instead to make it apply to all progra
<string>Protect the sandbox integrity itself</string>
</property>
<property name="text">
<string>Sandbox Isolation</string>
<string>Sandbox isolation</string>
</property>
</widget>
</item>
@ -1247,6 +1461,53 @@ For files access you can use 'Direct All' instead to make it apply to all progra
</item>
</layout>
</widget>
<widget class="QWidget" name="tab_2">
<attribute name="title">
<string>Auto Exec</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_35">
<item row="1" column="1">
<widget class="QPushButton" name="btnAddAutoExec">
<property name="text">
<string>Add Command</string>
</property>
</widget>
</item>
<item row="2" column="1">
<spacer name="verticalSpacer_18">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="1">
<widget class="QPushButton" name="btnDelAutoExec">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="0" column="0">
<widget class="QLabel" name="label_33">
<property name="text">
<string>Here you can specify a list of commands that are executed every time the sandbox is initially populated.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="1" column="0" rowspan="3">
<widget class="QListWidget" name="lstAutoExec"/>
</item>
</layout>
</widget>
<widget class="QWidget" name="tabHideProcesses">
<property name="font">
<font>
@ -1294,7 +1555,7 @@ For files access you can use 'Direct All' instead to make it apply to all progra
<item row="4" column="1">
<widget class="QPushButton" name="btnDelProcess">
<property name="text">
<string>Remove Process</string>
<string>Remove</string>
</property>
</widget>
</item>
@ -1376,7 +1637,61 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
<layout class="QGridLayout" name="gridLayout_34">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_32">
<item row="9" column="1">
<item row="10" column="2">
<spacer name="horizontalSpacer">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="7" column="1">
<widget class="QCheckBox" name="chkGuiTrace">
<property name="text">
<string>GUI Trace</string>
</property>
</widget>
</item>
<item row="6" column="1">
<widget class="QCheckBox" name="chkIpcTrace">
<property name="text">
<string>IPC Trace</string>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="QCheckBox" name="chkPipeTrace">
<property name="text">
<string>Pipe Trace</string>
</property>
</widget>
</item>
<item row="2" column="0">
<widget class="QLabel" name="label_19">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<property name="text">
<string>Access Tracing</string>
</property>
</widget>
</item>
<item row="9" column="1" colspan="2">
<widget class="QCheckBox" name="chkDbgTrace">
<property name="text">
<string>Log Debug Output to the Trace Log</string>
</property>
</widget>
</item>
<item row="10" column="1">
<spacer name="verticalSpacer_2">
<property name="orientation">
<enum>Qt::Vertical</enum>
@ -1389,10 +1704,17 @@ Note: Forced Programs and Force Folders settings for a sandbox do not apply to
</property>
</spacer>
</item>
<item row="4" column="1">
<widget class="QCheckBox" name="chkPipeTrace">
<item row="3" column="1">
<widget class="QCheckBox" name="chkFileTrace">
<property name="text">
<string>Pipe Trace</string>
<string>File Trace</string>
</property>
</widget>
</item>
<item row="5" column="1">
<widget class="QCheckBox" name="chkKeyTrace">
<property name="text">
<string>Key Trace</string>
</property>
</widget>
</item>
@ -1416,64 +1738,17 @@ instead of &quot;*&quot;.</string>
</property>
</widget>
</item>
<item row="2" column="0">
<widget class="QLabel" name="label_19">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
</font>
</property>
<item row="8" column="1">
<widget class="QCheckBox" name="chkComTrace">
<property name="text">
<string>Access Tracing</string>
<string>COM Class Trace</string>
</property>
</widget>
</item>
<item row="7" column="1">
<widget class="QCheckBox" name="chkGuiTrace">
<item row="8" column="2">
<widget class="QLabel" name="label_28">
<property name="text">
<string>GUI Trace</string>
</property>
</widget>
</item>
<item row="5" column="1">
<widget class="QCheckBox" name="chkKeyTrace">
<property name="text">
<string>Key Trace</string>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QCheckBox" name="chkFileTrace">
<property name="text">
<string>File Trace</string>
</property>
</widget>
</item>
<item row="9" column="2">
<spacer name="horizontalSpacer">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="6" column="1">
<widget class="QCheckBox" name="chkIpcTrace">
<property name="text">
<string>IPC Trace</string>
</property>
</widget>
</item>
<item row="8" column="1" colspan="2">
<widget class="QCheckBox" name="chkDbgTrace">
<property name="text">
<string>Log Debug Output to the Trace Log</string>
<string>&lt;- for this one the above does not apply</string>
</property>
</widget>
</item>
@ -1502,8 +1777,8 @@ instead of &quot;*&quot;.</string>
<rect>
<x>0</x>
<y>0</y>
<width>98</width>
<height>28</height>
<width>530</width>
<height>312</height>
</rect>
</property>
<layout class="QGridLayout" name="dbgLayout">

170
SandboxiePlus/SandMan/Forms/SettingsWindow.ui
View File

@ -45,7 +45,7 @@
<enum>QTabWidget::North</enum>
</property>
<property name="currentIndex">
<number>0</number>
<number>1</number>
</property>
<widget class="QWidget" name="tabGeneral">
<attribute name="title">
@ -64,14 +64,10 @@
</property>
</widget>
</item>
<item row="8" column="1">
<widget class="QCheckBox" name="chkShowTray">
<property name="text">
<string>Show Sys-Tray</string>
</property>
</widget>
<item row="0" column="1">
<widget class="QComboBox" name="uiLang"/>
</item>
<item row="10" column="1">
<item row="11" column="1">
<spacer name="verticalSpacer_4">
<property name="orientation">
<enum>Qt::Vertical</enum>
@ -84,47 +80,14 @@
</property>
</spacer>
</item>
<item row="1" column="1">
<widget class="QCheckBox" name="chkDarkTheme">
<item row="3" column="1" colspan="2">
<widget class="QCheckBox" name="chkAutoUpdate">
<property name="text">
<string>Use Dark Theme</string>
<string>Check periodically for updates of Sandboxie-Plus</string>
</property>
</widget>
</item>
<item row="10" column="0">
<spacer name="horizontalSpacer_9">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="4" column="1" colspan="2">
<widget class="QCheckBox" name="chkShellMenu">
<property name="text">
<string>Add 'Run Sandboxed' to the explorer context menu</string>
</property>
</widget>
</item>
<item row="10" column="2">
<spacer name="horizontalSpacer_8">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="9" column="0">
<widget class="QLabel" name="label_18">
<property name="text">
<string>On main window close:</string>
@ -141,27 +104,44 @@
</property>
</widget>
</item>
<item row="0" column="2">
<widget class="QLabel" name="label">
<item row="10" column="1">
<widget class="QComboBox" name="onClose"/>
</item>
<item row="1" column="1">
<widget class="QCheckBox" name="chkDarkTheme">
<property name="text">
<string>Restart required (!)</string>
</property>
<property name="alignment">
<set>Qt::AlignCenter</set>
<string>Use Dark Theme</string>
</property>
</widget>
</item>
<item row="0" column="1">
<widget class="QComboBox" name="uiLang"/>
</item>
<item row="6" column="1">
<widget class="QCheckBox" name="chkWatchConfig">
<item row="4" column="1" colspan="2">
<widget class="QCheckBox" name="chkShellMenu">
<property name="text">
<string>Watch Sandboxie.ini for changes</string>
<string>Add 'Run Sandboxed' to the explorer context menu</string>
</property>
</widget>
</item>
<item row="7" column="0">
<item row="9" column="1">
<widget class="QCheckBox" name="chkShowTray">
<property name="text">
<string>Show Sys-Tray</string>
</property>
</widget>
</item>
<item row="11" column="2">
<spacer name="horizontalSpacer_8">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="8" column="0">
<widget class="QLabel" name="label_5">
<property name="font">
<font>
@ -174,13 +154,43 @@
</property>
</widget>
</item>
<item row="9" column="1">
<widget class="QComboBox" name="onClose"/>
</item>
<item row="3" column="1" colspan="2">
<widget class="QCheckBox" name="chkAutoUpdate">
<item row="0" column="2">
<widget class="QLabel" name="label">
<property name="text">
<string>Check periodically for updates of Sandboxie-Plus</string>
<string>Restart required (!)</string>
</property>
<property name="alignment">
<set>Qt::AlignCenter</set>
</property>
</widget>
</item>
<item row="11" column="0">
<spacer name="horizontalSpacer_9">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="6" column="1" colspan="2">
<widget class="QCheckBox" name="chkSandboxUrls">
<property name="text">
<string>Open urls from this ui sandboxed</string>
</property>
<property name="tristate">
<bool>true</bool>
</property>
</widget>
</item>
<item row="7" column="1">
<widget class="QCheckBox" name="chkWatchConfig">
<property name="text">
<string>Watch Sandboxie.ini for changes</string>
</property>
</widget>
</item>
@ -297,21 +307,27 @@
<item row="1" column="0">
<widget class="QLabel" name="label_15">
<property name="text">
<string>Sandbox file system root: </string>
<string>Sandbox &lt;a href=&quot;sbie://docs/filerootpath&quot;&gt;file system root&lt;/a&gt;: </string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
<property name="openExternalLinks">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="0">
<widget class="QLabel" name="label_17">
<property name="text">
<string>Sandbox ipc root: </string>
<string>Sandbox &lt;a href=&quot;sbie://docs/ipcrootpath&quot;&gt;ipc root&lt;/a&gt;: </string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
<property name="openExternalLinks">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="1" colspan="2">
@ -320,17 +336,13 @@
<item row="3" column="0">
<widget class="QLabel" name="label_16">
<property name="text">
<string>Sandbox registry root: </string>
<string>Sandbox &lt;a href=&quot;sbie://docs/keyrootpath&quot;&gt;registry root&lt;/a&gt;: </string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="2" column="1" colspan="2">
<widget class="QCheckBox" name="chkSeparateUserFolders">
<property name="text">
<string>Separate user folders</string>
<property name="openExternalLinks">
<bool>true</bool>
</property>
</widget>
</item>
@ -354,6 +366,20 @@
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QCheckBox" name="chkSeparateUserFolders">
<property name="text">
<string>Separate user folders</string>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QCheckBox" name="chkAutoRoot">
<property name="text">
<string>Portable root folder</string>
</property>
</widget>
</item>
</layout>
</item>
</layout>

12
SandboxiePlus/SandMan/Models/ResMonModel.cpp
View File

@ -1,6 +1,7 @@
#include "stdafx.h"
#include "ResMonModel.h"
#include "../MiscHelpers/Common/Common.h"
#include "../SbiePlusAPI.h"
CResMonModel::CResMonModel(QObject *parent)
:CListItemModel(parent)
@ -79,8 +80,8 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
case eProcess: Value = pEntry->GetProcessId(); break;
case eTimeStamp: Value = pEntry->GetTimeStamp(); break;
case eType: Value = pEntry->GetTypeStr(); break;
case eValue: Value = pEntry->GetValue(); break;
case eStatus: Value = pEntry->GetStautsStr(); break;
case eValue: Value = pEntry->GetValue(); break;
}
SResLogNode::SValue& ColValue = pNode->Values[section];
@ -93,7 +94,12 @@ void CResMonModel::Sync(const QList<CResLogEntryPtr>& List, QSet<quint64> PIDs)
switch (section)
{
case eProcess: ColValue.Formated = QString::number(pEntry->GetProcessId()); break;
case eProcess:
{
CBoxedProcessPtr pProcess = theAPI->GetProcessById(pEntry->GetProcessId());
ColValue.Formated = QString("%1 (%2)").arg(pProcess.isNull() ? tr("Unknown") : pProcess->GetProcessName()).arg(pEntry->GetProcessId());
break;
}
case eTimeStamp: ColValue.Formated = pEntry->GetTimeStamp().toString("hh:mm:ss.zzz"); break;
//case eType: ColValue.Formated = ; break;
//case eValue: ColValue.Formated = ; break;
@ -141,8 +147,8 @@ QVariant CResMonModel::headerData(int section, Qt::Orientation orientation, int
case eProcess: return tr("Process");
case eTimeStamp: return tr("Time Stamp");
case eType: return tr("Type");
case eValue: return tr("Value");
case eStatus: return tr("Status");
case eValue: return tr("Value");
}
}
return QVariant();

2
SandboxiePlus/SandMan/Models/ResMonModel.h
View File

@ -23,8 +23,8 @@ public:
eProcess = 0,
eTimeStamp,
eType,
eValue,
eStatus,
eValue,
eCount
};

