mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.15.0

This commit is contained in:
DavidXanatos 2024-10-18 13:42:24 +02:00
parent f11f9116f3
commit c0eded3b02
15 changed files with 227 additions and 222 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
Sandboxie/core/dll/advapi.c
View File

@ -244,8 +244,9 @@ _FX BOOLEAN AdvApi_Init(HMODULE module)
// only hook SetSecurityInfo if this is Chrome. Outlook 2013 uses delayed loading and will cause infinite callbacks // only hook SetSecurityInfo if this is Chrome. Outlook 2013 uses delayed loading and will cause infinite callbacks
// Starting with Win 10, we only want to hook ntmarta!SetSecurityInfo. Do NOT hook advapi!SetSecurityInfo. Delay loading for advapi will cause infinite recursion. // Starting with Win 10, we only want to hook ntmarta!SetSecurityInfo. Do NOT hook advapi!SetSecurityInfo. Delay loading for advapi will cause infinite recursion.
// Note: the infinite recursion issue has been resolved int 5.43 // Note: the infinite recursion issue has been resolved int 5.43
if (Config_GetSettingsForImageName_bool(L"UseSbieDeskHack", TRUE) if ((Config_GetSettingsForImageName_bool(L"UseSbieDeskHack", TRUE)
|| (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER)) { || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER))
&& !SbieApi_QueryConfBool(NULL, L"OpenWndStation", FALSE)) {
SetSecurityInfo = __sys_SetSecurityInfo; SetSecurityInfo = __sys_SetSecurityInfo;
GetSecurityInfo = __sys_GetSecurityInfo; GetSecurityInfo = __sys_GetSecurityInfo;
SBIEDLL_HOOK(AdvApi_, SetSecurityInfo); SBIEDLL_HOOK(AdvApi_, SetSecurityInfo);
@ -494,28 +495,9 @@ _FX ULONG AdvApi_CreateRestrictedToken(
} }
//---------------------------------------------------------------------------
HANDLE Sandboxie_WinSta = 0; // AdvApi_GetSecurityInfo
//---------------------------------------------------------------------------
BOOL CALLBACK myEnumWindowStationProc(
_In_ LPTSTR lpszWindowStation,
_In_ LPARAM lParam);
// Get Sandbox Dummy WindowStation Handle
BOOL CALLBACK myEnumWindowStationProc(
_In_ LPTSTR lpszWindowStation,
_In_ LPARAM lParam)
{
if ((!lpszWindowStation) || (!__sys_OpenWindowStationW)) {
return FALSE;
}
if (!_wcsnicmp(lpszWindowStation, L"Sandbox", 7)) {
Sandboxie_WinSta = __sys_OpenWindowStationW(lpszWindowStation, 1, WINSTA_ALL_ACCESS | STANDARD_RIGHTS_REQUIRED);
return FALSE;
}
return TRUE;
}
// Chrome 52+ now needs to be able to create a WindowStation and Desktop for its sandbox // Chrome 52+ now needs to be able to create a WindowStation and Desktop for its sandbox
// GetSecurityInfo will fail when chrome tries to do a DACL read on the default WindowStation. // GetSecurityInfo will fail when chrome tries to do a DACL read on the default WindowStation.
@ -536,16 +518,10 @@ _FX DWORD AdvApi_GetSecurityInfo(
DWORD rc = 0; DWORD rc = 0;
rc = __sys_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor); rc = __sys_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION) { extern HWINSTA Gui_Dummy_WinSta;
