systemless MSIServer + fixes and some cleanup
This commit is contained in:
parent
1b7ebbd904
commit
a4e6b4913b
19
CHANGELOG.md
19
CHANGELOG.md
|
@ -2,10 +2,27 @@
|
|||
All notable changes to this project will be documented in this file.
|
||||
This project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
|
||||
|
||||
## [0.8.8 / 5.50.8] - 2021-07-12
|
||||
|
||||
### Changed
|
||||
- MSIServer no longer requirers being run as system completing the move to not using system tockens in a sandbox by default
|
||||
-- the security enhanced option "MsiInstallerExemptions=n" is now the default behavioure
|
||||
|
||||
### Fixed
|
||||
- fixed issue with the "Explore Sandboxed" command [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972)
|
||||
- rolled back the switch from using NtQueryKey to NtQueryObject as it seams to bream soem older w10 versions liek 1803 [#984](https://github.com/sandboxie-plus/Sandboxie/issues/984)
|
||||
-- this change was introduced to fix [#951](https://github.com/sandboxie-plus/Sandboxie/issues/951)
|
||||
-- to use NtQueryObject the option "UseObjectNameForKeys=y" can be added to sandboxie.ini
|
||||
|
||||
|
||||
|
||||
|
||||
## [0.8.7b / 5.50.7] - 2021-07-11
|
||||
|
||||
### Fixed
|
||||
- fixed issue with boxes that had auto-delete activated introduced in the previous build
|
||||
- fixed issue with boxes that had auto-delete activated introduced in the previous build [#986](https://github.com/sandboxie-plus/Sandboxie/issues/986)
|
||||
|
||||
## [0.8.7 / 5.50.7] - 2021-07-10
|
||||
|
||||
|
|
|
@ -103,7 +103,6 @@
|
|||
<ItemGroup>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\..\common\my_ntdll.c" />
|
||||
<ClCompile Include="BoxOrder.c" />
|
||||
<ClCompile Include="DlgTmplRtl.cpp" />
|
||||
<ClCompile Include="MyFileOp.c" />
|
||||
|
@ -111,14 +110,10 @@
|
|||
<ClCompile Include="MyMsgBox.c" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\..\common\my_shlwapi.h" />
|
||||
<ClInclude Include="..\..\common\my_version.h" />
|
||||
<ClInclude Include="..\..\common\my_xeb.h" />
|
||||
<ClInclude Include="BoxOrder.h" />
|
||||
<ClInclude Include="CommonUtils.h" />
|
||||
<ClInclude Include="MyGdi.h" />
|
||||
<ClInclude Include="MyMsgBox.h" />
|
||||
<ClInclude Include="MyPool.h" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
|
|
|
@ -183,20 +183,8 @@
|
|||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\BoxOrder.c">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\FontStore.cpp" />
|
||||
<ClCompile Include="..\common\Layout.cpp" />
|
||||
<ClCompile Include="..\common\MyGdi.c">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\MyMsg.cpp">
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
|
||||
|
@ -297,11 +285,8 @@
|
|||
<ClInclude Include="..\..\common\json\JSON.h" />
|
||||
<ClInclude Include="..\..\common\json\JSONValue.h" />
|
||||
<ClInclude Include="..\..\common\my_version.h" />
|
||||
<ClInclude Include="..\common\BoxOrder.h" />
|
||||
<ClInclude Include="..\common\CommonUtils.h" />
|
||||
<ClInclude Include="..\common\FontStore.h" />
|
||||
<ClInclude Include="..\common\Layout.h" />
|
||||
<ClInclude Include="..\common\MyGdi.h" />
|
||||
<ClInclude Include="..\common\MyMsg.h" />
|
||||
<ClInclude Include="..\common\RunBrowser.h" />
|
||||
<ClInclude Include="..\common\RunStartExe.h" />
|
||||
|
|
|
@ -54,18 +54,12 @@
|
|||