41
SandboxiePlus/SandMan/Models/SbieModel.cpp
View File

@ -2,7 +2,7 @@
#include "SbieModel.h"
#include "../../MiscHelpers/Common/Common.h"
#include "../../MiscHelpers/Common/IconExtreactor.h"
#include <QFileIconProvider>
CSbieModel::CSbieModel(QObject *parent)
:CTreeItemModel(parent)
@ -66,12 +66,22 @@ bool CSbieModel::TestProcPath(const QList<QVariant>& Path, const QString& BoxNam
return Path.size() == Index;
}
QString CSbieModel__AddGroupMark(const QString& Name)
{
return Name.isEmpty() ? "" : ("!" + Name);
}
QString CSbieModel__RemoveGroupMark(const QString& Name)
{
return Name.left(1) == "!" ? Name.mid(1) : Name;
}
QString CSbieModel::FindParent(const QVariant& Name, const QMap<QString, QStringList>& Groups)
{
for(auto I = Groups.begin(); I != Groups.end(); ++I)
{
if (I.value().contains(Name.toString(), Qt::CaseInsensitive))
return I.key();
if (I.value().contains(CSbieModel__RemoveGroupMark(Name.toString()), Qt::CaseInsensitive))
return CSbieModel__AddGroupMark(I.key());
}
return QString();
}
@ -99,7 +109,7 @@ QList<QVariant> CSbieModel::Sync(const QMap<QString, CSandBoxPtr>& BoxList, cons
{
if (Group.isEmpty())
continue;
QVariant ID = Group;
QVariant ID = CSbieModel__AddGroupMark(Group);
QHash<QVariant, STreeNode*>::iterator I = Old.find(ID);
SSandBoxNode* pNode = I != Old.end() ? static_cast<SSandBoxNode*>(I.value()) : NULL;
@ -227,6 +237,8 @@ bool CSbieModel::Sync(const CSandBoxPtr& pBox, const QList<QVariant>& Path, cons
int ActiveCount = 0;
QFileIconProvider IconProvider;
foreach(const CBoxedProcessPtr& pProc, ProcessList)
{
QSharedPointer<CSbieProcess> pProcess = pProc.objectCast<CSbieProcess>();
@ -272,11 +284,15 @@ bool CSbieModel::Sync(const CSandBoxPtr& pBox, const QList<QVariant>& Path, cons
if (pNode->Icon.isNull())
{
PixmapEntryList icons = extractIcons(pProcess->GetFileName(), false);
if (icons.isEmpty())
//PixmapEntryList icons = extractIcons(pProcess->GetFileName(), false);
//if (icons.isEmpty())
// pNode->Icon = m_ExeIcon;
//else
// pNode->Icon = icons.first().pixmap;
pNode->Icon = IconProvider.icon(QFileInfo(pProcess->GetFileName()));
if (pNode->Icon.isNull() || !pNode->Icon.isValid())
pNode->Icon = m_ExeIcon;
else
pNode->Icon = icons.first().pixmap;
}
for (int section = 0; section < columnCount(); section++)
@ -293,7 +309,12 @@ bool CSbieModel::Sync(const CSandBoxPtr& pBox, const QList<QVariant>& Path, cons
//case eTitle: break; // todo
//case eLogCount: break; // todo Value = pProcess->GetResourceLog().count(); break;
case eTimeStamp: Value = pProcess->GetTimeStamp(); break;
case ePath: Value = pProcess->GetFileName(); break;
//case ePath: Value = pProcess->GetFileName(); break;
case ePath: {
QString CmdLine = pProcess->GetCommandLine();
Value = CmdLine.isEmpty() ? pProcess->GetFileName() : CmdLine;
break;
}
}
SSandBoxNode::SValue& ColValue = pNode->Values[section];
@ -394,7 +415,7 @@ QVariant CSbieModel::headerData(int section, Qt::Orientation orientation, int ro
//case eTitle: return tr("Title");
//case eLogCount: return tr("Log Count");
case eTimeStamp: return tr("Start Time");
case ePath: return tr("Path");
case ePath: return tr("Path / Command Line");
}
}
return QVariant();