__sys_EnumWindowStationsW = (P_EnumWindowStations)Ldr_GetProcAddrNew(L"User32.dll", L"EnumWindowStationsW", "EnumWindowStationsW"); if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION && Gui_Dummy_WinSta)
__sys_OpenWindowStationW = (P_OpenWindowStationW)Ldr_GetProcAddrNew(L"User32.dll", L"OpenWindowStationW", "OpenWindowStationW"); // used by myEnumWindowStationProc rc = __sys_GetSecurityInfo(Gui_Dummy_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
if (!Sandboxie_WinSta) {
if (__sys_EnumWindowStationsW) {
rc = __sys_EnumWindowStationsW(myEnumWindowStationProc, 0);
}
}
rc = __sys_GetSecurityInfo(Sandboxie_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
}
return rc; return rc;
} }
@ -681,6 +657,7 @@ _FX ULONG AdvApi_GetEffectiveRightsFromAclW(
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// Ntmarta_Init // Ntmarta_Init
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
DWORD Ntmarta_GetSecurityInfo( DWORD Ntmarta_GetSecurityInfo(
HANDLE handle, HANDLE handle,
SE_OBJECT_TYPE ObjectType, SE_OBJECT_TYPE ObjectType,
@ -706,8 +683,9 @@ _FX BOOLEAN Ntmarta_Init(HMODULE module)
#define GETPROC2(x,s) __sys_Ntmarta_##x##s = (P_##x) Ldr_GetProcAddrNew(DllName_ntmarta, L#x L#s,#x #s); #define GETPROC2(x,s) __sys_Ntmarta_##x##s = (P_##x) Ldr_GetProcAddrNew(DllName_ntmarta, L#x L#s,#x #s);
GETPROC2(GetSecurityInfo, ); GETPROC2(GetSecurityInfo, );
if (Config_GetSettingsForImageName_bool(L"UseSbieDeskHack", TRUE) if ((Config_GetSettingsForImageName_bool(L"UseSbieDeskHack", TRUE)
|| (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER)) { || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX) || (Dll_ImageType == DLL_IMAGE_ACROBAT_READER))
&& !SbieApi_QueryConfBool(NULL, L"OpenWndStation", FALSE)) {
GetSecurityInfo = __sys_Ntmarta_GetSecurityInfo; GetSecurityInfo = __sys_Ntmarta_GetSecurityInfo;
if (GetSecurityInfo) if (GetSecurityInfo)
@ -746,6 +724,12 @@ _FX BOOLEAN Ntmarta_Init(HMODULE module)
return TRUE; return TRUE;
} }
//---------------------------------------------------------------------------
// Ntmarta_GetSecurityInfo
//---------------------------------------------------------------------------
_FX DWORD Ntmarta_GetSecurityInfo( _FX DWORD Ntmarta_GetSecurityInfo(
HANDLE handle, HANDLE handle,
SE_OBJECT_TYPE ObjectType, SE_OBJECT_TYPE ObjectType,
@ -759,16 +743,10 @@ _FX DWORD Ntmarta_GetSecurityInfo(
DWORD rc = 0; DWORD rc = 0;
rc = __sys_Ntmarta_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor); rc = __sys_Ntmarta_GetSecurityInfo(handle, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION) { extern HWINSTA Gui_Dummy_WinSta;
__sys_EnumWindowStationsW = (P_EnumWindowStations)Ldr_GetProcAddrNew(L"User32.dll", L"EnumWindowStationsW", "EnumWindowStationsW"); if (rc && ObjectType == SE_WINDOW_OBJECT && SecurityInfo == DACL_SECURITY_INFORMATION && Gui_Dummy_WinSta)
__sys_OpenWindowStationW = (P_OpenWindowStationW)Ldr_GetProcAddrNew(L"User32.dll", L"OpenWindowStationW", "OpenWindowStationW"); // used by myEnumWindowStationProc rc = __sys_Ntmarta_GetSecurityInfo(Gui_Dummy_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
if (!Sandboxie_WinSta) {
if (__sys_EnumWindowStationsW) {
rc = __sys_EnumWindowStationsW(myEnumWindowStationProc, 0);
}
}
rc = __sys_Ntmarta_GetSecurityInfo(Sandboxie_WinSta, ObjectType, SecurityInfo, psidOwner, psidGroup, pDacl, pSacl, ppSecurityDescriptor);
}
return rc; return rc;
} }