<ClCompile Include="UserSettings.cpp" />
|
||||
<ClCompile Include="ViewTemplateDialog.cpp" />
|
||||
<ClCompile Include="WindowTitleMap.cpp" />
|
||||
<ClCompile Include="..\common\BoxOrder.c">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\FontStore.cpp">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\Layout.cpp">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\MyGdi.c">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\common\MyMsg.cpp">
|
||||
<Filter>common</Filter>
|
||||
</ClCompile>
|
||||
|
@ -137,18 +131,12 @@
|
|||
<ClInclude Include="UserSettings.h" />
|
||||
<ClInclude Include="ViewTemplateDialog.h" />
|
||||
<ClInclude Include="WindowTitleMap.h" />
|
||||
<ClInclude Include="..\common\BoxOrder.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\common\FontStore.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\common\Layout.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\common\MyGdi.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\common\MyMsg.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
|
@ -166,9 +154,6 @@
|
|||
</ClInclude>
|
||||
<ClInclude Include="UpdateDialog.h" />
|
||||
<ClInclude Include="Updater.h" />
|
||||
<ClInclude Include="..\common\CommonUtils.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="..\common\RunStartExe.h">
|
||||
<Filter>common</Filter>
|
||||
</ClInclude>
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
#ifndef _MY_VERSION_H
|
||||
#define _MY_VERSION_H
|
||||
|
||||
#define MY_VERSION_BINARY 5,50,7
|
||||
#define MY_VERSION_STRING "5.50.7"
|
||||
#define MY_VERSION_BINARY 5,50,8
|
||||
#define MY_VERSION_STRING "5.50.8"
|
||||
#define MY_VERSION_COMPAT "5.50.0" // this refers to the driver ABI compatibility
|
||||
|
||||
// These #defines are used by either Resource Compiler, or by NSIC installer
|
||||
|
|
|
@ -181,6 +181,12 @@ typedef struct _THREAD_DATA {
|
|||
|
||||
ULONG file_dont_strip_write_access;
|
||||
|
||||
//
|
||||
// misc modules
|
||||
//
|
||||
|
||||
HANDLE scm_last_own_token;
|
||||
|
||||
//
|
||||
// proc module: image path for a child process being started
|
||||
//
|
||||
|
|
|
@ -2440,6 +2440,22 @@ _FX NTSTATUS File_NtCreateFileImpl(
|
|||
if (Dll_OsBuild >= 8400 && Dll_ImageType == DLL_IMAGE_TRUSTED_INSTALLER)
|
||||
DesiredAccess &= ~ACCESS_SYSTEM_SECURITY; // for TiWorker.exe (W8)
|
||||
|
||||
// MSIServer without system
|
||||
if (Dll_ImageType == DLL_IMAGE_MSI_INSTALLER && (DesiredAccess & ACCESS_SYSTEM_SECURITY) != 0
|
||||
&& ObjectAttributes && ObjectAttributes->ObjectName && ObjectAttributes->ObjectName->Buffer
|
||||
&& _wcsicmp(ObjectAttributes->ObjectName->Buffer + (ObjectAttributes->ObjectName->Length / sizeof(WCHAR)) - 3, L".msi") == 0
|
||||
){
|
||||
|
||||
//
|
||||
// MSIServer when accessing \??\C:\WINDOWS\Installer\???????.msi files will get a PROGOLEGE_NOT_HELD error when requesting ACCESS_SYSTEM_SECURITY
|
||||
// Howeever if we broadly clear this flag we will get error 1946 'System.AppUserModel.ID' could not be set on *.lnk files
|
||||
//
|
||||
|
||||
DesiredAccess &= ~ACCESS_SYSTEM_SECURITY;
|
||||
}
|
||||
|
||||
|
||||
|
||||
__try {
|
||||
|
||||
IoStatusBlock->Information = FILE_DOES_NOT_EXIST;
|
||||
|
@ -3018,6 +3034,25 @@ ReparseLoop:
|
|||
// while(!IsDebuggerPresent()) Sleep(50); __debugbreak();
|
||||
//}
|
||||
|
||||
// MSIServer without system
|
||||
