1.12.4
This commit is contained in:
DavidXanatos
parent
0a3f74eff3
commit
ad8eeda159
|
|
@ -13,13 +13,14 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
### Changed
|
||||
- without an active, non expired, supporter certificate, automatic updates/downloads are not longer available for the stable channel
|
||||
- the autoamtic updater will still work and notify about new stable releases, the user will be guided to visit the download page and download the latest installer manually
|
||||
- cleanup button is also enabled when not connencted to core
|
||||
|
||||
### Fixed
|
||||
- fixed running sandboxed processes located in a imdisk volume [#3472](https://github.com/sandboxie-plus/Sandboxie/discussions/3472)
|
||||
- fixed sample 634d066fd4f9a8b201a3ddf346e880be unable to be terminate on windows 7 x64 [#3482](https://github.com/sandboxie-plus/Sandboxie/issues/3482)
|
||||
- fixed UseNewSymlinkResolver causes applications to create both the link and the target folder [#3481](https://github.com/sandboxie-plus/Sandboxie/issues/3481)
|
||||
- fixed Renaming a sandbox breaks Group hierarchy [#3430](https://github.com/sandboxie-plus/Sandboxie/issues/3430)
|
||||
|
||||
- fixed Encrypted confidential Box + red box preset blocks box access to it's own root directories [#3475](https://github.com/sandboxie-plus/Sandboxie/issues/3475)
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -266,10 +266,12 @@ extern const WCHAR *Dll_HomeDosPath;
|
|||
//extern ULONG Dll_HomeDosPathLen;
|
||||
|
||||
extern const WCHAR *Dll_BoxFilePath;
|
||||
extern const WCHAR *Dll_BoxFileDosPath;
|
||||
extern const WCHAR *Dll_BoxKeyPath;
|
||||
extern const WCHAR *Dll_BoxIpcPath;
|
||||
|
||||
extern ULONG Dll_BoxFilePathLen;
|
||||
extern ULONG Dll_BoxFileDosPathLen;
|
||||
extern ULONG Dll_BoxKeyPathLen;
|
||||
extern ULONG Dll_BoxIpcPathLen;
|
||||
extern ULONG Dll_SidStringLen;
|
||||
|
|
|
|||
|
|
@ -74,10 +74,12 @@ const WCHAR *Dll_HomeDosPath = NULL;
|
|||
//ULONG Dll_HomeDosPathLen = 0;
|
||||
|
||||
const WCHAR *Dll_BoxFilePath = NULL;
|
||||
const WCHAR *Dll_BoxFileDosPath = NULL;
|
||||
const WCHAR *Dll_BoxKeyPath = NULL;
|
||||
const WCHAR *Dll_BoxIpcPath = NULL;
|
||||
|
||||
ULONG Dll_BoxFilePathLen = 0;
|
||||
ULONG Dll_BoxFileDosPathLen = 0;
|
||||
ULONG Dll_BoxKeyPathLen = 0;
|
||||
ULONG Dll_BoxIpcPathLen = 0;
|
||||
ULONG Dll_SidStringLen = 0;
|
||||
|
|
|
|||
|
|
@ -7350,6 +7350,21 @@ _FX BOOLEAN SbieDll_TranslateNtToDosPath(WCHAR *path)
|
|||
}
|
||||
|
||||
path_len = wcslen(path);
|
||||
|
||||
//
|
||||
// workaround for hidden box root
|
||||
//
|
||||
|
||||
if (Dll_BoxFileDosPathLen && Dll_BoxFilePathLen <= path_len && _wcsnicmp(path, Dll_BoxFilePath, Dll_BoxFilePathLen) == 0)
|
||||
{
|
||||
wmemmove(path + Dll_BoxFileDosPathLen, path + Dll_BoxFilePathLen, wcslen(path + Dll_BoxFilePathLen) + 1);
|
||||
wmemcpy(path, Dll_BoxFileDosPath, Dll_BoxFileDosPathLen);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
//
|
||||
// Find Dos Drive Letter
|
||||
//
|
||||
|
||||