4
Sandboxie/core/dll/dll.h
View File

@ -110,7 +110,7 @@ enum {
DLL_IMAGE_ACROBAT_READER, DLL_IMAGE_ACROBAT_READER,
DLL_IMAGE_OFFICE_OUTLOOK, DLL_IMAGE_OFFICE_OUTLOOK,
DLL_IMAGE_OFFICE_EXCEL, DLL_IMAGE_OFFICE_EXCEL,
DLL_IMAGE_FLASH_PLAYER_SANDBOX, DLL_IMAGE_FLASH_PLAYER_SANDBOX, // obsolete
DLL_IMAGE_PLUGIN_CONTAINER, DLL_IMAGE_PLUGIN_CONTAINER,
DLL_IMAGE_OTHER_WEB_BROWSER, DLL_IMAGE_OTHER_WEB_BROWSER,
DLL_IMAGE_OTHER_MAIL_CLIENT, DLL_IMAGE_OTHER_MAIL_CLIENT,
@ -794,6 +794,8 @@ BOOLEAN Pdh_Init(HMODULE hmodule);
BOOLEAN NsiRpc_Init(HMODULE); BOOLEAN NsiRpc_Init(HMODULE);
//BOOLEAN Wininet_Init(HMODULE);
BOOLEAN Nsi_Init(HMODULE); BOOLEAN Nsi_Init(HMODULE);
BOOLEAN Ntmarta_Init(HMODULE); BOOLEAN Ntmarta_Init(HMODULE);

10
Sandboxie/core/dll/dllmain.c
View File

@ -733,9 +733,9 @@ _FX void Dll_SelectImageType(void)
{ {
Dll_ImageType = Dll_GetImageType(Dll_ImageName); Dll_ImageType = Dll_GetImageType(Dll_ImageName);
if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED && //if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED &&
_wcsnicmp(Dll_ImageName, L"FlashPlayerPlugin_", 18) == 0) // _wcsnicmp(Dll_ImageName, L"FlashPlayerPlugin_", 18) == 0)
Dll_ImageType = DLL_IMAGE_FLASH_PLAYER_SANDBOX; // Dll_ImageType = DLL_IMAGE_FLASH_PLAYER_SANDBOX;
if (Dll_ImageType == DLL_IMAGE_DLLHOST) { if (Dll_ImageType == DLL_IMAGE_DLLHOST) {
@ -773,8 +773,8 @@ _FX void Dll_SelectImageType(void)
if (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME || if (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME ||
Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX || Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX ||
Dll_ImageType == DLL_IMAGE_ACROBAT_READER || //Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX
Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX) { Dll_ImageType == DLL_IMAGE_ACROBAT_READER) {
Dll_ChromeSandbox = TRUE; Dll_ChromeSandbox = TRUE;
} }

2
Sandboxie/core/dll/dns_filter.c
View File

@ -194,7 +194,7 @@ _FX BOOLEAN WSA_InitNetDnsFilter(HMODULE module)
map_init(&WSA_LookupMap, Dll_Pool); map_init(&WSA_LookupMap, Dll_Pool);
SCertInfo CertInfo = { 0 }; SCertInfo CertInfo = { 0 };
if (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, eCertAdvanced)) { if (!NT_SUCCESS(SbieApi_QueryDrvInfo(-1, &CertInfo, sizeof(CertInfo))) || !CertInfo.opt_net) {
const WCHAR* strings[] = { L"NetworkDnsFilter" , NULL }; const WCHAR* strings[] = { L"NetworkDnsFilter" , NULL };
SbieApi_LogMsgExt(-1, 6009, strings); SbieApi_LogMsgExt(-1, 6009, strings);

11
Sandboxie/core/dll/file_init.c
View File

@ -285,12 +285,13 @@ _FX BOOLEAN File_Init(void)
// //
// support for Google Chrome flash plugin process // support for Google Chrome flash plugin process
// //
// $Workaround$ - 3rd party fix
//void *GetVolumeInformationW =
// GetProcAddress(Dll_KernelBase ? Dll_KernelBase : Dll_Kernel32,
// "GetVolumeInformationW");
//SBIEDLL_HOOK(File_,GetVolumeInformationW);
void *GetVolumeInformationW = // $Workaround$ - 3rd party fix
GetProcAddress(Dll_KernelBase ? Dll_KernelBase : Dll_Kernel32,
"GetVolumeInformationW");
SBIEDLL_HOOK(File_,GetVolumeInformationW);
void *WriteProcessMemory = void *WriteProcessMemory =
GetProcAddress(Dll_KernelBase ? Dll_KernelBase : Dll_Kernel32, GetProcAddress(Dll_KernelBase ? Dll_KernelBase : Dll_Kernel32,
"WriteProcessMemory"); "WriteProcessMemory");