232
SandboxiePlus/SandMan/SandMan.cpp
View File

@ -16,6 +16,9 @@
#include <QtConcurrent>
#include "../MiscHelpers/Common/SettingsWidgets.h"
#include "Windows/NewBoxWindow.h"
#include "Windows/OptionsWindow.h"
#include <QProxyStyle>
CSbiePlusAPI* theAPI = NULL;
@ -87,6 +90,10 @@ CSandMan::CSandMan(QWidget *parent)
theGUI = this;
QDesktopServices::setUrlHandler("http", this, "OpenUrl");
QDesktopServices::setUrlHandler("https", this, "OpenUrl");
QDesktopServices::setUrlHandler("sbie", this, "OpenUrl");
m_DefaultStyle = QApplication::style()->objectName();
m_DefaultPalett = QApplication::palette();
@ -115,6 +122,10 @@ CSandMan::CSandMan(QWidget *parent)
m_bConnectPending = false;
m_bStopPending = false;
CPanelView::m_CopyCell = tr("Copy Cell");
CPanelView::m_CopyRow = tr("Copy Row");
CPanelView::m_CopyPanel = tr("Copy Panel");
CreateMenus();
m_pMainWidget = new QWidget();
@ -205,6 +216,24 @@ CSandMan::CSandMan(QWidget *parent)
m_pDisableForce2 = m_pTrayMenu->addAction(tr("Disable Forced Programs"), this, SLOT(OnDisableForce2()));
m_pDisableForce2->setCheckable(true);
m_pTrayMenu->addSeparator();
/*QWidgetAction* pBoxWidget = new QWidgetAction(m_pTrayMenu);
QWidget* pWidget = new QWidget();
pWidget->setMaximumHeight(200);
QGridLayout* pLayout = new QGridLayout();
pLayout->addWidget(pBar, 0, 0);
pWidget->setLayout(pLayout);
pBoxWidget->setDefaultWidget(pWidget);*/
/*QLabel* pLabel = new QLabel("test");
pLabel->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding);
pLabel->setAlignment(Qt::AlignCenter);
pBoxWidget->setDefaultWidget(pLabel);*/
//m_pTrayMenu->addAction(pBoxWidget);
//m_pTrayMenu->addSeparator();
m_pTrayMenu->addAction(m_pExit);
bool bAutoRun = QApplication::arguments().contains("-autorun");
@ -358,6 +387,7 @@ void CSandMan::CreateMenus()
m_pMenuOptions = menuBar()->addMenu(tr("&Options"));
m_pMenuSettings = m_pMenuOptions->addAction(CSandMan::GetIcon("Settings"), tr("Global Settings"), this, SLOT(OnSettings()));
m_pMenuResetMsgs = m_pMenuOptions->addAction(tr("Reset all hidden messages"), this, SLOT(OnResetMsgs()));
m_pMenuOptions->addSeparator();
m_pEditIni = m_pMenuOptions->addAction(CSandMan::GetIcon("EditIni"), tr("Edit ini file"), this, SLOT(OnEditIni()));
m_pReloadIni = m_pMenuOptions->addAction(CSandMan::GetIcon("ReloadIni"), tr("Reload ini file"), this, SLOT(OnReloadIni()));
@ -421,7 +451,7 @@ void CSandMan::CreateToolBar()
m_pToolBar->addSeparator();
m_pToolBar->addWidget(new QLabel(" "));
QLabel* pSupport = new QLabel("<a href=\"https://www.patreon.com/DavidXanatos\">Support Sandboxie-Plus on Patreon</a>");
QLabel* pSupport = new QLabel("<a href=\"https://sandboxie-plus.com/go.php?to=patreon\">Support Sandboxie-Plus on Patreon</a>");
pSupport->setTextInteractionFlags(Qt::TextBrowserInteraction);
connect(pSupport, SIGNAL(linkActivated(const QString&)), this, SLOT(OnHelp()));
m_pToolBar->addWidget(pSupport);
@ -489,8 +519,10 @@ void CSandMan::closeEvent(QCloseEvent *e)
bool CSandMan::IsFullyPortable()
{
QString SbiePath = theAPI->GetSbiePath();
QString AppPath = QApplication::applicationDirPath().replace("/", "\\");
return (theConf->IsPortable() && SbiePath.compare(AppPath, Qt::CaseInsensitive) == 0);
QString IniPath = theAPI->GetIniPath();
if (IniPath.indexOf(SbiePath, 0, Qt::CaseInsensitive) == 0)
return true;
return false;
}
void CSandMan::OnMessage(const QString& Message)
@ -508,9 +540,9 @@ void CSandMan::OnMessage(const QString& Message)
if (Status != "OK")
{
if(m_bStopPending)
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to stop all sandboxie components"));
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to stop all Sandboxie components"));
else if(m_bConnectPending)
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to start required sandboxie components"));
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to start required Sandboxie components"));
OnLogMessage(tr("Maintenance operation %1").arg(Status));
CheckResults(QList<SB_STATUS>() << SB_ERR(SB_Message, QVariantList() << Status));
@ -648,17 +680,38 @@ void CSandMan::OnSelectionChanged()
void CSandMan::OnStatusChanged()
{
bool isConnected = theAPI->IsConnected();
QString appTitle = tr("Sandboxie-Plus v%1").arg(GetVersion());
if (theAPI->IsConnected())
if (isConnected)
{
OnLogMessage(tr("Sbie Directory: %1").arg(theAPI->GetSbiePath()));
OnLogMessage(tr("Loaded Config: %1").arg(theAPI->GetIniPath()));
statusBar()->showMessage(tr("Driver version: %1").arg(theAPI->GetVersion()));
//appTitle.append(tr(" - Driver: v%1").arg(theAPI->GetVersion()));
if(IsFullyPortable())
if (IsFullyPortable())
{
appTitle.append(tr(" - Portable"));
OnLogMessage(tr("Sbie Directory: %1").arg(theAPI->GetSbiePath()));
OnLogMessage(tr("Loaded Config: %1").arg(theAPI->GetIniPath()));
int PortableRootDir = theConf->GetInt("Options/PortableRootDir", -1);
if (PortableRootDir == -1)
{
bool State = false;
PortableRootDir = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Sandboxie-Plus was started in portable mode, do you want to put the SandBox folder into its parent directory?")
, tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Yes ? 1 : 0;
if (State)
theConf->SetValue("Options/PortableRootDir", PortableRootDir);
}
if (PortableRootDir)
{
QString BoxPath = QDir::cleanPath(QApplication::applicationDirPath() + "/../Sandbox/%SANDBOX%").replace("/", "\\");
theAPI->GetGlobalSettings()->SetText("FileRootPath", BoxPath);
}
}
if (theConf->GetBool("Options/AutoRunSoftCompat", true))
{
@ -670,6 +723,8 @@ void CSandMan::OnStatusChanged()
}
}
m_pBoxView->Clear();
OnIniReloaded();
if (theConf->GetBool("Options/WatchIni", true))
@ -677,11 +732,28 @@ void CSandMan::OnStatusChanged()
}
else
{
appTitle.append(tr(" - Driver NOT connected").arg(theAPI->GetVersion()));
appTitle.append(tr(" - NOT connected").arg(theAPI->GetVersion()));
m_pBoxView->Clear();
theAPI->WatchIni(false);
}
this->setWindowTitle(appTitle);
m_pNew->setEnabled(isConnected);
m_pEmptyAll->setEnabled(isConnected);
m_pDisableForce->setEnabled(isConnected);
m_pDisableForce2->setEnabled(isConnected);
//m_pCleanUpMenu->setEnabled(isConnected);
//m_pCleanUpButton->setEnabled(isConnected);
//m_pKeepTerminated->setEnabled(isConnected);
m_pEditIni->setEnabled(isConnected);
m_pReloadIni->setEnabled(isConnected);
m_pEnableMonitoring->setEnabled(isConnected);
m_pEnableLogging->setEnabled(isConnected);
}
void CSandMan::OnMenuHover(QAction* action)
@ -780,17 +852,19 @@ void CSandMan::OpenRecovery(const QString& BoxName)
pRecoveryWindow->show();
}
SB_PROGRESS CSandMan::RecoverFiles(const QList<QPair<QString, QString>>& FileList)
SB_PROGRESS CSandMan::RecoverFiles(const QList<QPair<QString, QString>>& FileList, int Action)
{
CSbieProgressPtr pProgress = CSbieProgressPtr(new CSbieProgress());
QtConcurrent::run(CSandMan::RecoverFilesAsync, pProgress, FileList);
QtConcurrent::run(CSandMan::RecoverFilesAsync, pProgress, FileList, Action);
return SB_PROGRESS(OP_ASYNC, pProgress);
}
void CSandMan::RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList<QPair<QString, QString>>& FileList)
void CSandMan::RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList<QPair<QString, QString>>& FileList, int Action)
{
SB_STATUS Status = SB_OK;
int OverwriteOnExist = -1;
QStringList Unrecovered;
for (QList<QPair<QString, QString>>::const_iterator I = FileList.begin(); I != FileList.end(); ++I)
{
@ -802,16 +876,59 @@ void CSandMan::RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList<
pProgress->ShowMessage(tr("Recovering file %1 to %2").arg(FileName).arg(RecoveryFolder));
QDir().mkpath(RecoveryFolder);
if (QFile::exists(RecoveryPath))
{
int Overwrite = OverwriteOnExist;
if (Overwrite == -1)
{
bool forAll = false;
int retVal = 0;
QMetaObject::invokeMethod(theGUI, "ShowQuestion", Qt::BlockingQueuedConnection, // show this question using the GUI thread
Q_RETURN_ARG(int, retVal),
Q_ARG(QString, tr("The file %1 already exists, do you want to overwrite it?").arg(RecoveryPath)),
Q_ARG(QString, tr("Do this for all files!")),
Q_ARG(bool*, &forAll),
Q_ARG(int, QDialogButtonBox::Yes | QDialogButtonBox::No),
Q_ARG(int, QDialogButtonBox::No)
);
Overwrite = retVal == QDialogButtonBox::Yes ? 1 : 0;
if (forAll)
OverwriteOnExist = Overwrite;
}
if (Overwrite == 1)
QFile::remove(RecoveryPath);
}
if (!QFile::rename(BoxPath, RecoveryPath))
Unrecovered.append(BoxPath);
}
if (!Unrecovered.isEmpty())
Status = SB_ERR(SB_Message, QVariantList () << (tr("Failed to recover some files: \n") + Unrecovered.join("\n")));
else if(FileList.count() == 1 && Action != 0)
{
std::wstring path = FileList.first().second.toStdWString();
switch (Action)
{
case 1: // open
ShellExecute(NULL, NULL, path.c_str(), NULL, NULL, SW_SHOWNORMAL);
break;
case 2: // explore
ShellExecute(NULL, NULL, L"explorer.exe", (L"/select,\"" + path + L"\"").c_str(), NULL, SW_SHOWNORMAL);
break;
}
}
pProgress->Finish(Status);
}
int CSandMan::ShowQuestion(const QString& question, const QString& checkBoxText, bool* checkBoxSetting, int buttons, int defaultButton)
{
return CCheckableMessageBox::question(this, "Sandboxie-Plus", question, checkBoxText, checkBoxSetting, (QDialogButtonBox::StandardButtons)buttons, (QDialogButtonBox::StandardButton)defaultButton, QMessageBox::Question);
}
void CSandMan::OnNotAuthorized(bool bLoginRequired, bool& bRetry)
{
if (!bLoginRequired)
@ -896,8 +1013,10 @@ SB_STATUS CSandMan::ConnectSbie()
Status = CSbieUtils::Start(CSbieUtils::eAll);
}
if (Status.GetStatus() == OP_ASYNC)
if (Status.GetStatus() == OP_ASYNC) {
m_bConnectPending = true;
return SB_OK;
}
else if (!Status.IsError())
Status = ConnectSbieImpl();
@ -1077,12 +1196,40 @@ void CSandMan::UpdateSettings()
m_pTrayIcon->hide();
}
void CSandMan::OnResetMsgs()
{
auto Ret = QMessageBox("Sandboxie-Plus", tr("Do you also want to reset hidden message boxes (yes), or only all log messages (no)?"),
QMessageBox::Question, QMessageBox::Yes | QMessageBox::Default, QMessageBox::No, QMessageBox::Cancel | QMessageBox::Escape).exec();
if (Ret == QMessageBox::Cancel)
return;
if (Ret == QMessageBox::Yes)
{
theConf->SetValue("Options/PortableStop", -1);
theConf->SetValue("Options/PortableStart", -1);
theConf->SetValue("Options/PortableRootDir", -1);
theConf->SetValue("Options/CheckForUpdates", 2);
theConf->SetValue("Options/NoEditInfo", true);
theConf->SetValue("Options/ApiLogInfo", true);
theConf->SetValue("Options/OpenUrlsSandboxed", 2);
}
theAPI->GetUserSettings()->UpdateTextList("SbieCtrl_HideMessage", QStringList(), true);
m_pPopUpWindow->ReloadHiddenMessages();
}
void CSandMan::OnEditIni()
{
if (theConf->GetBool("Options/NoEditInfo", true))
{
bool State = false;
CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("The changes will be applied automatically as soon as the editor is closed.")
CCheckableMessageBox::question(this, "Sandboxie-Plus",
theConf->GetBool("Options/WatchIni", true)
? tr("The changes will be applied automatically whenever the file gets saved.")
: tr("The changes will be applied automatically as soon as the editor is closed.")
, tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information);
if (State)
@ -1145,8 +1292,8 @@ void CSandMan::OnSetLogging()
{
if (theConf->GetBool("Options/ApiLogInfo", true))
{
QString Message = tr("To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sand boxes.\n"
"Please download the latest release and set it up with the sandboxie.ini as instructed in the README.md of the project.");
QString Message = tr("To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.\n"
"Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.");
bool State = false;
CCheckableMessageBox::question(this, "Sandboxie-Plus", Message
@ -1235,16 +1382,16 @@ QString CSandMan::FormatError(const SB_STATUS& Error)
{
case SB_Generic: return tr("Error Status: %1").arg(Error.GetStatus());
case SB_Message: Message = "%1"; break;
case SB_NeedAdmin: Message = tr("Admin rights required."); break;
case SB_NeedAdmin: Message = tr("Administrator rights are required for this operation."); break;
case SB_ExecFail: Message = tr("Failed to execute: %1"); break;
case SB_DriverFail: Message = tr("Failed to connect to driver"); break;
case SB_DriverFail: Message = tr("Failed to connect to the driver"); break;
case SB_ServiceFail: Message = tr("Failed to communicate with Sandboxie Service: %1"); break;
case SB_Incompatible: Message = tr("Can't find Sandboxie instal path."); break;
case SB_PathFail: Message = tr("Incompatible Version, found Sandboxie %1, compatible versions: %2"); break;
case SB_Incompatible: Message = tr("An incompatible Sandboxie %1 was found. Compatible versions: %2"); break;
case SB_PathFail: Message = tr("Can't find Sandboxie installation path."); break;
case SB_FailedCopyConf: Message = tr("Failed to copy configuration from sandbox %1: %2"); break;
case SB_AlreadyExists: Message = tr("A sandbox of the name %1 already exists"); break;
case SB_DeleteFailed: Message = tr("Failed to delete sandbox %1: %2"); break;
case SB_NameLenLimit: Message = tr("The sandbox name can not be longer than 32 charakters."); break;
case SB_NameLenLimit: Message = tr("The sandbox name can not be longer than 32 characters."); break;
case SB_BadNameDev: Message = tr("The sandbox name can not be a device name."); break;
case SB_BadNameChar: Message = tr("The sandbox name can contain only letters, digits and underscores which are displayed as spaces."); break;
case SB_FailedKillAll: Message = tr("Failed to terminate all processes"); break;
@ -1259,7 +1406,7 @@ QString CSandMan::FormatError(const SB_STATUS& Error)
case SB_SnapNotFound: Message = tr("Snapshot not found"); break;
case SB_SnapMergeFail: Message = tr("Error merging snapshot directories '%1' with '%2', the snapshot has not been fully merged."); break;
case SB_SnapRmDirFail: Message = tr("Failed to remove old snapshot directory '%1'"); break;
case SB_SnapIsShared: Message = tr("Can't remove a snapshots that is shared by multiple later snapshots"); break;
case SB_SnapIsShared: Message = tr("Can't remove a snapshot that is shared by multiple later snapshots"); break;
case SB_SnapDelRegFail: Message = tr("Failed to remove old RegHive"); break;
case SB_NotAuthorized: Message = tr("You are not authorized to update configuration in section '%1'"); break;
case SB_ConfigFailed: Message = tr("Failed to set configuration setting %1 in section %2: %3"); break;
@ -1268,7 +1415,7 @@ QString CSandMan::FormatError(const SB_STATUS& Error)
}
foreach(const QVariant& Arg, Error.GetArgs())
Message.arg(Arg.toString()); // todo: make quint32 hex and so on
Message = Message.arg(Arg.toString()); // todo: make quint32 hex and so on
return Message;
}
@ -1342,6 +1489,27 @@ void CSandMan::OnSysTray(QSystemTrayIcon::ActivationReason Reason)
}
}
void CSandMan::OpenUrl(const QUrl& url)
{
if (url.scheme() == "sbie")
return OpenUrl("https://sandboxie-plus.com/sandboxie" + url.path());
int iSandboxed = theConf->GetInt("Options/OpenUrlsSandboxed", 2);
if (iSandboxed == 2)
{
bool bCheck = false;
QString Message = tr("Do you want to open %1 in a sandboxed (yes) or unsandboxed (no) Web browser?").arg(url.toString());
QDialogButtonBox::StandardButton Ret = CCheckableMessageBox::question(this, "Sandboxie-Plus", Message , tr("Remember choice for later."),
&bCheck, QDialogButtonBox::Yes | QDialogButtonBox::No | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Question);
if (Ret == QDialogButtonBox::Cancel) return;
iSandboxed = Ret == QDialogButtonBox::Yes ? 1 : 0;
if(bCheck) theConf->SetValue("Options/OpenUrlsSandboxed", iSandboxed);
}
if (iSandboxed) theAPI->RunStart("__ask__", url.toString());
else ShellExecute(MainWndHandle, NULL, url.toString().toStdWString().c_str(), NULL, NULL, SW_SHOWNORMAL);
}
QString CSandMan::GetVersion()
{
@ -1383,7 +1551,7 @@ void CSandMan::CheckForUpdates(bool bManual)
Query.addQueryItem("update_key", UpdateKey);
Query.addQueryItem("auto", bManual ? "0" : "1");
QUrl Url("https://xanasoft.com/update.php");
QUrl Url("https://sandboxie-plus.com/update.php");
Url.setQuery(Query);
QNetworkRequest Request = QNetworkRequest(Url);
@ -1511,7 +1679,7 @@ void CSandMan::OnUpdateCheck()
theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t());
if (bManual)
QMessageBox::information(this, "Sandboxie-Plus", tr("No new updates found, your Sandboxie-Plus is up to date."));
QMessageBox::information(this, "Sandboxie-Plus", tr("No new updates found, your Sandboxie-Plus is up-to-date."));
}
}
@ -1566,13 +1734,13 @@ void CSandMan::OnUpdateDownload()
void CSandMan::OnHelp()
{
if (sender() == m_pSupport)
QDesktopServices::openUrl(QUrl("https://xanasoft.com/go.php?to=donate"));
QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=donate"));
else if (sender() == m_pForum)
QDesktopServices::openUrl(QUrl("https://xanasoft.com/go.php?to=forum"));
QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-forum"));
else if (sender() == m_pManual)
QDesktopServices::openUrl(QUrl("https://xanasoft.com/go.php?to=sbie-docs"));
QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-docs"));
else
QDesktopServices::openUrl(QUrl("https://www.patreon.com/DavidXanatos"));
QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=patreon"));
}
void CSandMan::OnAbout()
@ -1585,7 +1753,7 @@ void CSandMan::OnAbout()
"<p>Copyright (c) 2020-2021 by DavidXanatos</p>"
).arg(GetVersion());
QString AboutText = tr(
"<p>Sandboxie-Plus is an open source continuation of the well known Sandboxie.</p>"
"<p>Sandboxie-Plus is an open source continuation of Sandboxie.</p>"
"<p></p>"
"<p>Visit <a href=\"https://sandboxie-plus.com\">sandboxie-plus.com</a> for more information.</p>"
"<p></p>"
@ -1669,7 +1837,7 @@ void CSandMan::LoadLanguage()
}
if (!m_LanguageId)
m_LanguageId = 1033; // default to englich
m_LanguageId = 1033; // default to English
}
//////////////////////////////////////////////////////////////////////////////////////////

16
SandboxiePlus/SandMan/SandMan.h
View File

@ -14,7 +14,7 @@
#define VERSION_MJR 0
#define VERSION_MIN 5
#define VERSION_REV 2
#define VERSION_REV 4
#define VERSION_UPD 0
@ -38,7 +38,7 @@ public:
static QString GetVersion();
SB_PROGRESS RecoverFiles(const QList<QPair<QString, QString>>& FileList);
SB_PROGRESS RecoverFiles(const QList<QPair<QString, QString>>& FileList, int Action = 0);
void AddAsyncOp(const CSbieProgressPtr& pProgress);
static QString FormatError(const SB_STATUS& Error);
@ -46,15 +46,15 @@ public:
static QIcon GetIcon(const QString& Name);
bool IsFullyPortable();
protected:
SB_STATUS ConnectSbie();
SB_STATUS ConnectSbieImpl();
SB_STATUS DisconnectSbie();
SB_STATUS StopSbie(bool andRemove = false);
static void RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList<QPair<QString, QString>>& FileList);
bool IsFullyPortable();
static void RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList<QPair<QString, QString>>& FileList, int Action = 0);
void closeEvent(QCloseEvent *e);
void timerEvent(QTimerEvent* pEvent);
@ -98,6 +98,10 @@ public slots:
void CheckForUpdates(bool bManual = true);
void OpenUrl(const QUrl& url);
int ShowQuestion(const QString& question, const QString& checkBoxText, bool* checkBoxSetting, int buttons, int defaultButton);
private slots:
void OnSelectionChanged();
@ -114,6 +118,7 @@ private slots:
void OnSetKeep();
void OnSettings();
void OnResetMsgs();
void OnEditIni();
void OnReloadIni();
void OnSetMonitoring();
@ -193,6 +198,7 @@ private:
QMenu* m_pMenuOptions;
QAction* m_pMenuSettings;
QAction* m_pMenuResetMsgs;
QAction* m_pEditIni;
QAction* m_pReloadIni;
QAction* m_pEnableMonitoring;

8
SandboxiePlus/SandMan/SandMan.vcxproj
View File

@ -75,6 +75,11 @@
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
<IntDir>$(Platform)\$(Configuration)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LibraryPath>$(SolutionDir)$(Platform)\$(Configuration)\;$(LibraryPath)</LibraryPath>
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
<IntDir>$(Platform)\$(Configuration)\</IntDir>
</PropertyGroup>
<ImportGroup Condition="Exists('$(QtMsBuild)\qt_defaults.props')">
<Import Project="$(QtMsBuild)\qt_defaults.props" />
</ImportGroup>
@ -252,6 +257,9 @@
</ItemGroup>
<ItemGroup>
<None Include="sandman_de.ts" />
<None Include="sandman_pt.ts" />
<None Include="sandman_ru.ts" />
<None Include="sandman_zh.ts" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Condition="Exists('$(QtMsBuild)\qt.targets')">