drive = File_GetDriveForPath(path, path_len);
|
||||
if (drive)
|
||||
|
|
|
|||
|
|
@ -176,6 +176,34 @@ _FX BOOLEAN File_Init(void)
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
Dll_BoxFileDosPath = Dll_Alloc((Dll_BoxFilePathLen + 1) * sizeof(WCHAR));
|
||||
wcscpy((WCHAR *)Dll_BoxFileDosPath, Dll_BoxFilePath);
|
||||
if (!SbieDll_TranslateNtToDosPath((WCHAR *)Dll_BoxFileDosPath) || _wcsnicmp(Dll_BoxFileDosPath, L"\\\\.\\", 4) == 0)
|
||||
{
|
||||
Dll_Free((WCHAR *)Dll_BoxFileDosPath);
|
||||
Dll_BoxFileDosPath = NULL;
|
||||
|
||||
//
|
||||
// the root is redirected with a reparse point and the target device does not have a drvie letter
|
||||
// implement workaround, see SbieDll_TranslateNtToDosPath
|
||||
//
|
||||
|
||||
ULONG BoxFilePathLen = (0x1000 + 1) * sizeof(WCHAR);
|
||||
WCHAR* BoxFilePathConf = Dll_AllocTemp(BoxFilePathLen);
|
||||
SbieApi_QueryConf(NULL, L"FileRootPath", 0, BoxFilePathConf, BoxFilePathLen);
|
||||
|
||||
if (SbieDll_TranslateNtToDosPath(BoxFilePathConf))
|
||||
{
|
||||
Dll_BoxFileDosPathLen = wcslen(BoxFilePathConf);
|
||||
Dll_BoxFileDosPath = Dll_Alloc((Dll_BoxFileDosPathLen + 1) * sizeof(WCHAR));
|
||||
wcscpy((WCHAR *)Dll_BoxFileDosPath, BoxFilePathConf);
|
||||
}
|
||||
Dll_Free(BoxFilePathConf);
|
||||
}
|
||||
else
|
||||
Dll_BoxFileDosPathLen = wcslen(Dll_BoxFileDosPath);
|
||||
|
||||
File_InitSnapshots();
|
||||
|
||||
File_InitRecoverFolders();
|
||||
|
|
|
|||
|
|
@ -1021,7 +1021,8 @@ _FX BOOLEAN File_InitProcess(PROCESS *proc)
|
|||
// make sure the image path does not match a ClosedFilePath setting
|
||||
//
|
||||
|
||||
if (ok && proc->image_path && (! proc->image_sbie)) {
|
||||
if (ok && proc->image_path && (! proc->image_sbie)
|
||||
&& _wcsnicmp(proc->image_path, proc->box->file_path, (proc->box->file_path_len / sizeof(WCHAR)) - 1) != 0) {
|
||||
|
||||
#ifdef USE_MATCH_PATH_EX
|
||||
ULONG mp_flags = Process_MatchPathEx(proc, proc->image_path, wcslen(proc->image_path), L'f',
|
||||
|
|
|
|||
|
|
@ -503,6 +503,11 @@ check:
|
|||
&& _wcsnicmp(Name->Name.Buffer, root->file_root, root->file_root_len) == 0
|
||||
) {
|
||||
|
||||
//DbgPrint("IRP_MJ_CREATE: %S\n", root->file_root);
|
||||
|
||||
if (Util_IsProtectedProcess(PsGetCurrentProcessId()))
|
||||
break;
|
||||
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
|
||||
if (proc && !proc->bHostInject) {
|
||||
|
|
|
|||
|
|
@ -1138,36 +1138,6 @@ finish:
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Thread_IsProtectedProcess
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
NTKERNELAPI BOOLEAN NTAPI PsIsProtectedProcess(_In_ PEPROCESS Process);
|
||||
|
||||
_FX BOOLEAN Thread_IsProtectedProcess(HANDLE pid)
|
||||
{
|
||||
PEPROCESS ProcessObject;
|
||||
NTSTATUS status;
|
||||
BOOLEAN ret = FALSE;
|
||||
|
||||
//
|
||||
// Check if this process is a protected process,
|
||||
// as protected processes are integral windows processes or trusted antimalware services
|
||||
// we allow such processes to access even confidential sandboxed programs.