62
Sandboxie/core/dll/file_misc.c
View File

@ -453,37 +453,37 @@ _FX NTSTATUS File_CreateBoxedPath(const WCHAR *PathToCreate)
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
_FX BOOL File_GetVolumeInformationW( //_FX BOOL File_GetVolumeInformationW(
const WCHAR *lpRootPathName, // const WCHAR *lpRootPathName,
WCHAR *lpVolumeNameBuffer, ULONG nVolumeNameSize, // WCHAR *lpVolumeNameBuffer, ULONG nVolumeNameSize,
ULONG *lpVolumeSerialNumber, ULONG *lpMaximumComponentLength, // ULONG *lpVolumeSerialNumber, ULONG *lpMaximumComponentLength,
ULONG *lpFileSystemFlags, // ULONG *lpFileSystemFlags,
WCHAR *lpFileSystemNameBuffer, ULONG nFileSystemNameSize) // WCHAR *lpFileSystemNameBuffer, ULONG nFileSystemNameSize)
{ //{
// // //
// the flash plugin process of Google Chrome issues a special form // // the flash plugin process of Google Chrome issues a special form
// of GetVolumeInformationW with all-NULL parameters. this fails // // of GetVolumeInformationW with all-NULL parameters. this fails
// with an access denied error. to work around this, we install // // with an access denied error. to work around this, we install
// this hook, and automatically return TRUE in this special case. // // this hook, and automatically return TRUE in this special case.
// // //
//
// $Workaround$ - 3rd party fix // // $Workaround$ - 3rd party fix
if (Dll_ChromeSandbox && // if (Dll_ChromeSandbox &&
lpVolumeNameBuffer == NULL && nVolumeNameSize == 0 && // lpVolumeNameBuffer == NULL && nVolumeNameSize == 0 &&
lpVolumeSerialNumber == NULL && lpMaximumComponentLength == NULL && // lpVolumeSerialNumber == NULL && lpMaximumComponentLength == NULL &&
lpFileSystemFlags == NULL && // lpFileSystemFlags == NULL &&
lpFileSystemNameBuffer == NULL && nFileSystemNameSize == 0) { // lpFileSystemNameBuffer == NULL && nFileSystemNameSize == 0) {
//
SetLastError(ERROR_SUCCESS); // SetLastError(ERROR_SUCCESS);
return TRUE; // return TRUE;
//
} // }
//
return __sys_GetVolumeInformationW( // return __sys_GetVolumeInformationW(
lpRootPathName, lpVolumeNameBuffer, nVolumeNameSize, // lpRootPathName, lpVolumeNameBuffer, nVolumeNameSize,
lpVolumeSerialNumber, lpMaximumComponentLength, // lpVolumeSerialNumber, lpMaximumComponentLength,
lpFileSystemFlags, lpFileSystemNameBuffer, nFileSystemNameSize); // lpFileSystemFlags, lpFileSystemNameBuffer, nFileSystemNameSize);
} //}
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------