9
SandboxiePlus/SandMan/SandMan.vcxproj.filters
View File

@ -194,5 +194,14 @@
<None Include="sandman_de.ts">
<Filter>Translation Files</Filter>
</None>
<None Include="sandman_pt.ts">
<Filter>Translation Files</Filter>
</None>
<None Include="sandman_ru.ts">
<Filter>Translation Files</Filter>
</None>
<None Include="sandman_zh.ts">
<Filter>Translation Files</Filter>
</None>
</ItemGroup>
</Project>

87
SandboxiePlus/SandMan/SbiePlusAPI.cpp
View File

@ -70,16 +70,16 @@ void CSandBoxPlus::UpdateDetails()
m_bDropRights = GetBool("DropAdminRights", false);
if (CheckOpenToken())
if (CheckOpenToken() || GetBool("StripSystemPrivileges", false))
m_iUnsecureDebugging = 1;
else if(GetBool("ExposeBoxedSystem", false) || GetBool("UnrestrictedSCM", false))
else if(GetBool("ExposeBoxedSystem", false) || GetBool("UnrestrictedSCM", false) || GetBool("RunServicesAsSystem", false))
m_iUnsecureDebugging = 2;
else
m_iUnsecureDebugging = 0;
//GetBool("SandboxieLogon", false)
m_bSecurityRestricted = m_iUnsecureDebugging == 0 && (GetBool("DropAdminRights", false) || GetBool("ProtectRpcSs", false) || !GetBool("OpenDefaultClsid", true));
m_bSecurityRestricted = m_iUnsecureDebugging == 0 && (GetBool("DropAdminRights", false) /*|| GetBool("ProtectRpcSs", false)*/);
CSandBox::UpdateDetails();
}
@ -195,6 +195,46 @@ void SetInStrList(QStringList& list, const QString& str, bool bSet)
}
}
bool CSandBoxPlus::TestProgramGroup(const QString& Group, const QString& ProgName)
{
QStringList ProcessGroups = GetTextList("ProcessGroup", false);
foreach(const QString & ProcessGroup, ProcessGroups)
{
StrPair GroupPaths = Split2(ProcessGroup, ",");
if (GroupPaths.first.compare(Group, Qt::CaseInsensitive) == 0)
{
QStringList Programs = SplitStr(GroupPaths.second, ",");
return FindInStrList(Programs, ProgName) != Programs.end();
}
}
return false;
}
void CSandBoxPlus::EditProgramGroup(const QString& Group, const QString& ProgName, bool bSet)
{
QStringList ProcessGroups = GetTextList("ProcessGroup", false);
QStringList Programs;
QStringList::iterator I = ProcessGroups.begin();
for (; I != ProcessGroups.end(); ++I)
{
StrPair GroupPaths = Split2(*I, ",");
if (GroupPaths.first.compare(Group, Qt::CaseInsensitive) == 0)
{
Programs = SplitStr(GroupPaths.second, ",");
break;
}
}
if (I == ProcessGroups.end())
I = ProcessGroups.insert(I, "");
SetInStrList(Programs, ProgName, bSet);
*I = Group + "," + Programs.join(",");
UpdateTextList("ProcessGroup", ProcessGroups, false);
}
void CSandBoxPlus::BlockProgram(const QString& ProgName)
{
bool WhiteList = false;
@ -219,27 +259,30 @@ void CSandBoxPlus::BlockProgram(const QString& ProgName)
InsertText("ClosedIpcPath", "<StartRunAccess>,*");
}
QStringList ProcessGroups = GetTextList("ProcessGroup", false);
EditProgramGroup("<StartRunAccess>", ProgName, !WhiteList);
}
QStringList Programs;
QStringList::iterator I = ProcessGroups.begin();
for (; I != ProcessGroups.end(); ++I)
{
StrPair GroupPaths = Split2(*I, ",");
if (GroupPaths.first == "<StartRunAccess>")
{
Programs = SplitStr(GroupPaths.second, ",");
break;
}
}
if (I == ProcessGroups.end())
I = ProcessGroups.insert(I, "");
void CSandBoxPlus::SetInternetAccess(const QString& ProgName, bool bSet)
{
EditProgramGroup("<InternetAccess>", ProgName, bSet);
}
SetInStrList(Programs, ProgName, !WhiteList);
bool CSandBoxPlus::HasInternetAccess(const QString& ProgName)
{
return TestProgramGroup("<InternetAccess>", ProgName);
}
*I = "<StartRunAccess>," + Programs.join(",");
void CSandBoxPlus::SetForcedProgram(const QString& ProgName, bool bSet)
{
QStringList Programs = GetTextList("ForceProcess", false);
SetInStrList(Programs, ProgName, bSet);
UpdateTextList("ForceProcess", Programs, false);
}
UpdateTextList("ProcessGroup", ProcessGroups, false);
bool CSandBoxPlus::IsForcedProgram(const QString& ProgName)
{
QStringList Programs = GetTextList("ForceProcess", false);
return FindInStrList(Programs, ProgName) != Programs.end();
}
void CSandBoxPlus::SetLingeringProgram(const QString& ProgName, bool bSet)
@ -281,7 +324,7 @@ QString CSbieProcess::GetStatusStr() const
{
if (m_uTerminated != 0)
return tr("Terminated");
if (m_bSuspended)
return tr("Suspended");
//if (m_bSuspended)
// return tr("Suspended");
return tr("Running");
}

11
SandboxiePlus/SandMan/SbiePlusAPI.h
View File

@ -51,6 +51,10 @@ public:
virtual bool IsUnsecureDebugging() const { return m_iUnsecureDebugging != 0; }
virtual void BlockProgram(const QString& ProgName);
virtual void SetInternetAccess(const QString& ProgName, bool bSet);
virtual bool HasInternetAccess(const QString& ProgName);
virtual void SetForcedProgram(const QString& ProgName, bool bSet);
virtual bool IsForcedProgram(const QString& ProgName);
virtual void SetLingeringProgram(const QString& ProgName, bool bSet);
virtual int IsLingeringProgram(const QString& ProgName);
virtual void SetLeaderProgram(const QString& ProgName, bool bSet);
@ -65,6 +69,9 @@ protected:
friend class CSbiePlusAPI;
virtual bool CheckOpenToken() const;
virtual bool TestProgramGroup(const QString& Group, const QString& ProgName);
virtual void EditProgramGroup(const QString& Group, const QString& ProgName, bool bSet);
bool m_bLogApiFound;
bool m_bINetBlocked;
bool m_bSharesAllowed;
@ -91,6 +98,10 @@ public:
virtual QString GetStatusStr() const;
virtual void BlockProgram() { GetBox()->BlockProgram(m_ImageName); }
virtual void SetInternetAccess(bool bSet) { GetBox()->SetInternetAccess(m_ImageName, bSet); }
virtual bool HasInternetAccess() { return GetBox()->HasInternetAccess(m_ImageName); }
virtual void SetForcedProgram(bool bSet) { GetBox()->SetForcedProgram(m_ImageName, bSet); }
virtual bool IsForcedProgram() { return GetBox()->IsForcedProgram(m_ImageName); }
virtual void SetLingeringProgram(bool bSet) { GetBox()->SetLingeringProgram(m_ImageName, bSet); }
virtual int IsLingeringProgram() { return GetBox()->IsLingeringProgram(m_ImageName); }
virtual void SetLeaderProgram(bool bSet) { GetBox()->SetLeaderProgram(m_ImageName, bSet); }