if (status == STATUS_ACCESS_DENIED && Dll_ImageType == DLL_IMAGE_MSI_INSTALLER
|
||||
&& ObjectAttributes->ObjectName->Buffer && ObjectAttributes->ObjectName->Length >= 34
|
||||
&& _wcsicmp(ObjectAttributes->ObjectName->Buffer + (ObjectAttributes->ObjectName->Length / sizeof(WCHAR)) - 11, L"\\Config.Msi") == 0
|
||||
) {
|
||||
|
||||
//
|
||||
// MSI must not fail accessing \??\C:\WINDOWS\Installer\Config.msi but this folder is readable only for system,
|
||||
// so we create a boxed copy copy instead and open it
|
||||
//
|
||||
|
||||
RtlInitUnicodeString(&objname, CopyPath);
|
||||
status = __sys_NtCreateFile(
|
||||
FileHandle, DesiredAccess, &objattrs,
|
||||
IoStatusBlock, AllocationSize, FileAttributes,
|
||||
ShareAccess, FILE_OPEN_IF, FILE_DIRECTORY_FILE,
|
||||
EaBuffer, EaLength);
|
||||
}
|
||||
|
||||
//
|
||||
// special case for SandboxieCrypto on Windows Vista,
|
||||
// which tries to open catdb that are locked by
|
||||
|
|
|
@ -170,7 +170,7 @@ static void File_InitRecoverList(
|
|||
const WCHAR *setting, LIST *list, BOOLEAN MustBeValidPath,
|
||||
WCHAR *buf, ULONG buf_len);
|
||||
|
||||
static void File_NotifyRecover(HANDLE FileHandle, MSG_HEADER **out_req);
|
||||
static void File_NotifyRecover(HANDLE FileHandle);
|
||||
|
||||
static BOOLEAN File_IsRecoverable(const WCHAR *TruePath);
|
||||
|
||||
|
@ -1917,7 +1917,6 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
NTSTATUS status;
|
||||
ULONG type;
|
||||
FILE_MERGE *merge;
|
||||
MSG_HEADER *req;
|
||||
|
||||
P_NtClose pSysNtClose = __sys_NtClose;
|
||||
|
||||
|
@ -1961,6 +1960,13 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
Key_NtClose(FileHandle);
|
||||
}
|
||||
|
||||
//
|
||||
// special handling for scm_msi.c
|
||||
//
|
||||
|
||||
if (TlsData->scm_last_own_token == FileHandle)
|
||||
TlsData->scm_last_own_token = NULL;
|
||||
|
||||
//
|
||||
// if not closing a file handle, stop here
|
||||
//
|
||||
|
@ -1978,8 +1984,6 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
// close for a real handle
|
||||
//
|
||||
|
||||
req = NULL;
|
||||
|
||||
EnterCriticalSection(&File_DirHandles_CritSec);
|
||||
|
||||
merge = List_Head(&File_DirHandles);
|
||||
|
@ -1998,17 +2002,10 @@ _FX NTSTATUS File_NtCloseImpl(HANDLE FileHandle)
|
|||
// close and recover file
|
||||
//
|
||||
|
||||
File_NotifyRecover(FileHandle, &req);
|
||||
File_NotifyRecover(FileHandle);
|
||||
|
||||
status = pSysNtClose ? pSysNtClose(FileHandle) : NtClose(FileHandle);
|
||||
|
||||
if (req) {
|
||||
MSG_HEADER *rpl = SbieDll_CallServer(req);
|
||||
Dll_Free(req);
|
||||
if (rpl)
|
||||
Dll_Free(rpl);
|
||||
}
|
||||
|
||||
TlsData->file_NtClose_lock = FALSE;
|
||||
|
||||
SetLastError(LastError);
|
||||
|
@ -2672,8 +2669,7 @@ _FX void File_DuplicateRecover(
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX void File_NotifyRecover(
|
||||
HANDLE FileHandle, MSG_HEADER **out_req)
|
||||
_FX void File_NotifyRecover(HANDLE FileHandle)
|
||||
{
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
|
|
|
@ -526,9 +526,6 @@ import_fail:
|
|||
if (ok)
|
||||
ok = Gui_InitMsg();
|
||||
|
||||
if (ok)
|
||||
ok = Gui_InitWinHooks();
|
||||
|
||||
if (ok)
|
||||
ok = Gui_InitDlgTmpl();
|
||||
|
||||
|
@ -540,6 +537,9 @@ import_fail:
|
|||
return ok;
|
||||
// NoSbieDesk END
|
||||
|
||||
if (ok)
|
||||
ok = Gui_InitWinHooks();
|
||||
|
||||
SBIEDLL_HOOK_GUI(AttachThreadInput);
|
||||
|