252
Sandboxie/core/dll/gui.c
View File

@ -44,6 +44,8 @@ void* SbieDll_Hook_arm(const char* SourceFuncName, void* SourceFunc, void* Detou
BOOLEAN Gui_UseProxyService = TRUE; BOOLEAN Gui_UseProxyService = TRUE;
HWINSTA Gui_Dummy_WinSta = NULL;
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// Function Pointers in USER32.DLL // Function Pointers in USER32.DLL
@ -389,7 +391,7 @@ _FX BOOLEAN Gui_Init(HMODULE module)
// disable the use of the gui proxy // disable the use of the gui proxy
// //
Gui_UseProxyService = !Dll_CompartmentMode && !SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE); Gui_UseProxyService = !(Dll_CompartmentMode || SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE));
// NoSbieDesk END // NoSbieDesk END
GUI_IMPORT___(PrintWindow); GUI_IMPORT___(PrintWindow);
@ -970,148 +972,160 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
errlvl = 2; errlvl = 2;
else { else {
// if (SbieApi_QueryConfBool(NULL, L"OpenWndStation", FALSE))
// locate windowstation and desktop functions in user32 dll _ProcessDesktop = (HDESK)-1;
//
P_SetProcessWindowStation _SetProcessWindowStation =
(P_SetProcessWindowStation)
GetProcAddress(User32, "SetProcessWindowStation");
if (! __sys_SetThreadDesktop) {
// in the special case when USER32 is loaded before GDI32, as
// discussed in Gdi_InitZero, SetThreadDesktop is still zero
__sys_SetThreadDesktop = (P_SetThreadDesktop)
GetProcAddress(User32, "SetThreadDesktop");
}
if ((! _SetProcessWindowStation) || (! __sys_SetThreadDesktop))
errlvl = 3;
else { else {
// //
// set DesktopName in ProcessParms to point to our dummy // locate windowstation and desktop functions in user32 dll
// window station so the initial default connection can
// be made to a workstation that is accessible
// //
UNICODE_STRING SaveDesktopName; P_SetProcessWindowStation _SetProcessWindowStation =
#ifndef _WIN64 (P_SetProcessWindowStation)
UNICODE_STRING64 SaveDesktopName64; GetProcAddress(User32, "SetProcessWindowStation");
UNICODE_STRING64 *DesktopName64;
#endif ! _WIN64
memcpy(&SaveDesktopName, &ProcessParms->DesktopName, P_GetProcessWindowStation _GetProcessWindowStation =
sizeof(UNICODE_STRING)); (P_GetProcessWindowStation)
GetProcAddress(User32, "GetProcessWindowStation");
RtlInitUnicodeString( if (!__sys_SetThreadDesktop) {
&ProcessParms->DesktopName, rpl->name); // in the special case when USER32 is loaded before GDI32, as
// discussed in Gdi_InitZero, SetThreadDesktop is still zero
__sys_SetThreadDesktop = (P_SetThreadDesktop)
GetProcAddress(User32, "SetThreadDesktop");
}
#ifndef _WIN64 if ((!_SetProcessWindowStation) || (!__sys_SetThreadDesktop))
// errlvl = 3;
// in a 32-bit process on 64-bit Windows, we actually need else {
// to change the DesktopName member in the 64-bit
// RTL_USER_PROCESS_PARAMETERS structure and not the
// 32-bit version of the structure.
//
// note that the 64-bit PEB will be in the lower 32-bits in
// a 32-bit process, so it is accessible, but its address is
// not available to us. but the SbieSvc GUI Proxy process
// is 64-bit so it can send us the address of the 64-bit PEB
// in the reply datagram
//
if (Dll_IsWow64) {
// //
// 64-bit PEB offset 0x20 -> RTL_USER_PROCESS_PARAMETERS // set DesktopName in ProcessParms to point to our dummy
// RTL_USER_PROCESS_PARAMETERS offset 0xC0 is DesktopName // window station so the initial default connection can
// be made to a workstation that is accessible
// //
ULONG ProcessParms64 = *(ULONG *)(rpl->peb64 + 0x20); UNICODE_STRING SaveDesktopName;
DesktopName64 = #ifndef _WIN64
(UNICODE_STRING64 *)(ProcessParms64 + 0xC0); UNICODE_STRING64 SaveDesktopName64;
UNICODE_STRING64* DesktopName64;
memcpy(&SaveDesktopName64,
DesktopName64, sizeof(UNICODE_STRING64));
DesktopName64->Length = ProcessParms->DesktopName.Length;
DesktopName64->MaximumLength =
ProcessParms->DesktopName.MaximumLength;
DesktopName64->Buffer =
(ULONG)ProcessParms->DesktopName.Buffer;
}
#endif ! _WIN64 #endif ! _WIN64
// memcpy(&SaveDesktopName, &ProcessParms->DesktopName,
// note also that the default \Windows object directory sizeof(UNICODE_STRING));
// (where the WindowStations object directory is located)
// grants access to Everyone, but this is not true for
// the per-session object directories \Sessions\N.
//
// our process token does not include the change notify
// privilege, so access to the window station object
// would have to validate each object directory in the
// path, and this would fail with our process token.
//
// to work around this, we issue a special request to
// SbieDrv through NtSetInformationThread which causes
// it to return with an impersonation token that includes