97
SandboxiePlus/SandMan/Views/SbieView.cpp
View File

@ -71,7 +71,7 @@ CSbieView::CSbieView(QWidget* parent) : CPanelView(parent)
m_iMenuRun = m_pMenuRun->actions().count();
m_pMenuEmptyBox = m_pMenu->addAction(CSandMan::GetIcon("EmptyAll"), tr("Terminate All Programs"), this, SLOT(OnSandBoxAction()));
m_pMenu->addSeparator();
m_pMenuMkLink = m_pMenu->addAction(CSandMan::GetIcon("MkLink"), tr("Create Desktop Shortcut"), this, SLOT(OnSandBoxAction()));
m_pMenuMkLink = m_pMenu->addAction(CSandMan::GetIcon("MkLink"), tr("Create Shortcut"), this, SLOT(OnSandBoxAction()));
m_pMenu->addSeparator();
m_pMenuExplore = m_pMenu->addAction(CSandMan::GetIcon("Explore"), tr("Explore Content"), this, SLOT(OnSandBoxAction()));
m_pMenuSnapshots = m_pMenu->addAction(CSandMan::GetIcon("Snapshots"), tr("Snapshots Manager"), this, SLOT(OnSandBoxAction()));
@ -98,6 +98,7 @@ CSbieView::CSbieView(QWidget* parent) : CPanelView(parent)
m_pMenuTerminate = m_pMenu->addAction(CSandMan::GetIcon("Remove"), tr("Terminate"), this, SLOT(OnProcessAction()));
m_pMenuTerminate->setShortcut(QKeySequence::Delete);
m_pMenuLinkTo = m_pMenu->addAction(CSandMan::GetIcon("MkLink"), tr("Create Shortcut"), this, SLOT(OnProcessAction()));
this->addAction(m_pMenuTerminate);
m_pMenuTerminate->setShortcutContext(Qt::WidgetWithChildrenShortcut);
m_pMenuPreset = m_pMenu->addMenu(CSandMan::GetIcon("Presets"), tr("Preset"));
@ -107,12 +108,16 @@ CSbieView::CSbieView(QWidget* parent) : CPanelView(parent)
m_pMenuBlackList->setShortcut(QKeySequence("Shift+Del"));
m_pMenuBlackList->setShortcutContext(Qt::WidgetWithChildrenShortcut);
this->addAction(m_pMenuBlackList);
m_pMenuAllowInternet = m_pMenuPreset->addAction(tr("Allow internet access"), this, SLOT(OnProcessAction()));
m_pMenuAllowInternet->setCheckable(true);
m_pMenuMarkForced = m_pMenuPreset->addAction(tr("Force into this sandbox"), this, SLOT(OnProcessAction()));
m_pMenuMarkForced->setCheckable(true);
m_pMenuMarkLinger = m_pMenuPreset->addAction(tr("Set Linger Process"), this, SLOT(OnProcessAction()));
m_pMenuMarkLinger->setCheckable(true);
m_pMenuMarkLeader = m_pMenuPreset->addAction(tr("Set Leader Process"), this, SLOT(OnProcessAction()));
m_pMenuMarkLeader->setCheckable(true);
m_pMenuSuspend = m_pMenu->addAction(tr("Suspend"), this, SLOT(OnProcessAction()));
m_pMenuResume = m_pMenu->addAction(tr("Resume"), this, SLOT(OnProcessAction()));
//m_pMenuSuspend = m_pMenu->addAction(tr("Suspend"), this, SLOT(OnProcessAction()));
//m_pMenuResume = m_pMenu->addAction(tr("Resume"), this, SLOT(OnProcessAction()));
m_iMenuProc = m_pMenu->actions().count();
QByteArray Columns = theConf->GetBlob("MainWindow/BoxTree_Columns");
@ -130,6 +135,12 @@ CSbieView::~CSbieView()
theConf->SetBlob("MainWindow/BoxTree_Columns", m_pSbieTree->saveState());
}
void CSbieView::Clear()
{
m_Groups.clear();
m_pSbieModel->Clear();
}
void CSbieView::Refresh()
{
QList<QVariant> Added = m_pSbieModel->Sync(theAPI->GetAllBoxes(), m_Groups);
@ -172,11 +183,19 @@ void CSbieView::OnToolTipCallback(const QVariant& ID, QString& ToolTip)
void CSbieView::OnMenu(const QPoint& Point)
{
QList<QAction*> MenuActions = m_pMenu->actions();
bool isConnected = theAPI->IsConnected();
if (isConnected) {
foreach(QAction * pAction, MenuActions)
pAction->setEnabled(true);
}
CSandBoxPtr pBox;
CBoxedProcessPtr pProcess;
int iProcessCount = 0;
int iSandBoxeCount = 0;
int iSuspendedCount = 0;
//int iSuspendedCount = 0;
QModelIndexList Rows = m_pSbieTree->selectedRows();
foreach(const QModelIndex& Index, Rows)
{
@ -185,8 +204,8 @@ void CSbieView::OnMenu(const QPoint& Point)
if (pProcess)
{
iProcessCount++;
if (pProcess->IsSuspended())
iSuspendedCount++;
//if (pProcess->IsSuspended())
// iSuspendedCount++;
}
else
{
@ -196,7 +215,6 @@ void CSbieView::OnMenu(const QPoint& Point)
}
}
QList<QAction*> MenuActions = m_pMenu->actions();
for (int i = 0; i < m_iMenuTop; i++)
MenuActions[i]->setVisible(iSandBoxeCount == 0 && iProcessCount == 0);
@ -227,6 +245,8 @@ void CSbieView::OnMenu(const QPoint& Point)
for (int i = m_iMenuBox; i < m_iMenuProc; i++)
MenuActions[i]->setVisible(iProcessCount > 0 && iSandBoxeCount == 0);
m_pMenuLinkTo->setEnabled(iProcessCount == 1);
if (!pProcess.isNull()) {
CSandBoxPlus* pBoxPlus = pProcess.objectCast<CSbieProcess>()->GetBox();
QStringList RunOptions = pBoxPlus->GetTextList("RunCommand", true);
@ -252,13 +272,23 @@ void CSbieView::OnMenu(const QPoint& Point)
m_pMenuPinToRun->setChecked(!FoundPin.isEmpty());
m_pMenuPinToRun->setData(FoundPin);
m_pMenuAllowInternet->setChecked(pProcess.objectCast<CSbieProcess>()->HasInternetAccess());
m_pMenuMarkForced->setChecked(pProcess.objectCast<CSbieProcess>()->IsForcedProgram());
int isLingering = pProcess.objectCast<CSbieProcess>()->IsLingeringProgram();
m_pMenuMarkLinger->setChecked(isLingering != 0);
m_pMenuMarkLinger->setEnabled(isLingering != 2);
m_pMenuMarkLeader->setChecked(pProcess.objectCast<CSbieProcess>()->IsLeaderProgram());
}
m_pMenuSuspend->setEnabled(iProcessCount > iSuspendedCount);
m_pMenuResume->setEnabled(iSuspendedCount > 0);
//m_pMenuSuspend->setEnabled(iProcessCount > iSuspendedCount);
//m_pMenuResume->setEnabled(iSuspendedCount > 0);
if (!isConnected) {
foreach(QAction * pAction, MenuActions)
pAction->setEnabled(false);
}
CPanelView::OnMenu(Point);
}
@ -283,7 +313,10 @@ int CSbieView__ParseGroup(const QString& Grouping, QMap<QString, QStringList>& m
if (pos == -1)
break;
if (Grouping.at(pos) == "(")
{
m_Groups[Name] = QStringList();
Index = CSbieView__ParseGroup(Grouping, m_Groups, Name, Index);
}
else if (Grouping.at(pos) == ")")
break;
}
@ -298,6 +331,11 @@ void CSbieView::ReloadGroups()
CSbieView__ParseGroup(Grouping, m_Groups);
UpdateGroupMenu();
}
void CSbieView::UpdateGroupMenu()
{
// update move to menu
foreach(QAction* pAction, m_pMenuMoveTo->actions())
m_pMenuMoveTo->removeAction(pAction);
@ -338,8 +376,7 @@ void CSbieView::OnGroupAction()
if (m_pSbieModel->GetType(ModelIndex) == CSbieModel::eGroup)
Parent = m_pSbieModel->GetID(ModelIndex).toString();
if (!Parent.isEmpty())
m_Groups[Parent].append(Name);
m_Groups[Parent].append(Name);
}
else if (Action == m_pDelGroupe)
{
@ -390,6 +427,7 @@ void CSbieView::OnGroupAction()
QString Grouping = CSbieView__SerializeGroup(m_Groups);
theAPI->GetUserSettings()->SetText("BoxDisplayOrder", Grouping);
UpdateGroupMenu();
}
void CSbieView::OnSandBoxAction()
@ -546,6 +584,27 @@ void CSbieView::OnProcessAction()
{
if (Action == m_pMenuTerminate)
Results.append(pProcess->Terminate());
else if (Action == m_pMenuLinkTo)
{
QString BoxName = pProcess->GetBoxName();
QString LinkName = pProcess->GetProcessName();
QString LinkPath = pProcess->GetFileName();
QString Path = QStandardPaths::writableLocation(QStandardPaths::DesktopLocation).replace("/", "\\");
//Path = QFileDialog::getExistingDirectory(this, tr("Select Directory to create Shorcut in"), Path).replace("/", "\\");
//if (Path.isEmpty())
// return;
if (Path.right(1) != "\\")
Path.append("\\");
Path += "[" + BoxName + "] " + LinkName;
Path = QFileDialog::getSaveFileName(this, tr("Create Shortcut to sandbox %1").arg(BoxName), Path, QString("Shortcut files (*.lnk)")).replace("/", "\\");
if (Path.isEmpty())
return;
CSbieUtils::CreateShortcut(theAPI, Path, LinkName, BoxName, LinkPath, LinkPath);
}
else if (Action == m_pMenuPinToRun)
{
CSandBoxPlus* pBoxPlus = pProcess.objectCast<CSbieProcess>()->GetBox();
@ -569,14 +628,26 @@ void CSbieView::OnProcessAction()
Results.append(pProcess->Terminate());
pProcess.objectCast<CSbieProcess>()->BlockProgram();
}
else if (Action == m_pMenuAllowInternet)
{
if (!pProcess.objectCast<CSbieProcess>()->GetBox()->IsINetBlocked())
{
if (QMessageBox("Sandboxie-Plus", tr("This box does not have Internet restrictions in place, do you want to enable them?"), QMessageBox::Warning, QMessageBox::Yes, QMessageBox::No | QMessageBox::Default | QMessageBox::Escape, QMessageBox::NoButton).exec() != QMessageBox::Yes)
return;
pProcess.objectCast<CSbieProcess>()->GetBox()->SetINetBlock(true);
}
pProcess.objectCast<CSbieProcess>()->SetInternetAccess(m_pMenuAllowInternet->isChecked());
}
else if (Action == m_pMenuMarkForced)
pProcess.objectCast<CSbieProcess>()->SetForcedProgram(m_pMenuMarkForced->isChecked());
else if (Action == m_pMenuMarkLinger)
pProcess.objectCast<CSbieProcess>()->SetLingeringProgram(m_pMenuMarkLinger->isChecked());
else if (Action == m_pMenuMarkLeader)
pProcess.objectCast<CSbieProcess>()->SetLeaderProgram(m_pMenuMarkLeader->isChecked());
else if (Action == m_pMenuSuspend)
/*else if (Action == m_pMenuSuspend)
Results.append(pProcess->SetSuspend(true));
else if (Action == m_pMenuResume)
Results.append(pProcess->SetSuspend(false));
Results.append(pProcess->SetSuspend(false));*/
}
CSandMan::CheckResults(Results);

10
SandboxiePlus/SandMan/Views/SbieView.h
View File

@ -21,6 +21,7 @@ signals:
void RecoveryRequested(const QString& BoxName);
public slots:
void Clear();
void Refresh();
void ReloadGroups();
@ -45,6 +46,8 @@ protected:
private:
void UpdateGroupMenu();
QVBoxLayout* m_pMainLayout;
QTreeViewEx* m_pSbieTree;
@ -81,13 +84,16 @@ private:
int m_iMenuBox;
QAction* m_pMenuTerminate;
QAction* m_pMenuLinkTo;
QMenu* m_pMenuPreset;
QAction* m_pMenuBlackList;
QAction* m_pMenuAllowInternet;
QAction* m_pMenuMarkForced;
QAction* m_pMenuMarkLinger;
QAction* m_pMenuMarkLeader;
QAction* m_pMenuPinToRun;
QAction* m_pMenuSuspend;
QAction* m_pMenuResume;
//QAction* m_pMenuSuspend;
//QAction* m_pMenuResume;
int m_iMenuProc;
int m_iMenuRun;

8
SandboxiePlus/SandMan/Windows/NewBoxWindow.cpp
View File

@ -25,6 +25,8 @@ CNewBoxWindow::CNewBoxWindow(QWidget *parent)
connect(ui.radCopy, SIGNAL(toggled(bool)), this, SLOT(OnPreset()));
ui.radTemplate->setChecked(true);
ui.txtName->setFocus();
restoreGeometry(theConf->GetBlob("NewBoxWindow/Window_Geometry"));
}
@ -72,11 +74,15 @@ void CNewBoxWindow::CreateBox()
{
case eHardened:
pBox.objectCast<CSandBoxPlus>()->SetBool("DropAdminRights", true);
pBox.objectCast<CSandBoxPlus>()->SetBool("ProtectRpcSs", true);
//pBox.objectCast<CSandBoxPlus>()->SetBool("ProtectRpcSs", true); // not compatible with RunServicesAsSystem=n which is on by default
pBox.objectCast<CSandBoxPlus>()->SetBool("ClosePrintSpooler", true);
pBox.objectCast<CSandBoxPlus>()->SetBool("OpenSmartCard", false);
break;
case eLegacy:
pBox.objectCast<CSandBoxPlus>()->SetBool("UnrestrictedSCM", true);
pBox.objectCast<CSandBoxPlus>()->SetBool("ExposeBoxedSystem", true);
//pBox.objectCast<CSandBoxPlus>()->SetBool("RunServicesAsSystem", true); // legacy behavioure but there should be no normal use cases which require this
pBox.objectCast<CSandBoxPlus>()->SetBool("OpenPrintSpooler", true);
break;
}
}