||||
return ok;
|
||||
|
|
|
@ -96,6 +96,7 @@ static CRITICAL_SECTION Gui_HooksCritSec;
|
|||
static LIST Gui_Hooks;
|
||||
static DWORD Gui_HookHelperThreadId = 0;
|
||||
static int Gui_HookCount = 0;
|
||||
static BOOLEAN Gui_HookInit = FALSE;
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Gui_InitWinHooks
|
||||
|
@ -111,6 +112,8 @@ _FX BOOLEAN Gui_InitWinHooks(void)
|
|||
SBIEDLL_HOOK_GUI(SetWindowsHookExW);
|
||||
SBIEDLL_HOOK_GUI(UnhookWindowsHookEx);
|
||||
|
||||
Gui_HookInit = TRUE;
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
@ -618,6 +621,9 @@ _FX BOOL Gui_UnhookWindowsHookEx(HHOOK hhk)
|
|||
|
||||
_FX LRESULT Gui_NotifyWinHooks()
|
||||
{
|
||||
if (!Gui_HookInit)
|
||||
return 0;
|
||||
|
||||
GUI_WND_HOOK_NOTIFY_REQ req;
|
||||
GUI_WND_HOOK_NOTIFY_RPL *rpl;
|
||||
|
||||
|
|
|
@ -301,6 +301,9 @@ static const ULONG Key_ClickToRunLen_v16 = 63;
|
|||
|
||||
static const WCHAR *Key_Wow6432Node = L"\\Wow6432Node\\";
|
||||
|
||||
|
||||
static BOOLEAN Key_UseObjectNames = FALSE;
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Debug Prints
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -351,6 +354,8 @@ _FX BOOLEAN Key_Init(void)
|
|||
|
||||
SbieDll_MatchPath(L'k', (const WCHAR *)-1);
|
||||
|
||||
Key_UseObjectNames = SbieApi_QueryConfBool(NULL, L"UseObjectNameForKeys", FALSE);
|
||||
|
||||
List_Init(&Key_Handles);
|
||||
List_Init(&Key_MergeCacheList);
|
||||
|
||||
|
@ -448,23 +453,55 @@ _FX NTSTATUS Key_GetName(
|
|||
name = Dll_GetTlsNameBuffer(
|
||||
TlsData, TRUE_NAME_BUFFER, length + objname_len);
|
||||
|
||||
status = Obj_GetObjectName(RootDirectory, name, &length);
|
||||
|
||||
if (status == STATUS_BUFFER_OVERFLOW || status == STATUS_BUFFER_TOO_SMALL || status == STATUS_INFO_LENGTH_MISMATCH) {
|
||||
|
||||
name = Dll_GetTlsNameBuffer(
|
||||
TlsData, TRUE_NAME_BUFFER, length + objname_len);
|
||||
if (Key_UseObjectNames)
|
||||
{
|
||||
//
|
||||
// Note: some keys like L"\\REGISTRY\\MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib\\007"
|
||||
// do not return valid results when querying using NtQueryKey and returns a STATUS_INVALID_HANDLE
|
||||
// using Obj_GetObjectName seams to break sbie on 1803, strangely on w7 its fine
|
||||
// hence this alternative access mode is made optional
|
||||
//
|
||||
|
||||
status = Obj_GetObjectName(RootDirectory, name, &length);
|
||||
|
||||
if (status == STATUS_BUFFER_OVERFLOW || status == STATUS_BUFFER_TOO_SMALL || status == STATUS_INFO_LENGTH_MISMATCH) {
|
||||
|
||||
name = Dll_GetTlsNameBuffer(
|
||||
TlsData, TRUE_NAME_BUFFER, length + objname_len);
|
||||
|
||||
status = Obj_GetObjectName(RootDirectory, name, &length);
|
||||
}
|
||||
|
||||
if (!NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
*OutTruePath = ((OBJECT_NAME_INFORMATION*)name)->Name.Buffer;
|
||||
|
||||
name = (*OutTruePath)
|
||||
+ ((OBJECT_NAME_INFORMATION*)name)->Name.Length / sizeof(WCHAR);
|
||||
}
|
||||
else
|
||||
{
|
||||
status = __sys_NtQueryKey(
|
||||
RootDirectory, KeyNameInformation, name, length, &length);
|
||||
|
||||
if (! NT_SUCCESS(status))
|
||||
return status;
|
||||
if (status == STATUS_BUFFER_OVERFLOW || status == STATUS_BUFFER_TOO_SMALL || status == STATUS_INFO_LENGTH_MISMATCH) {
|
||||
|
||||
*OutTruePath = ((OBJECT_NAME_INFORMATION *)name)->Name.Buffer;
|
||||
name = Dll_GetTlsNameBuffer(
|
||||