// the change notify privilege but is otherwise restricted
//
// see also: file core/drv/thread_token.c function
// Thread_SetInformationThread_ChangeNotifyToken
//
rc = (ULONG_PTR)NtCurrentThread(); RtlInitUnicodeString(
&ProcessParms->DesktopName, rpl->name);
// OriginalToken BEGIN #ifndef _WIN64
if (Dll_CompartmentMode || SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE)) //
rc = 0; // in a 32-bit process on 64-bit Windows, we actually need
else // to change the DesktopName member in the 64-bit
// OriginalToken END // RTL_USER_PROCESS_PARAMETERS structure and not the
if (__sys_NtSetInformationThread) // 32-bit version of the structure.
{ //
rc = __sys_NtSetInformationThread(NtCurrentThread(), // note that the 64-bit PEB will be in the lower 32-bits in
ThreadImpersonationToken, &rc, sizeof(rc)); // a 32-bit process, so it is accessible, but its address is
} // not available to us. but the SbieSvc GUI Proxy process
else // is 64-bit so it can send us the address of the 64-bit PEB
{ // in the reply datagram
rc = NtSetInformationThread(NtCurrentThread(), //
if (Dll_IsWow64) {
//
// 64-bit PEB offset 0x20 -> RTL_USER_PROCESS_PARAMETERS
// RTL_USER_PROCESS_PARAMETERS offset 0xC0 is DesktopName
//
ULONG ProcessParms64 = *(ULONG*)(rpl->peb64 + 0x20);
DesktopName64 =
(UNICODE_STRING64*)(ProcessParms64 + 0xC0);
memcpy(&SaveDesktopName64,
DesktopName64, sizeof(UNICODE_STRING64));
DesktopName64->Length = ProcessParms->DesktopName.Length;
DesktopName64->MaximumLength =
ProcessParms->DesktopName.MaximumLength;
DesktopName64->Buffer =
(ULONG)ProcessParms->DesktopName.Buffer;
}
#endif ! _WIN64
//
// note also that the default \Windows object directory
// (where the WindowStations object directory is located)
// grants access to Everyone, but this is not true for
// the per-session object directories \Sessions\N.
//
// our process token does not include the change notify
// privilege, so access to the window station object
// would have to validate each object directory in the
// path, and this would fail with our process token.
//
// to work around this, we issue a special request to
// SbieDrv through NtSetInformationThread which causes
// it to return with an impersonation token that includes
// the change notify privilege but is otherwise restricted
//
// see also: file core/drv/thread_token.c function
// Thread_SetInformationThread_ChangeNotifyToken
//
rc = (ULONG_PTR)NtCurrentThread();
// OriginalToken BEGIN
if (Dll_CompartmentMode || SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
rc = 0;
else
// OriginalToken END
if (__sys_NtSetInformationThread)
{
rc = __sys_NtSetInformationThread(NtCurrentThread(),
ThreadImpersonationToken, &rc, sizeof(rc)); ThreadImpersonationToken, &rc, sizeof(rc));
} }
else
{
rc = NtSetInformationThread(NtCurrentThread(),
ThreadImpersonationToken, &rc, sizeof(rc));
}
if (rc != 0) Gui_Dummy_WinSta = _GetProcessWindowStation();
errlvl = 4;
// if (rc != 0)
// invoking SetProcessWindowStation will first connect errlvl = 4;
// to the default (dummy) window station as part of
// initial thread by PsConvertToGuiThread, then when
// control finally arrives in SetProcessWindowStation,
// the connection to the real window station is made
//
else if (! _SetProcessWindowStation( //
(HWINSTA)rpl->hwinsta)) { // invoking SetProcessWindowStation will first connect
errlvl = 5; // to the default (dummy) window station as part of
rc = GetLastError(); // initial thread by PsConvertToGuiThread, then when
// control finally arrives in SetProcessWindowStation,
// the connection to the real window station is made
//
} else else if (!_SetProcessWindowStation(
_ProcessDesktop = (HDESK)rpl->hdesk; (HWINSTA)rpl->hwinsta)) {
errlvl = 5;
rc = GetLastError();
// }
// restore the original contents of the DesktopName field else
// _ProcessDesktop = (HDESK)rpl->hdesk;
memcpy(&ProcessParms->DesktopName, &SaveDesktopName, //
sizeof(UNICODE_STRING)); // restore the original contents of the DesktopName field
//
memcpy(&ProcessParms->DesktopName, &SaveDesktopName,
sizeof(UNICODE_STRING));
#ifndef _WIN64 #ifndef _WIN64
if (Dll_IsWow64) { if (Dll_IsWow64) {
memcpy(DesktopName64, &SaveDesktopName64, memcpy(DesktopName64, &SaveDesktopName64,
sizeof(UNICODE_STRING64)); sizeof(UNICODE_STRING64));
} }
#endif ! _WIN64 #endif ! _WIN64
}
} }
Dll_Free(rpl); Dll_Free(rpl);
@ -1128,7 +1142,7 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
ConnectThread: ConnectThread:
if (errlvl == 0) { if (errlvl == 0 && _ProcessDesktop != (HDESK)-1) {
if (! __sys_SetThreadDesktop(_ProcessDesktop)) { if (! __sys_SetThreadDesktop(_ProcessDesktop)) {
errlvl = 6; errlvl = 6;