248
SandboxiePlus/SandMan/Windows/OptionsWindow.cpp
View File

@ -143,8 +143,12 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
connect(ui.btnBorderColor, SIGNAL(pressed()), this, SLOT(OnPickColor()));
connect(ui.spinBorderWidth, SIGNAL(valueChanged(int)), this, SLOT(OnGeneralChanged()));
connect(ui.chkBlockShare, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkBlockNetShare, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkBlockNetParam, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkDropRights, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkBlockSpooler, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkOpenSpooler, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkPrintToFile, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.txtCopyLimit, SIGNAL(textChanged(const QString&)), this, SLOT(OnGeneralChanged()));
connect(ui.chkCopyLimit, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
@ -153,9 +157,21 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
connect(ui.chkProtectBox, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.chkAutoEmpty, SIGNAL(clicked(bool)), this, SLOT(OnGeneralChanged()));
connect(ui.btnAddExe, SIGNAL(clicked(bool)), this, SLOT(OnBrowsePath()));
connect(ui.btnAddCmd, SIGNAL(clicked(bool)), this, SLOT(OnAddCommand()));
QMenu* pRunBtnMenu = new QMenu(ui.btnAddFile);
pRunBtnMenu->addAction(tr("Browse for Program"), this, SLOT(OnBrowsePath()));
ui.btnAddCmd->setPopupMode(QToolButton::MenuButtonPopup);
ui.btnAddCmd->setMenu(pRunBtnMenu);
connect(ui.btnDelCmd, SIGNAL(clicked(bool)), this, SLOT(OnDelCommand()));
connect(ui.btnAddAutoExe, SIGNAL(clicked(bool)), this, SLOT(OnAddAutoCmd()));
QMenu* pAutoBtnMenu = new QMenu(ui.btnAddFile);
pAutoBtnMenu->addAction(tr("Browse for Program"), this, SLOT(OnAddAutoExe()));
ui.btnAddAutoExe->setPopupMode(QToolButton::MenuButtonPopup);
ui.btnAddAutoExe->setMenu(pAutoBtnMenu);
connect(ui.btnAddAutoExe, SIGNAL(clicked(bool)), this, SLOT(OnAddAutoExe()));
connect(ui.btnAddAutoSvc, SIGNAL(clicked(bool)), this, SLOT(OnDelAutoSvc()));
connect(ui.btnDelAuto, SIGNAL(clicked(bool)), this, SLOT(OnDelAuto()));
//
// Groupes
@ -204,7 +220,7 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
ui.btnAddFile->setMenu(pFileBtnMenu);
connect(ui.btnAddKey, SIGNAL(pressed()), this, SLOT(OnAddKey()));
connect(ui.btnAddIPC, SIGNAL(pressed()), this, SLOT(OnAddIPC()));
connect(ui.btnAddClsId, SIGNAL(pressed()), this, SLOT(OnAddClsId()));
connect(ui.btnAddWnd, SIGNAL(pressed()), this, SLOT(OnAddWnd()));
connect(ui.btnAddCOM, SIGNAL(pressed()), this, SLOT(OnAddCOM()));
// todo: add priority by order
ui.btnMoveUp->setVisible(false);
@ -231,13 +247,15 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
connect(ui.chkNoWindowRename, SIGNAL(clicked(bool)), this, SLOT(OnNoWindowRename()));
//connect(ui.chkNoDefaultCOM, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkProtectSCM, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkRestrictServices, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkProtectRpcSs, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkProtectSystem, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkOpenCredentials, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkOpenProtectedStorage, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkOpenSmartCard, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
//connect(ui.chkOpenLsaEndpoint, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkAddToJob, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@ -246,8 +264,12 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
connect(ui.chkKeyTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkIpcTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkGuiTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkComTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkDbgTrace, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.btnAddAutoExec, SIGNAL(pressed()), this, SLOT(OnAddAutoExec()));
connect(ui.btnDelAutoExec, SIGNAL(pressed()), this, SLOT(OnDelAutoExec()));
connect(ui.chkHideOtherBoxes, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.btnAddProcess, SIGNAL(pressed()), this, SLOT(OnAddProcess()));
connect(ui.btnDelProcess, SIGNAL(pressed()), this, SLOT(OnDelProcess()));
@ -292,6 +314,8 @@ COptionsWindow::COptionsWindow(const QSharedPointer<CSbieIni>& pBox, const QStri
QByteArray
Columns = theConf->GetBlob("OptionsWindow/Run_Columns");
if (!Columns.isEmpty()) ui.treeRun->header()->restoreState(Columns);
Columns = theConf->GetBlob("OptionsWindow/AutoRun_Columns");
if (!Columns.isEmpty()) ui.treeAutoStart->header()->restoreState(Columns);
Columns = theConf->GetBlob("OptionsWindow/Groups_Columns");
if (!Columns.isEmpty()) ui.treeGroups->header()->restoreState(Columns);
Columns = theConf->GetBlob("OptionsWindow/Forced_Columns");
@ -315,6 +339,7 @@ COptionsWindow::~COptionsWindow()
theConf->SetBlob("OptionsWindow/Window_Geometry",saveGeometry());
theConf->SetBlob("OptionsWindow/Run_Columns", ui.treeRun->header()->saveState());
theConf->SetBlob("OptionsWindow/AutoRun_Columns", ui.treeAutoStart->header()->saveState());
theConf->SetBlob("OptionsWindow/Groups_Columns", ui.treeGroups->header()->saveState());
theConf->SetBlob("OptionsWindow/Forced_Columns", ui.treeForced->header()->saveState());
theConf->SetBlob("OptionsWindow/Stop_Columns", ui.treeStop->header()->saveState());
@ -370,8 +395,20 @@ void COptionsWindow::LoadConfig()
if (!BorderWidth) BorderWidth = 6;
ui.spinBorderWidth->setValue(BorderWidth);
ui.chkBlockShare->setChecked(m_pBox->GetBool("BlockNetworkFiles", true));
ui.chkBlockNetShare->setChecked(m_pBox->GetBool("BlockNetworkFiles", true));
ui.chkBlockNetParam->setChecked(m_pBox->GetBool("BlockNetParam", true));
ui.chkDropRights->setChecked(m_pBox->GetBool("DropAdminRights", false));
ui.chkBlockSpooler->setChecked(m_pBox->GetBool("ClosePrintSpooler", false));
ui.chkOpenSpooler->setChecked(m_pBox->GetBool("OpenPrintSpooler", false));
ui.chkOpenSpooler->setEnabled(!ui.chkBlockSpooler->isChecked());
ui.chkPrintToFile->setChecked(m_pBox->GetBool("AllowSpoolerPrintToFile", false));
ui.chkPrintToFile->setEnabled(!ui.chkBlockSpooler->isChecked());
ui.treeAutoStart->clear();
foreach(const QString & Value, m_pBox->GetTextList("StartProgram", m_Template))
AddAutoRunItem(Value, 0);
foreach(const QString & Value, m_pBox->GetTextList("StartService", m_Template))
AddAutoRunItem(Value, 1);
ui.treeRun->clear();
foreach(const QString& Value, m_pBox->GetTextList("RunCommand", m_Template))
@ -422,26 +459,37 @@ void COptionsWindow::LoadConfig()
{
ui.chkPreferExternalManifest->setChecked(m_pBox->GetBool("PreferExternalManifest", false));
//ui.chkNoDefaultCOM->setChecked(!m_pBox->GetBool("OpenDefaultClsid", true));
ui.chkProtectSCM->setChecked(!m_pBox->GetBool("UnrestrictedSCM", false));
ui.chkProtectRpcSs->setChecked(m_pBox->GetBool("ProtectRpcSs", false));
ui.chkRestrictServices->setChecked(!m_pBox->GetBool("RunServicesAsSystem", false));
ui.chkProtectRpcSs->setEnabled(!ui.chkRestrictServices->isChecked());
ui.chkProtectRpcSs->setChecked(ui.chkProtectRpcSs->isEnabled() && m_pBox->GetBool("ProtectRpcSs", false));
ui.chkProtectSystem->setChecked(!m_pBox->GetBool("ExposeBoxedSystem", false));
ui.chkOpenProtectedStorage->setChecked(m_pBox->GetBool("OpenProtectedStorage", false));
ui.chkOpenCredentials->setEnabled(!ui.chkOpenProtectedStorage->isChecked());
ui.chkOpenCredentials->setChecked(m_pBox->GetBool("OpenCredentials", false));
ui.chkOpenCredentials->setChecked(!ui.chkOpenCredentials->isEnabled() || m_pBox->GetBool("OpenCredentials", false));
ui.chkOpenSmartCard->setChecked(m_pBox->GetBool("OpenSmartCard", true));
//ui.chkOpenLsaEndpoint->setChecked(m_pBox->GetBool("OpenLsaEndpoint", false));
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
QStringList AutoExec = m_pBox->GetTextList("AutoExec", m_Template);
ui.lstAutoExec->clear();
ui.lstAutoExec->addItems(AutoExec);
ReadAdvancedCheck("FileTrace", ui.chkFileTrace, "*");
ReadAdvancedCheck("PipeTrace", ui.chkPipeTrace, "*");
ReadAdvancedCheck("KeyTrace", ui.chkKeyTrace, "*");
ReadAdvancedCheck("IpcTrace", ui.chkIpcTrace, "*");
ReadAdvancedCheck("GuiTrace", ui.chkGuiTrace, "*");
ReadAdvancedCheck("ClsidTrace", ui.chkComTrace, "*");
ui.chkDbgTrace->setChecked(m_pBox->GetBool("DebugTrace", false));
ui.chkHideOtherBoxes->setChecked(m_pBox->GetBool("HideOtherBoxes", false));
QStringList Processes = m_pBox->GetTextList("HideHostProcess", false);
QStringList Processes = m_pBox->GetTextList("HideHostProcess", m_Template);
ui.lstProcesses->clear();
ui.lstProcesses->addItems(Processes);
@ -507,15 +555,32 @@ void COptionsWindow::SaveConfig()
BorderCfg.append(QString::number(ui.spinBorderWidth->value()));
m_pBox->SetText("BorderColor", BorderCfg.join(","));
m_pBox->SetBool("BlockNetworkFiles", ui.chkBlockShare->isChecked());
m_pBox->SetBool("BlockNetworkFiles", ui.chkBlockNetShare->isChecked());
m_pBox->SetBool("BlockNetParam", ui.chkBlockNetParam->isChecked());
m_pBox->SetBool("DropAdminRights", ui.chkDropRights->isChecked());
m_pBox->SetBool("ClosePrintSpooler", ui.chkBlockSpooler->isChecked());
m_pBox->SetBool("OpenPrintSpooler", ui.chkOpenSpooler->isChecked());
m_pBox->SetBool("AllowSpoolerPrintToFile", ui.chkPrintToFile->isChecked());
QStringList StartProgram;
QStringList StartService;
for (int i = 0; i < ui.treeAutoStart->topLevelItemCount(); i++) {
QTreeWidgetItem* pItem = ui.treeAutoStart->topLevelItem(i);
if (pItem->data(0, Qt::UserRole).toInt())
StartService.append(pItem->text(1));
else
StartProgram.append(pItem->text(1));
}
m_pBox->UpdateTextList("StartProgram", StartProgram, m_Template);
m_pBox->UpdateTextList("StartService", StartService, m_Template);
QStringList RunCommands;
for (int i = 0; i < ui.treeRun->topLevelItemCount(); i++) {
QTreeWidgetItem* pItem = ui.treeRun->topLevelItem(i);
RunCommands.append(pItem->text(0) + "|" + pItem->text(1));
}
theAPI->GetGlobalSettings()->UpdateTextList("RunCommand", RunCommands, m_Template);
m_pBox->UpdateTextList("RunCommand", RunCommands, m_Template);
m_pBox->SetNum("CopyLimitKb", ui.chkCopyLimit->isChecked() ? ui.txtCopyLimit->text().toInt() : -1);
@ -562,21 +627,33 @@ void COptionsWindow::SaveConfig()
if (ui.chkPreferExternalManifest->isChecked()) m_pBox->SetBool("PreferExternalManifest", true);
else m_pBox->DelValue("PreferExternalManifest");
//WriteAdvancedCheck(ui.chkNoDefaultCOM, "OpenDefaultClsid", "n", "");
WriteAdvancedCheck(ui.chkProtectSCM, "UnrestrictedSCM", "", "y");
WriteAdvancedCheck(ui.chkProtectRpcSs, "ProtectRpcSs", "y", "");
WriteAdvancedCheck(ui.chkRestrictServices, "RunServicesAsSystem", "", "y");
if(ui.chkProtectRpcSs->isEnabled())
WriteAdvancedCheck(ui.chkProtectRpcSs, "ProtectRpcSs", "y", "");
WriteAdvancedCheck(ui.chkProtectSystem, "ExposeBoxedSystem", "", "y");
WriteAdvancedCheck(ui.chkOpenProtectedStorage, "OpenProtectedStorage", "y", "");
WriteAdvancedCheck(ui.chkOpenCredentials, "OpenCredentials", "y", "");
if(ui.chkOpenCredentials->isEnabled())
WriteAdvancedCheck(ui.chkOpenCredentials, "OpenCredentials", "y", "");
WriteAdvancedCheck(ui.chkOpenSmartCard, "OpenSmartCard", "", "n");
//WriteAdvancedCheck(ui.chkOpenLsaEndpoint, "OpenLsaEndpoint", "y", "");
WriteAdvancedCheck(ui.chkAddToJob, "NoAddProcessToJob", "", "y");
QStringList AutoExec;
for (int i = 0; i < ui.lstAutoExec->count(); i++)
AutoExec.append(ui.lstAutoExec->item(i)->text());
m_pBox->UpdateTextList("AutoExec", AutoExec, m_Template);
WriteAdvancedCheck(ui.chkFileTrace, "FileTrace", "*");
WriteAdvancedCheck(ui.chkPipeTrace, "PipeTrace", "*");
WriteAdvancedCheck(ui.chkKeyTrace, "KeyTrace", "*");
WriteAdvancedCheck(ui.chkIpcTrace, "IpcTrace", "*");
WriteAdvancedCheck(ui.chkGuiTrace, "GuiTrace", "*");
WriteAdvancedCheck(ui.chkComTrace, "ClsidTrace", "*");
WriteAdvancedCheck(ui.chkDbgTrace, "DebugTrace", "y");
WriteAdvancedCheck(ui.chkHideOtherBoxes, "HideOtherBoxes");
@ -584,7 +661,7 @@ void COptionsWindow::SaveConfig()
QStringList Processes;
for (int i = 0; i < ui.lstProcesses->count(); i++)
Processes.append(ui.lstProcesses->item(i)->text());
m_pBox->UpdateTextList("HideHostProcess", Processes, false);
m_pBox->UpdateTextList("HideHostProcess", Processes, m_Template);
QStringList Users;
for (int i = 0; i < ui.lstUsers->count(); i++)
@ -642,6 +719,9 @@ void COptionsWindow::OnGeneralChanged()
ui.chkNoCopyWarn->setEnabled(ui.chkCopyLimit->isChecked());
ui.chkAutoEmpty->setEnabled(!ui.chkProtectBox->isChecked());
ui.chkOpenSpooler->setEnabled(!ui.chkBlockSpooler->isChecked());
ui.chkPrintToFile->setEnabled(!ui.chkBlockSpooler->isChecked());
}
void COptionsWindow::OnPickColor()
@ -654,6 +734,56 @@ void COptionsWindow::OnPickColor()
ui.btnBorderColor->setStyleSheet("background-color: " + m_BorderColor.name());
}
void COptionsWindow::OnAddAutoCmd()
{
QString Value = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter a program path"), QLineEdit::Normal);
if (Value.isEmpty())
return;
AddAutoRunItem(Value, 0);
m_GeneralChanged = true;
}
void COptionsWindow::OnAddAutoExe()
{
QString Value = QFileDialog::getOpenFileName(this, tr("Select Program"), "", tr("Executables (*.exe|*.cmd)")).replace("/", "\\");;
if (Value.isEmpty())
return;
AddAutoRunItem(Value, 0);
m_GeneralChanged = true;
}
void COptionsWindow::OnDelAutoSvc()
{
QString Value = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter a service identifier"), QLineEdit::Normal);
if (Value.isEmpty())
return;
AddAutoRunItem(Value, 1);
m_GeneralChanged = true;
}
void COptionsWindow::AddAutoRunItem(const QString& Value, int Type)
{
QTreeWidgetItem* pItem = new QTreeWidgetItem();
pItem->setText(0, Type ? tr("Service") : tr("Program"));
pItem->setData(0, Qt::UserRole, Type);
pItem->setText(1, Value);
pItem->setFlags(pItem->flags() | Qt::ItemIsEditable);
ui.treeAutoStart->addTopLevelItem(pItem);
}
void COptionsWindow::OnDelAuto()
{
QTreeWidgetItem* pItem = ui.treeAutoStart->currentItem();
if (!pItem)
return;
delete pItem;
m_GeneralChanged = true;
}
void COptionsWindow::OnBrowsePath()
{
QString Value = QFileDialog::getOpenFileName(this, tr("Select Program"), "", tr("Executables (*.exe|*.cmd)")).replace("/", "\\");;
@ -1230,7 +1360,9 @@ QString COptionsWindow::AccessTypeToName(EAccessEntry Type)
case eOpenWinClass: return "OpenWinClass";
case eOpenClsid: return "OpenClsid";
case eOpenCOM: return "OpenClsid";
case eClosedCOM: return "ClosedClsid";
case eClosedCOM_RT: return "ClosedRT";
}
return "Unknown";
}
@ -1280,9 +1412,11 @@ void COptionsWindow::ParseAndAddAccessEntry(EAccessEntry EntryType, const QStrin
case eOpenIpcPath: Type = eIPC; Mode = eDirect; break;
case eClosedIpcPath: Type = eIPC; Mode = eClosed; break;
case eOpenWinClass: Type = eWndCls; Mode = eDirect; break;
case eOpenWinClass: Type = eWnd; Mode = eDirect; break;
case eOpenClsid: Type = eClsId; Mode = eDirect; break;
case eOpenCOM: Type = eCOM; Mode = eDirect; break;
case eClosedCOM: Type = eCOM; Mode = eClosed; break;
case eClosedCOM_RT: Type = eCOM; Mode = eClosedRT; break;
default: return;
}
@ -1310,6 +1444,7 @@ QString COptionsWindow::GetAccessModeStr(EAccessMode Mode)
case eDirect: return "Direct";
case eDirectAll: return "Direct All";
case eClosed: return "Closed";
case eClosedRT: return "Closed RT";
case eReadOnly: return "Read Only";
case eWriteOnly: return "Write Only";
}
@ -1323,8 +1458,8 @@ QString COptionsWindow::GetAccessTypeStr(EAccessType Type)
case eFile: return "File/Folder";
case eKey: return "Registry";
case eIPC: return "IPC Path";
case eWndCls: return "Wnd Class";
case eClsId: return "COM Object";
case eWnd: return "Wnd Class";
case eCOM: return "COM Object";
}
return "Unknown";
}
@ -1406,16 +1541,18 @@ QString COptionsWindow::MakeAccessStr(EAccessType Type, EAccessMode Mode)
case eClosed: return "ClosedIpcPath";
}
break;
case eWndCls:
case eWnd:
switch (Mode)
{
case eDirect: return "OpenWinClass";
}
break;
case eClsId:
case eCOM:
switch (Mode)
{
case eDirect: return "OpenClsid";
case eClosed: return "ClosedClsid";
case eClosedRT: return "ClosedRT";
}
break;
}
@ -1461,6 +1598,27 @@ void COptionsWindow::CloseAccessEdit(QTreeWidgetItem* pItem, bool bSave)
if (bSave)
{
if (pItem->data(0, Qt::UserRole).toInt() == eCOM)
{
bool isGUID = pPath->text().length() == 38 && pPath->text().left(1) == "{" && pPath->text().right(1) == "}";
switch (pMode->currentData().toInt())
{
case eDirect:
case eClosed:
if (!isGUID) {
QMessageBox::critical(this, "SandboxiePlus", tr("COM objects must be specified by their GUID, like: {00000000-0000-0000-0000-000000000000}"));
return;
}
break;
case eClosedRT:
if (isGUID) {
QMessageBox::critical(this, "SandboxiePlus", tr("RT interfaces must be specified by their name."));
return;
}
break;
}
}
pItem->setText(1, (pNot->isChecked() ? "NOT " : "") + pCombo->currentText());
pItem->setData(1, Qt::UserRole, (pNot->isChecked() ? "!" : "") + Program);
pItem->setText(2, GetAccessModeStr((EAccessMode)pMode->currentData().toInt()));
@ -1483,8 +1641,10 @@ QList<COptionsWindow::EAccessMode> COptionsWindow::GetAccessModes(EAccessType Ty
case eFile: return QList<EAccessMode>() << eDirect << eDirectAll << eClosed << eReadOnly << eWriteOnly;
case eKey: return QList<EAccessMode>() << eDirect << eClosed << eReadOnly << eWriteOnly;
case eIPC: return QList<EAccessMode>() << eDirect << eClosed;
case eWnd: return QList<EAccessMode>() << eDirect;
case eCOM: return QList<EAccessMode>() << eDirect << eClosed << eClosedRT;
}
return QList<EAccessMode>() << eDirect;
return QList<EAccessMode>();
}
void COptionsWindow::OnAccessItemDoubleClicked(QTreeWidgetItem* pItem, int Column)
@ -1567,9 +1727,11 @@ void COptionsWindow::OnDelAccess()
void COptionsWindow::SaveAccessList()
{
CloseAccessEdit(true);
QStringList Keys = QStringList() << "OpenFilePath" << "OpenPipePath" << "ClosedFilePath" << "ReadFilePath" << "WriteFilePath"
<< "OpenKeyPath" << "ClosedKeyPath" << "ReadKeyPath" << "WriteKeyPath"
<< "OpenIpcPath" << "ClosedIpcPath" << "OpenWinClass" << "OpenClsid";
<< "OpenIpcPath" << "ClosedIpcPath" << "OpenWinClass" << "OpenClsid" << "ClosedClsid" << "ClosedRT";
QMap<QString, QList<QString>> AccessMap;
for (int i = 0; i < ui.treeAccess->topLevelItemCount(); i++)
@ -1651,6 +1813,8 @@ void COptionsWindow::SaveRecoveryList()
m_pBox->UpdateTextList("RecoverFolder", RecoverFolder, m_Template);
m_pBox->UpdateTextList("AutoRecoverIgnore", AutoRecoverIgnore, m_Template);
m_pBox->SetBool("AutoRecover", ui.chkAutoRecovery->isChecked());
m_RecoveryChanged = false;
}
@ -1701,16 +1865,21 @@ void COptionsWindow::OnDelRecEntry()
void COptionsWindow::OnAdvancedChanged()
{
ui.chkProtectRpcSs->setEnabled(!ui.chkRestrictServices->isChecked());
if (!ui.chkProtectRpcSs->isEnabled()) ui.chkProtectRpcSs->setChecked(false);
ui.chkOpenCredentials->setEnabled(!ui.chkOpenProtectedStorage->isChecked());
if (!ui.chkOpenCredentials->isEnabled()) ui.chkOpenCredentials->setChecked(true);
m_AdvancedChanged = true;
}
void COptionsWindow::OnNoWindowRename()
{
if (ui.chkNoWindowRename->isChecked())
SetAccessEntry(eWndCls, "", eDirect, "#");
SetAccessEntry(eWnd, "", eDirect, "#");
else
DelAccessEntry(eWndCls, "", eDirect, "#");
DelAccessEntry(eWnd, "", eDirect, "#");
m_AdvancedChanged = true;
}
@ -1720,6 +1889,25 @@ void COptionsWindow::OnDebugChanged()
m_DebugOptions[pCheck].Changed = true;
}
void COptionsWindow::OnAddAutoExec()
{
QString Process = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter an auto exec command"));
if (Process.isEmpty())
return;
ui.lstAutoExec->addItem(Process);
m_AdvancedChanged = true;
}
void COptionsWindow::OnDelAutoExec()
{
foreach(QListWidgetItem * pItem, ui.lstAutoExec->selectedItems())
delete pItem;
m_AdvancedChanged = true;
}
void COptionsWindow::OnAddProcess()
{
QString Process = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter a program file name"));
@ -1959,15 +2147,19 @@ void COptionsWindow::OnTab()
else
ui.radStartAll->setChecked(true);
CopyGroupToList("<StartRunAccess>", ui.treeStart);
OnRestrictStart();
}
else if (ui.tabs->currentWidget() == ui.tabInternet)
{
ui.chkBlockINet->setChecked(GetAccessEntry(eFile, "!<InternetAccess>", eClosed, "InternetAccessDevices") != NULL);
CopyGroupToList("<InternetAccess>", ui.treeINet);
OnBlockINet();
}
else if (ui.tabs->currentWidget() == ui.tabAdvanced)
{
if (GetAccessEntry(eWndCls, "", eDirect, "*") != NULL)
if (GetAccessEntry(eWnd, "", eDirect, "*") != NULL)
{
ui.chkNoWindowRename->setEnabled(false);
ui.chkNoWindowRename->setChecked(true);
@ -1975,7 +2167,7 @@ void COptionsWindow::OnTab()
else
{
ui.chkNoWindowRename->setEnabled(true);
ui.chkNoWindowRename->setChecked(GetAccessEntry(eWndCls, "", eDirect, "#") != NULL);
ui.chkNoWindowRename->setChecked(GetAccessEntry(eWnd, "", eDirect, "#") != NULL);
}
}
}