TlsData, TRUE_NAME_BUFFER, length + objname_len);
|
||||
|
||||
name = (*OutTruePath)
|
||||
+ ((OBJECT_NAME_INFORMATION *)name)->Name.Length / sizeof(WCHAR);
|
||||
status = __sys_NtQueryKey(
|
||||
RootDirectory, KeyNameInformation, name, length, &length);
|
||||
}
|
||||
|
||||
if (! NT_SUCCESS(status))
|
||||
return status;
|
||||
|
||||
*OutTruePath = ((KEY_NAME_INFORMATION *)name)->Name;
|
||||
|
||||
name = (*OutTruePath)
|
||||
+ ((KEY_NAME_INFORMATION *)name)->NameLength / sizeof(WCHAR);
|
||||
}
|
||||
|
||||
if (objname_len) {
|
||||
|
||||
|
|
|
@ -45,6 +45,20 @@ static HANDLE Scm_CreateWaitableTimerW(
|
|||
LPSECURITY_ATTRIBUTES lpTimerAttributes,
|
||||
BOOL bManualReset, LPCWSTR lpTimerName);
|
||||
|
||||
static BOOL Scm_OpenProcessToken(
|
||||
_In_ HANDLE ProcessHandle,
|
||||
_In_ DWORD DesiredAccess,
|
||||
_Outptr_ PHANDLE TokenHandle
|
||||
);
|
||||
|
||||
static BOOL Scm_GetTokenInformation(
|
||||
_In_ HANDLE TokenHandle,
|
||||
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
|
||||
_Out_writes_bytes_to_opt_(TokenInformationLength,*ReturnLength) LPVOID TokenInformation,
|
||||
_In_ DWORD TokenInformationLength,
|
||||
_Out_ PDWORD ReturnLength
|
||||
);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Prototypes
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -54,6 +68,19 @@ typedef HANDLE (*P_CreateWaitableTimerW)(
|
|||
LPSECURITY_ATTRIBUTES lpTimerAttributes,
|
||||
BOOL bManualReset, LPCWSTR lpTimerName);
|
||||
|
||||
typedef BOOL (*P_OpenProcessToken)(
|
||||
_In_ HANDLE ProcessHandle,
|
||||
_In_ DWORD DesiredAccess,
|
||||
_Outptr_ PHANDLE TokenHandle
|
||||
);
|
||||
|
||||
typedef BOOL (*P_GetTokenInformation)(
|
||||
_In_ HANDLE TokenHandle,
|
||||
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
|
||||
_Out_writes_bytes_to_opt_(TokenInformationLength,*ReturnLength) LPVOID TokenInformation,
|
||||
_In_ DWORD TokenInformationLength,
|
||||
_Out_ PDWORD ReturnLength
|
||||
);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Pointers
|
||||
|
@ -62,6 +89,9 @@ typedef HANDLE (*P_CreateWaitableTimerW)(
|
|||
|
||||
static P_CreateWaitableTimerW __sys_CreateWaitableTimerW = NULL;
|
||||
|
||||
static P_OpenProcessToken __sys_OpenProcessToken = NULL;
|
||||
|
||||
static P_GetTokenInformation __sys_GetTokenInformation = NULL;
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Variables
|
||||
|
@ -87,12 +117,50 @@ _FX BOOLEAN Scm_SetupMsiHooks()
|
|||
//__debugbreak();
|
||||
|
||||
P_CreateWaitableTimerW CreateWaitableTimerW = (P_CreateWaitableTimerW)GetProcAddress(Dll_Kernel32, "CreateWaitableTimerW");
|
||||
|
||||
SBIEDLL_HOOK(Scm_, CreateWaitableTimerW);
|
||||
|
||||
//// hook privilege-related functions
|
||||
//if (!Hook_Privilege())
|
||||
// return FALSE;
|
||||
|
||||
//
|
||||
// To run MSIServer without system privileges we need to make it think it is running as system
|
||||
// we do that by hooking OpenProcessToken and if it opened the current process caching the resulting token handle
|
||||
// than in GetTokenInformation when asked for TokenUser for this handle we return the system SID
|
||||
// finally on NtClose we clear the cached token value in case it gets reused later
|
||||
//
|
||||
|
||||
/*
|
||||
msi.dll!RunningAsLocalSystem
|
||||
v2 = GetCurrentProcess();
|
||||
if ( OpenProcessToken(v2, 8u, &hObject) )
|
||||
{
|
||||
v3 = IsLocalSystemToken(hObject);
|
||||
...
