Merge branch 'master' of https://github.com/love-code-yeyixiao/Sandboxie

CHANGELOG.md

@@ -14,9 +14,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - Add UI option to start unsandboxed process but force child processes in SelectBoxWindow.
 - Add option "AlertBeforeStart".When it is set,a prompt pops up before launching a new program into the sandbox using "Start.exe" and checks if the program that started "Start.exe" is a Sandboxie component itself,if it is not, a warning pops up.
 - Add option for EditAdminOnly in SetupWizard.
-- Add option "HideNonSystemProcess" to hide processes other than some system services from processes lists for sandboxed processes.
-- Add option "HideSbieProcess" to hide Sandboxie Work Process(SbieSvc,SandboxieRpcSs,etc.).
-- When "HideFirmWareInfo" is set,the programs which try getting fireware info will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirewareValue
+- Add option "HideNonSystemProcesses" to hide processes other than some system services from processes lists for sandboxed processes.
+- Add option "HideSbieProcesses" to hide Sandboxie Work Process(SbieSvc,SandboxieRpcSs,etc.).
+- When "HideFirmwareInfo" is set,the programs which try getting fireware info will get false data from HKEY_CURRENT_USER\\SOFTWARE\\SandboxieHide\\FalseFirmwareValue
+- Add template "BlockAccessWMI" to prevent sandboxed processes from accessing system information through WMI.
 
 ### Changed
 - split the advanced new box wizard page in two

Sandboxie/core/dll/sysinfo.c

@@ -206,7 +206,7 @@ _FX NTSTATUS SysInfo_NtQuerySystemInformation(
 
         SysInfo_DiscardProcesses(Buffer);
     }
-	if (NT_SUCCESS(status) && (SystemInformationClass == SystemFirmwareTableInformation) && SbieApi_QueryConfBool(NULL, "HideFirmWareInfo", FALSE)) {
+	if (NT_SUCCESS(status) && (SystemInformationClass == SystemFirmwareTableInformation) && SbieApi_QueryConfBool(NULL, L"HideFirmwareInfo", FALSE)) {
 		HKEY hKey=NULL;
 		PVOID lpData=NULL;
 		DWORD dwLen = 0;
@@ -231,7 +231,7 @@ _FX NTSTATUS SysInfo_NtQuerySystemInformation(
 		RQVEW RegQueryValueExW = Ldr_GetProcAddrOld(L"Advapi32.dll", L"RegQueryValueExW");
 		DWORD type;
 		if (RegOpenKeyExW(HKEY_CURRENT_USER, L"SOFTWARE\\SandboxieHide\\", 0, KEY_READ, &hKey))
-			RegQueryValueExW(hKey, "FalseFirewareValue", 0, &type, lpData, &dwLen);
+			RegQueryValueExW(hKey, L"FalseFirmwareValue", 0, &type, lpData, &dwLen);
 		if (dwLen != 0) {
 			Buffer = lpData;
 			*ReturnLength = dwLen;
@@ -336,7 +336,7 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
             break;
 		SbieApi_QueryProcess(next->UniqueProcessId, boxname, NULL, tempSid, &tempSession);
 		BOOL hideProcess = FALSE;
-		if(_wcsnicmp(tempSid, L"S-1-5-18",8) != 0 && _wcsnicmp(tempSid, L"S-1-5-80",8) != 0 /* && _wcsnicmp(tempSid, L"S-1-5-20", 8) != 0 && _wcsnicmp(tempSid, L"S-1-5-6", 7) != 0 */ && SbieApi_QueryConfBool(NULL, L"HideNonSystemProcess", FALSE)) {
+		if(_wcsnicmp(tempSid, L"S-1-5-18",8) != 0 && _wcsnicmp(tempSid, L"S-1-5-80",8) != 0 /* && _wcsnicmp(tempSid, L"S-1-5-20", 8) != 0 && _wcsnicmp(tempSid, L"S-1-5-6", 7) != 0 */ && SbieApi_QueryConfBool(NULL, L"HideNonSystemProcesses", FALSE)) {
 					hideProcess = TRUE;
 		}
 		else
@@ -357,7 +357,7 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
 			}
 			if (!hideProcess) {
 				if (_wcsnicmp(imagename, L"Sandboxie", 9) == 0 || _wcsnicmp(imagename, L"Sbie", 4) == 0) {
-					if (SbieApi_QueryConfBool(NULL, L"HideSbieProcess", FALSE))
+					if (SbieApi_QueryConfBool(NULL, L"HideSbieProcesses", FALSE))
 						hideProcess = TRUE;
 				}
 			}

Sandboxie/install/Templates.ini

@@ -3771,6 +3771,11 @@ Tmpl.Title=Block DNS
 Tmpl.Class=Misc
 NetworkAccess=*,Block;Port=53;Protocol=UDP
 
+[Template_BlockAccessWMI]
+Tmpl.Title=Block Accessing WMI
+Tmpl.Class=Misc
+ClosedFilePath=%SystemRoot%\System32\wbem\*
+
 [Template_BlockTelemetry]
 Tmpl.Title=#4307
 Tmpl.Class=Misc