23
SandboxiePlus/SandMan/Windows/OptionsWindow.h
View File

@ -30,6 +30,11 @@ private slots:
void OnAddCommand();
void OnDelCommand();
void OnAddAutoCmd();
void OnAddAutoExe();
void OnDelAutoSvc();
void OnDelAuto();
void OnAddGroup();
void OnAddProg();
void OnDelProg();
@ -61,8 +66,8 @@ private slots:
void OnBrowseFolder();
void OnAddKey() { AddAccessEntry(eKey, eDirect, "", ""); }
void OnAddIPC() { AddAccessEntry(eIPC, eDirect, "", ""); }
void OnAddClsId() { AddAccessEntry(eWndCls, eDirect, "", ""); }
void OnAddCOM() { AddAccessEntry(eClsId, eDirect, "", ""); }
void OnAddWnd() { AddAccessEntry(eWnd, eDirect, "", ""); }
void OnAddCOM() { AddAccessEntry(eCOM, eDirect, "", ""); }
void OnDelAccess();
void OnShowAccessTmpl() { LoadAccessList(); }
@ -72,6 +77,9 @@ private slots:
void OnDelRecEntry();
void OnShowRecoveryTmpl() { LoadRecoveryList(); }
void OnAddAutoExec();
void OnDelAutoExec();
void OnAddProcess();
void OnDelProcess();
@ -122,7 +130,9 @@ protected:
eOpenWinClass,
eOpenClsid,
eOpenCOM,
eClosedCOM,
eClosedCOM_RT,
eMaxAccessType
};
@ -132,8 +142,8 @@ protected:
eFile,
eKey,
eIPC,
eWndCls,
eClsId
eWnd,
eCOM
};
enum EAccessMode
@ -141,6 +151,7 @@ protected:
eDirect,
eDirectAll,
eClosed,
eClosedRT,
eReadOnly,
eWriteOnly
};
@ -160,6 +171,8 @@ protected:
void LoadConfig();
void SaveConfig();
void AddAutoRunItem(const QString& Value, int Type);
void AddRunItem(const QString& Name, const QString& Command);
void LoadGroups();

28
SandboxiePlus/SandMan/Windows/PopUpWindow.cpp
View File

@ -277,13 +277,17 @@ void CPopUpWindow::AddFileToRecover(const QString& FilePath, const QString& BoxN
CBoxedProcessPtr pProcess = theAPI->GetProcessById(ProcessId);
QString Message = tr("The file %1 is eligible for quick recovery from %2.\r\nFull path: %3\r\nWritten by: %4")
.arg(FilePath.mid(FilePath.lastIndexOf("\\") + 1)).arg(QString(BoxName).replace("_", " ")).arg(FilePath)
QString Message = tr("%1 is eligible for quick recovery from %2.\r\nThe file was written by: %3")
.arg(FilePath.mid(FilePath.lastIndexOf("\\") + 1)).arg(QString(BoxName).replace("_", " "))
.arg(pProcess.isNull() ? tr("an UNKNOWN process.") : tr("%1 (%2)").arg(pProcess->GetProcessName()).arg(pProcess->GetProcessId()));
CPopUpRecovery* pEntry = new CPopUpRecovery(Message, FilePath, BoxName, this);
QStringList RecoverTargets = theAPI->GetUserSettings()->GetTextList("SbieCtrl_RecoverTarget", true);
pEntry->m_pTarget->insertItems(pEntry->m_pTarget->count()-1, RecoverTargets);
connect(pEntry, SIGNAL(Dismiss(int)), this, SLOT(OnDismiss(int)));
connect(pEntry, SIGNAL(RecoverFile(bool)), this, SLOT(OnRecoverFile(bool)));
connect(pEntry, SIGNAL(RecoverFile(int)), this, SLOT(OnRecoverFile(int)));
connect(pEntry, SIGNAL(OpenRecovery()), this, SLOT(OnOpenRecovery()));
AddEntry(pEntry);
}
@ -316,18 +320,18 @@ void CPopUpWindow::OnDismiss(int iFlag)
}
}
void CPopUpWindow::OnRecoverFile(bool bBrowse)
void CPopUpWindow::OnRecoverFile(int Action)
{
CPopUpRecovery* pEntry = qobject_cast<CPopUpRecovery*>(sender());
QString RecoveryFolder;
if (bBrowse)
RecoveryFolder = QFileDialog::getExistingDirectory(this, tr("Select Directory")).replace("/", "\\");
else
RecoveryFolder = pEntry->m_FilePath.left(pEntry->m_FilePath.lastIndexOf("\\"));
QString RecoveryFolder = pEntry->m_pTarget->currentText();
if (RecoveryFolder.isEmpty())
return;
if (pEntry->m_pTarget->currentIndex() != 0 || pEntry->m_ListCleared) {
QStringList RecoverTargets;
for (int i = 2; i < pEntry->m_pTarget->count() - 1; i++)
RecoverTargets.append(pEntry->m_pTarget->itemText(i));
theAPI->GetUserSettings()->UpdateTextList("SbieCtrl_RecoverTarget", RecoverTargets, true);
}
QString FileName = pEntry->m_FilePath.mid(pEntry->m_FilePath.lastIndexOf("\\") + 1);
QString BoxedFilePath = theAPI->GetBoxedPath(pEntry->m_BoxName, pEntry->m_FilePath);
@ -335,7 +339,7 @@ void CPopUpWindow::OnRecoverFile(bool bBrowse)
QList<QPair<QString, QString>> FileList;
FileList.append(qMakePair(BoxedFilePath, RecoveryFolder + "\\" + FileName));
SB_PROGRESS Status = theGUI->RecoverFiles(FileList);
SB_PROGRESS Status = theGUI->RecoverFiles(FileList, Action);
if (Status.GetStatus() == OP_ASYNC)
theGUI->AddAsyncOp(Status.GetValue());