|
||||
|
||||
msi.dll!IsLocalSystemToken
|
||||
if ( GetUserSID(a1, Sid) )
|
||||
return 0;
|
||||
StringSid = 0i64;
|
||||
if ( !ConvertSidToStringSidW(Sid, &StringSid) )
|
||||
return 0;
|
||||
v2 = L"S-1-5-18";
|
||||
wcscmp...
|
||||
|
||||
|
||||
msi.dll!GetUserSID
|
||||
if ( GetTokenInformation(a1, TokenUser, TokenInformation, 0x58u, ReturnLength) )
|
||||
{
|
||||
if ( CopySid(0x48u, a2, TokenInformation[0]) )
|
||||
...
|
||||
*/
|
||||
|
||||
// MSIServer without system - fake running as system
|
||||
HMODULE hAdvapi32 = LoadLibrary(L"Advapi32.dll");
|
||||
|
||||
void *OpenProcessToken = (P_OpenProcessToken)GetProcAddress(hAdvapi32, "OpenProcessToken");
|
||||
SBIEDLL_HOOK(Scm_, OpenProcessToken);
|
||||
|
||||
void *GetTokenInformation = (P_GetTokenInformation)GetProcAddress(hAdvapi32, "GetTokenInformation");
|
||||
SBIEDLL_HOOK(Scm_, GetTokenInformation);
|
||||
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
@ -118,6 +186,57 @@ _FX HANDLE Scm_CreateWaitableTimerW(
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Scm_OpenProcessToken
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOL Scm_OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE phTokenOut)
|
||||
{
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
NTSTATUS status = __sys_OpenProcessToken(ProcessHandle, DesiredAccess, phTokenOut);
|
||||
|
||||
if (NT_SUCCESS(status) && ProcessHandle == GetCurrentProcess()) {
|
||||
TlsData->scm_last_own_token = *phTokenOut;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Scm_GetTokenInformation
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX BOOL Scm_GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass,
|
||||
LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
|
||||
{
|
||||
THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
|
||||
|
||||
static const UCHAR sid[12] = {
|
||||
1, // Revision
|
||||
1, // SubAuthorityCount
|
||||
0,0,0,0,0,5, // SECURITY_NT_AUTHORITY // IdentifierAuthority
|
||||
SECURITY_LOCAL_SYSTEM_RID // SubAuthority
|
||||
};
|
||||
|
||||
if (TokenInformationClass == TokenUser && TlsData->scm_last_own_token == TokenHandle
|
||||
&& TokenInformationLength >= sizeof(TOKEN_USER) + sizeof(sid))
|
||||
{
|
||||
PTOKEN_USER token_user = (PTOKEN_USER)TokenInformation;
|
||||
token_user->User.Sid = (PSID)(((UCHAR*)TokenInformation) + sizeof(TOKEN_USER));
|
||||
memcpy(token_user->User.Sid, sid, sizeof(sid));
|
||||
|
||||
*ReturnLength = sizeof(TOKEN_USER) + sizeof(sid);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return __sys_GetTokenInformation(TokenHandle, TokenInformationClass, TokenInformation, TokenInformationLength, ReturnLength);
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Scm_SetupMsiWaiter
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
|
@ -66,5 +66,5 @@ extern const ULONG tzuk;
|
|||
|
||||
/* BigNum */
|
||||
|
||||
#define BIGNUM_WITH_FROM_STRING
|
||||
#include "common/bignum.c"
|
||||
//#define BIGNUM_WITH_FROM_STRING
|
||||
//#include "common/bignum.c"
|
||||
|
|
|
@ -640,7 +640,7 @@ _FX void *Thread_SetInformationProcess_PrimaryToken_3(
|
|||
}
|
||||
|
||||
//
|
||||