|
||||
//
|
||||
|
||||
status = PsLookupProcessByProcessId(pid, &ProcessObject);
|
||||
if (NT_SUCCESS(status)) {
|
||||
|
||||
ret = PsIsProtectedProcess(ProcessObject);
|
||||
|
||||
ObDereferenceObject(ProcessObject);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Thread_CheckObject_CommonEx
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
@ -1232,10 +1202,9 @@ _FX ACCESS_MASK Thread_CheckObject_CommonEx(
|
|||
//
|
||||
|
||||
if (protect_process /*&& MyIsProcessRunningAsSystemAccount(cur_pid)*/) {
|
||||
if ((_wcsicmp(nptr, SBIESVC_EXE) == 0) || (_wcsicmp(nptr, L"csrss.exe") == 0)
|
||||
if ((_wcsicmp(nptr, SBIESVC_EXE) == 0) || Util_IsProtectedProcess(cur_pid)
|
||||
|| (_wcsicmp(nptr, L"conhost.exe") == 0)
|
||||
|| (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0)
|
||||
|| Thread_IsProtectedProcess(cur_pid))
|
||||
|| (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0))
|
||||
protect_process = FALSE;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -446,6 +446,36 @@ retry:
|
|||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Util_IsProtectedProcess
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
NTKERNELAPI BOOLEAN NTAPI PsIsProtectedProcess(_In_ PEPROCESS Process);
|
||||
|
||||
_FX BOOLEAN Util_IsProtectedProcess(HANDLE pid)
|
||||
{
|
||||
PEPROCESS ProcessObject;
|
||||
NTSTATUS status;
|
||||
BOOLEAN ret = FALSE;
|
||||
|
||||
//
|
||||
// Check if this process is a protected process,
|
||||
// as protected processes are integral windows processes or trusted antimalware services
|
||||
// we allow such processes to access even confidential sandboxed programs.
|
||||
//
|
||||
|
||||
status = PsLookupProcessByProcessId(pid, &ProcessObject);
|
||||
if (NT_SUCCESS(status)) {
|
||||
|
||||
ret = PsIsProtectedProcess(ProcessObject);
|
||||
|
||||
ObDereferenceObject(ProcessObject);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Util_GetTime
|
||||
//---------------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -109,6 +109,7 @@ NTSTATUS MyValidateCertificate(void);
|
|||
|
||||
HANDLE Util_GetProcessPidByName(const WCHAR* name);
|
||||
|
||||
BOOLEAN Util_IsProtectedProcess(HANDLE pid);
|
||||
|
||||
LARGE_INTEGER Util_GetTimestamp(void);
|
||||
|
||||
|
|
|
|||
|
|
@ -2498,10 +2498,6 @@ void CSandMan::UpdateState()
|
|||
m_pDisableForce->setEnabled(isConnected);
|
||||
m_pDisableForce2->setEnabled(isConnected);
|
||||
|
||||
//m_pCleanUpMenu->setEnabled(isConnected);
|
||||
//m_pCleanUpButton->setEnabled(isConnected);
|
||||
//m_pKeepTerminated->setEnabled(isConnected);
|
||||
|
||||
m_pEditIni->setEnabled(isConnected);
|
||||
if(m_pEditIni2) m_pEditIni2->setEnabled(isConnected);
|
||||
m_pReloadIni->setEnabled(isConnected);
|
||||
|
|
@ -2509,7 +2505,7 @@ void CSandMan::UpdateState()
|
|||
|
||||
if (m_pNewBoxButton) m_pNewBoxButton->setEnabled(isConnected);
|
||||
if (m_pEditIniButton) m_pEditIniButton->setEnabled(isConnected);
|
||||
if (m_pCleanUpButton) m_pCleanUpButton->setEnabled(isConnected);
|
||||
//if (m_pCleanUpButton) m_pCleanUpButton->setEnabled(isConnected);
|
||||
}
|
||||
|
||||
void CSandMan::OnMenuHover(QAction* action)
|
||||
|
|
|
|||
Loading…
Reference in New Issue