63
SandboxiePlus/SandMan/Windows/PopUpWindow.h
View File

@ -44,7 +44,7 @@ public:
{
QToolButton* pHelp = new QToolButton();
pHelp->setText(tr("?"));
pHelp->setToolTip(tr("Visit %1 for a detailed explanation.").arg(QString("https://xanasoft.com/sandboxie/sbie%1/").arg(GetMsgId())));
pHelp->setToolTip(tr("Visit %1 for a detailed explanation.").arg(QString("https://sandboxie-plus.com/go.php?to=sbie-sbie%1/").arg(GetMsgId())));
pHelp->setMaximumWidth(16);
QObject::connect(pHelp, SIGNAL(pressed()), this, SLOT(OnHelp()));
m_pMainLayout->addWidget(pHelp, 0, 1);
@ -73,7 +73,7 @@ signals:
void Hide();
private slots:
void OnHelp() { QDesktopServices::openUrl(QUrl(QString("https://xanasoft.com/sandboxie/sbie%1/").arg(GetMsgId()))); }
void OnHelp() { QDesktopServices::openUrl(QUrl(QString("https://sandboxie-plus.com/go.php?to=sbie-sbie%1/").arg(GetMsgId()))); }
protected:
quint32 m_MsgCode;
@ -212,25 +212,41 @@ public:
QLabel* pLabel = new QLabel(Message);
pLabel->setToolTip(Message);
pLabel->setSizePolicy(QSizePolicy::Ignored, QSizePolicy::Maximum);
//pLabel->setWordWrap(true);
extern bool CPopUpWindow__DarkMode;
if(CPopUpWindow__DarkMode) {
QPalette palette = pLabel->palette();
palette.setColor(QPalette::Text, Qt::green);
pLabel->setPalette(palette);
}
m_pMainLayout->addWidget(pLabel, 0, 0, 2, 1);
m_pMainLayout->addWidget(pLabel, 0, 0, 2, 4);
m_pMainLayout->addWidget(new QLabel(tr("Recover to:")), 2, 0);
m_pTarget = new QComboBox();
m_LastTargetIndex = 0;
m_pTarget->addItem(m_FilePath.left(m_FilePath.lastIndexOf("\\")));
m_pTarget->addItem(tr("Browse"), 1);
m_pTarget->addItem(tr("Clear folder list"), -1);
m_ListCleared = false;
connect(m_pTarget, SIGNAL(currentIndexChanged(int)), this, SLOT(OnTargetChanged()));
m_pTarget->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding);
m_pMainLayout->addWidget(m_pTarget, 2, 1);
QToolButton* pRecover = new QToolButton();
pRecover->setText(tr("Recover"));
pRecover->setToolTip(tr("Recover the file to original location"));
pRecover->setPopupMode(QToolButton::MenuButtonPopup);
QMenu* pRecMenu = new QMenu();
pRecMenu->addAction(tr("Recover file to selected folder"), this, SLOT(OnRecoverTo()));
pRecMenu->addAction(tr("Recover && Explore"), this, SLOT(OnRecoverExp()));
pRecMenu->addAction(tr("Recover && Open/Run"), this, SLOT(OnRecoverRun()));
pRecMenu->addSeparator();
pRecMenu->addAction(tr("Open file recovery for this box"), this, SIGNAL(OpenRecovery()));
pRecover->setMenu(pRecMenu);
//QObject::connect(pRecover, SIGNAL(triggered(QAction*)), , SLOT());
QObject::connect(pRecover, SIGNAL(pressed()), this, SLOT(OnRecover()));
m_pMainLayout->addWidget(pRecover, 1, 1);
m_pMainLayout->addWidget(pRecover, 2, 2);
QToolButton* pDismiss = new QToolButton();
@ -243,19 +259,43 @@ public:
pDismiss->setMenu(pMenu);
//QObject::connect(pDismiss, SIGNAL(triggered(QAction*)), , SLOT());
QObject::connect(pDismiss, SIGNAL(pressed()), this, SIGNAL(Dismiss()));
m_pMainLayout->addWidget(pDismiss, 1, 2);
m_pMainLayout->addWidget(pDismiss, 2, 3);
}
signals:
void Dismiss(int iFlag = 0);
void RecoverFile(bool bBrowse);
void RecoverFile(int Action = 0);
void OpenRecovery();
private slots:
void OnDisable() { emit Dismiss(0x03); }
void OnDismissAll() { emit Dismiss(0x01); }
void OnRecover() { emit RecoverFile(false); }
void OnRecoverTo() { emit RecoverFile(true); }
void OnRecover() { emit RecoverFile(); }
void OnRecoverRun() { emit RecoverFile(1); }
void OnRecoverExp() { emit RecoverFile(2); }
void OnTargetChanged()
{
int op = m_pTarget->currentData().toInt();
if (op == 1)
{
QString Folder = QFileDialog::getExistingDirectory(this, tr("Select Directory")).replace("/", "\\");
if (Folder.isEmpty()) {
m_pTarget->setCurrentIndex(m_LastTargetIndex);
return;
}
m_LastTargetIndex = m_pTarget->count() - 1;
m_pTarget->insertItem(m_LastTargetIndex, Folder);
m_pTarget->setCurrentIndex(m_LastTargetIndex);
}
else if (op == -1)
{
while (m_pTarget->count() > 3)
m_pTarget->removeItem(2);
m_pTarget->setCurrentIndex(0);
m_ListCleared = true;
}
}
protected:
friend class CPopUpWindow;
@ -273,6 +313,9 @@ protected:
QString m_FilePath;
QString m_BoxName;
QComboBox* m_pTarget;
int m_LastTargetIndex;
bool m_ListCleared;
};
class CPopUpProgress : public CPopUpEntry
@ -381,7 +424,7 @@ private slots:
virtual void OnPromptResult(int retval);
virtual void OnDismiss(int iFlag);
virtual void OnRecoverFile(bool bBrowse);
virtual void OnRecoverFile(int Action);
virtual void OnOpenRecovery();
virtual void OnDismissProgress(bool bHide);

51
SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
View File

@ -41,6 +41,12 @@ CSettingsWindow::CSettingsWindow(QWidget *parent)
ui.chkNotifications->setChecked(theConf->GetBool("Options/ShowNotifications", true));
switch (theConf->GetInt("Options/OpenUrlsSandboxed", 2)) {
case 0: ui.chkSandboxUrls->setCheckState(Qt::Unchecked); break;
case 1: ui.chkSandboxUrls->setCheckState(Qt::Checked); break;
case 2: ui.chkSandboxUrls->setCheckState(Qt::PartiallyChecked); break;
}
ui.chkWatchConfig->setChecked(theConf->GetBool("Options/WatchIni", true));
ui.onClose->addItem(tr("Close to Tray"), "ToTray");
@ -55,10 +61,15 @@ CSettingsWindow::CSettingsWindow(QWidget *parent)
if (theAPI->IsConnected())
{
ui.fileRoot->setText(theAPI->GetGlobalSettings()->GetText("FileRootPath"));
QString FileRootPath_Default = "\\??\\%SystemDrive%\\Sandbox\\%USER%\\%SANDBOX%";
QString KeyRootPath_Default = "\\REGISTRY\\USER\\Sandbox_%USER%_%SANDBOX%";
QString IpcRootPath_Default = "\\Sandbox\\%USER%\\%SANDBOX%\\Session_%SESSION%";
ui.fileRoot->setText(theAPI->GetGlobalSettings()->GetText("FileRootPath", FileRootPath_Default));
ui.chkSeparateUserFolders->setChecked(theAPI->GetGlobalSettings()->GetBool("SeparateUserFolders", true));
ui.regRoot->setText(theAPI->GetGlobalSettings()->GetText("KeyRootPath"));
ui.ipcRoot->setText(theAPI->GetGlobalSettings()->GetText("IpcRootPath"));
ui.regRoot->setText(theAPI->GetGlobalSettings()->GetText("KeyRootPath", KeyRootPath_Default));
ui.ipcRoot->setText(theAPI->GetGlobalSettings()->GetText("IpcRootPath", IpcRootPath_Default));
ui.chkAdminOnly->setChecked(theAPI->GetGlobalSettings()->GetBool("EditAdminOnly", false));
ui.chkPassRequired->setChecked(!theAPI->GetGlobalSettings()->GetText("EditPassword", "").isEmpty());
@ -101,6 +112,13 @@ CSettingsWindow::CSettingsWindow(QWidget *parent)
}
m_WarnProgsChanged = false;
int PortableRootDir = theConf->GetInt("Options/PortableRootDir", -1);
if (PortableRootDir != -1 && theConf->IsPortable())
ui.chkAutoRoot->setChecked(PortableRootDir == 0 ? Qt::Unchecked : Qt::Checked);
else
ui.chkAutoRoot->setVisible(false);
connect(ui.chkAutoRoot, SIGNAL(stateChanged(int)), this, SLOT(OnChange()));
connect(ui.btnAddCompat, SIGNAL(pressed()), this, SLOT(OnAddCompat()));
connect(ui.btnDelCompat, SIGNAL(pressed()), this, SLOT(OnDelCompat()));
@ -163,6 +181,12 @@ void CSettingsWindow::apply()
theConf->SetValue("Options/ShowNotifications", ui.chkNotifications->isChecked());
switch (ui.chkSandboxUrls->checkState()) {
case Qt::Unchecked: theConf->SetValue("Options/OpenUrlsSandboxed", 0); break;
case Qt::PartiallyChecked: theConf->SetValue("Options/OpenUrlsSandboxed", 2); break;
case Qt::Checked: theConf->SetValue("Options/OpenUrlsSandboxed", 1); break;
}
theConf->SetValue("Options/WatchIni", ui.chkWatchConfig->isChecked());
theConf->SetValue("Options/OnClose", ui.onClose->currentData());
@ -173,17 +197,20 @@ void CSettingsWindow::apply()
if (theAPI->IsConnected())
{
if (ui.fileRoot->text().isEmpty())
ui.fileRoot->setText("\\??\\%SystemDrive%\\Sandbox\\%USER%\\%SANDBOX%");
theAPI->GetGlobalSettings()->SetText("FileRootPath", ui.fileRoot->text());
theAPI->GetGlobalSettings()->DelValue("FileRootPath"); //ui.fileRoot->setText("\\??\\%SystemDrive%\\Sandbox\\%USER%\\%SANDBOX%");
else
theAPI->GetGlobalSettings()->SetText("FileRootPath", ui.fileRoot->text());
theAPI->GetGlobalSettings()->SetBool("SeparateUserFolders", ui.chkSeparateUserFolders->isChecked());
if (ui.regRoot->text().isEmpty())
ui.regRoot->setText("\\REGISTRY\\USER\\Sandbox_%USER%_%SANDBOX%");
theAPI->GetGlobalSettings()->SetText("KeyRootPath", ui.regRoot->text());
theAPI->GetGlobalSettings()->DelValue("KeyRootPath"); //ui.regRoot->setText("\\REGISTRY\\USER\\Sandbox_%USER%_%SANDBOX%");
else
theAPI->GetGlobalSettings()->SetText("KeyRootPath", ui.regRoot->text());
if (ui.ipcRoot->text().isEmpty())
ui.ipcRoot->setText("\\Sandbox\\%USER%\\%SANDBOX%\\Session_%SESSION%");
theAPI->GetGlobalSettings()->SetText("IpcRootPath", ui.ipcRoot->text());
theAPI->GetGlobalSettings()->DelValue("IpcRootPath"); //ui.ipcRoot->setText("\\Sandbox\\%USER%\\%SANDBOX%\\Session_%SESSION%");
else
theAPI->GetGlobalSettings()->SetText("IpcRootPath", ui.ipcRoot->text());
theAPI->GetGlobalSettings()->SetBool("EditAdminOnly", ui.chkAdminOnly->isChecked());
@ -245,6 +272,9 @@ void CSettingsWindow::apply()
}
}
if (ui.chkAutoRoot->isVisible())
theConf->SetValue("Options/PortableRootDir", ui.chkAutoRoot->checkState() != Qt::Checked ? 1 : 0);
theConf->SetValue("Options/AutoRunSoftCompat", !ui.chkNoCompat->isChecked());
emit OptionsChanged();
@ -270,6 +300,9 @@ void CSettingsWindow::OnChange()
QStandardItem *item = model->item(0);
item->setFlags((!ui.chkShowTray->isChecked()) ? item->flags() & ~Qt::ItemIsEnabled : item->flags() | Qt::ItemIsEnabled);
if (ui.chkAutoRoot->isVisible() && theGUI->IsFullyPortable())
ui.fileRoot->setEnabled(ui.chkAutoRoot->checkState() != Qt::Checked);
ui.btnSetPassword->setEnabled(ui.chkPassRequired->isChecked());
}

5533
SandboxiePlus/SandMan/sandman_de.ts
View File

File diff suppressed because it is too large Load Diff

2856
SandboxiePlus/SandMan/sandman_pt.ts Normal file
View File

File diff suppressed because it is too large Load Diff

2255
SandboxiePlus/SandMan/sandman_ru.ts Normal file
View File

File diff suppressed because it is too large Load Diff

2242
SandboxiePlus/SandMan/sandman_zh.ts Normal file
View File

File diff suppressed because it is too large Load Diff