// special allowance for MSIServer
|
||||
// special allowance for MSIServer running without system privileges
|
||||
//
|
||||
|
||||
if (!proc->image_from_box &&
|
||||
|
|
|
@ -1246,18 +1246,6 @@ _FX void *Token_RestrictHelper1(
|
|||
if (SidInToken && SidInToken[1] >= 1) { // SubAuthorityCount >= 1
|
||||
|
||||
PSID NewSid = NULL;
|
||||
|
||||
//
|
||||
// Alternative (less secure) workaround for msi issue started with windows 17763
|
||||
// the workaround in Proc_CreateProcessInternalW_RS5 makes solves thsi usse well
|
||||
//
|
||||
//if (!proc->image_from_box && _wcsicmp(proc->image_name, L"msiexec.exe") == 0
|
||||
// && RtlEqualSid(SidInToken, SystemLogonSid)
|
||||
// && Conf_Get_Boolean(proc->box->name, L"MsiInstallerExemptions", 0, FALSE))
|
||||
//{
|
||||
// //DbgPrint("Sbie, MsiServer was allowed to keep its system token\n");
|
||||
//}
|
||||
//else
|
||||
|
||||
// SbieLogin BEGIN
|
||||
if (Conf_Get_Boolean(proc->box->name, L"SandboxieLogon", 0, FALSE))
|
||||
|
|
|
@ -1032,9 +1032,9 @@ BOOL ProcessServer::RunSandboxedStripPrivilege(HANDLE NewTokenHandle, LPCWSTR lp
|
|||
|
||||
BOOL ProcessServer::RunSandboxedStripPrivileges(HANDLE NewTokenHandle)
|
||||
{
|
||||
BOOLEAN ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_TCB_NAME);
|
||||
if (ok) ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_CREATE_TOKEN_NAME);
|
||||
if (ok) ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_ASSIGNPRIMARYTOKEN_NAME);
|
||||
BOOLEAN ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_TCB_NAME); // security critical
|
||||
if (ok) ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_CREATE_TOKEN_NAME); // usualyl not held, but in case
|
||||
//if (ok) ok = RunSandboxedStripPrivilege(NewTokenHandle, SE_ASSIGNPRIMARYTOKEN_NAME);
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
|
|
@ -285,7 +285,7 @@ MSG_HEADER *ServiceServer::RunHandler(MSG_HEADER *msg, HANDLE idProcess)
|
|||
int ServiceServer::RunServiceAsSystem(const WCHAR* svcname, const WCHAR* boxname)
|
||||
{
|
||||
// exception for MSIServer, see also core/drv/thread_token.c
|
||||
if (svcname && _wcsicmp(svcname, L"MSIServer") == 0 && SbieApi_QueryConfBool(boxname, L"MsiInstallerExemptions", TRUE))
|
||||
if (svcname && _wcsicmp(svcname, L"MSIServer") == 0 && SbieApi_QueryConfBool(boxname, L"MsiInstallerExemptions", FALSE))
|
||||
return 2;
|
||||
|
||||
// legacy behavioure option
|
||||
|
|
|
@ -982,19 +982,26 @@ SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, QPr
|
|||
if (m_SbiePath.isEmpty())
|
||||
return SB_ERR(SB_PathFail);
|
||||
|
||||
//bool bStart = (Command == "run_dialog" || Command == "default_browser" || Command == "mail_agent" || Command.left(10) == "start_menu");
|
||||
|
||||
QString StartCmd = "\"" + GetStartPath() + "\"" + (Elevated ? " /elevated" : "");
|
||||
QString StartArgs;
|
||||
if(Elevated)
|
||||
StartArgs += "/elevated ";
|
||||
if (!BoxName.isEmpty())
|
||||
StartCmd += " /box:" + BoxName + " ";
|
||||
StartArgs += "/box:" + BoxName + " ";
|
||||
else
|
||||
StartCmd += " /disable_force ";
|
||||
StartCmd += Command;
|
||||
StartArgs += "/disable_force ";
|
||||
StartArgs += Command;
|
||||
|
||||
if (pProcess)
|
||||
pProcess->start(StartCmd);
|
||||
else
|
||||
QProcess::startDetached(StartCmd);
|
||||
if (pProcess) {
|
||||
pProcess->setProgram(GetStartPath());
|
||||
pProcess->setNativeArguments(StartArgs);
|
||||
pProcess->start();
|
||||
}
|
||||
else {
|
||||
QProcess process;
|
||||
process.setProgram(GetStartPath());
|
||||
process.setNativeArguments(StartArgs);
|
||||
process.startDetached();
|
||||
}
|
||||
return SB_OK;
|
||||
}
|
||||
|
||||
|
@ -2234,7 +2241,7 @@ void CSbieAPI::AddTraceEntry(const CTraceEntryPtr& LogEntry, bool bCanMerge)
|
|||
m_TraceList.append(LogEntry);
|
||||
}
|
||||
|
||||
QList<CTraceEntryPtr> CSbieAPI::GetTrace() const
|
||||
QVector<CTraceEntryPtr> CSbieAPI::GetTrace() const
|
||||
{
|
||||
QReadLocker Lock(&m_TraceMutex);
|
||||
|
||||
|
|
|
@ -110,7 +110,7 @@ public:
|
|||
virtual bool IsMonitoring();
|
||||
|
||||
virtual void AddTraceEntry(const CTraceEntryPtr& LogEntry, bool bCanMerge = false);
|
||||
virtual QList<CTraceEntryPtr> GetTrace() const;
|
||||
virtual QVector<CTraceEntryPtr> GetTrace() const;
|
||||
virtual void ClearTrace() { QWriteLocker Lock(&m_TraceMutex); m_TraceList.clear(); m_LastTraceEntry = 0; }
|
||||
|
||||
// Other
|
||||
|
@ -185,7 +185,7 @@ protected:
|
|||
QMap<quint32, CBoxedProcessPtr> m_BoxedProxesses;
|
||||
|
||||
mutable QReadWriteLock m_TraceMutex;
|
||||
QList<CTraceEntryPtr> m_TraceList;
|
||||
QVector<CTraceEntryPtr> m_TraceList;
|
||||
int m_LastTraceEntry;
|
||||
|
||||
mutable QReadWriteLock m_DriveLettersMutex;
|
||||
|
|
|
@ -48,7 +48,7 @@ bool CTraceModel::TestPath(const QList<QVariant>& Path, const CTraceEntryPtr& pE
|
|||
return Path.size() == Index;
|
||||
}*/
|
||||
|
||||
QList<QVariant> CTraceModel::Sync(const QList<CTraceEntryPtr>& EntryList, void* BoxPtr)
|
||||
QList<QVariant> CTraceModel::Sync(const QVector<CTraceEntryPtr>& EntryList, void* BoxPtr)
|
||||
{
|
||||
QList<QVariant> Added;
|
||||
QMap<QList<QVariant>, QList<STreeNode*> > New;
|
||||
|
|
|
@ -11,7 +11,7 @@ public:
|
|||
CTraceModel(QObject* parent = 0);
|
||||
~CTraceModel();
|
||||
|
||||
QList<QVariant> Sync(const QList<CTraceEntryPtr>& EntryList, void* BoxPtr);
|
||||
QList<QVariant> Sync(const QVector<CTraceEntryPtr>& EntryList, void* BoxPtr);
|
||||
|
||||
CTraceEntryPtr GetEntry(const QModelIndex& index) const;
|
||||
|
||||
|
|
|
@ -127,7 +127,7 @@ void CTraceView::Refresh()
|
|||
if(m_pOnlyCurrent->isChecked())
|
||||
Boxes = theGUI->GetBoxView()->GetSelectedBoxes();
|
||||
|
||||
QList<CTraceEntryPtr> ResourceLog = theAPI->GetTrace();
|
||||
QVector<CTraceEntryPtr> ResourceLog = theAPI->GetTrace();
|
||||
//m_pTraceModel->Sync(ResourceLog, Pids);
|
||||
QList<QVariant> Added = m_pTraceModel->Sync(ResourceLog, Boxes.count() == 1 ? Boxes.first().data() : NULL);
|
||||
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
#define VERSION_MJR 0
|
||||
#define VERSION_MIN 8
|
||||
#define VERSION_REV 7
|
||||
#define VERSION_UPD 2
|
||||
#define VERSION_REV 8
|
||||
#define VERSION_UPD 0
|
||||
|
||||
#ifndef STR
|
||||
#define STR2(X) #X
|
||||
|
|
Loading…
Reference in New Issue