15
Sandboxie/core/dll/guienum.c
View File

@ -234,6 +234,9 @@ _FX BOOLEAN Gui_InitEnum(HMODULE module)
// hook desktop APIs // hook desktop APIs
// //
if (SbieApi_QueryConfBool(NULL, L"OpenWndStation", FALSE))
return TRUE;
SBIEDLL_HOOK_GUI(EnumDesktopsW); SBIEDLL_HOOK_GUI(EnumDesktopsW);
SBIEDLL_HOOK_GUI(EnumDesktopsA); SBIEDLL_HOOK_GUI(EnumDesktopsA);
SBIEDLL_HOOK_GUI(OpenDesktopW); SBIEDLL_HOOK_GUI(OpenDesktopW);
@ -592,9 +595,9 @@ _FX HANDLE Gui_CreateWindowStationW (void *lpwinsta, DWORD dwFlags, ACCESS_MASK
if (myHandle) if (myHandle)
return myHandle; return myHandle;
extern HANDLE Sandboxie_WinSta; extern HANDLE Gui_Dummy_WinSta;
if(Sandboxie_WinSta && (Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX))) if(Gui_Dummy_WinSta && (Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX)))
return Sandboxie_WinSta; return Gui_Dummy_WinSta;
SbieApi_Log(2205, L"CreateWindowStation"); SbieApi_Log(2205, L"CreateWindowStation");
return 0; return 0;
@ -614,9 +617,9 @@ _FX HANDLE Gui_CreateWindowStationA (void *lpwinsta, DWORD dwFlags, ACCESS_MASK
if (myHandle) if (myHandle)
return myHandle; return myHandle;
extern HANDLE Sandboxie_WinSta; extern HANDLE Gui_Dummy_WinSta;
if(Sandboxie_WinSta && (Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX))) if(Gui_Dummy_WinSta && (Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) || (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME) || (Dll_ImageType == DLL_IMAGE_MOZILLA_FIREFOX)))
return Sandboxie_WinSta; return Gui_Dummy_WinSta;
SbieApi_Log(2205, L"CreateWindowStation"); SbieApi_Log(2205, L"CreateWindowStation");
return 0; return 0;

2
Sandboxie/core/dll/net.c
View File

@ -1415,7 +1415,7 @@ _FX BOOLEAN WSA_InitNetProxy()
return FALSE; return FALSE;
SCertInfo CertInfo = { 0 }; SCertInfo CertInfo = { 0 };
if (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, eCertAdvanced)) { if (!NT_SUCCESS(SbieApi_QueryDrvInfo(-1, &CertInfo, sizeof(CertInfo))) || !CertInfo.opt_net) {
const WCHAR* strings[] = { L"NetworkUseProxy" , NULL }; const WCHAR* strings[] = { L"NetworkUseProxy" , NULL };
SbieApi_LogMsgExt(-1, 6009, strings); SbieApi_LogMsgExt(-1, 6009, strings);

2
Sandboxie/core/dll/proc.c
View File

@ -908,7 +908,7 @@ _FX BOOL Proc_CreateProcessInternalW(
// architecture which conflicts with our restricted process model // architecture which conflicts with our restricted process model
// //
if (Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX || if (//Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX ||
Dll_ImageType == DLL_IMAGE_ACROBAT_READER || Dll_ImageType == DLL_IMAGE_ACROBAT_READER ||
Dll_ImageType == DLL_IMAGE_PLUGIN_CONTAINER) Dll_ImageType == DLL_IMAGE_PLUGIN_CONTAINER)
hToken = NULL; hToken = NULL;

2
Sandboxie/core/dll/sxs.c
View File

@ -1,6 +1,6 @@
/* /*
* Copyright 2004-2020 Sandboxie Holdings, LLC * Copyright 2004-2020 Sandboxie Holdings, LLC
* Copyright 2020 David Xanatos, xanasoft.com * Copyright 2020-2023 David Xanatos, xanasoft.com
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by

11
Sandboxie/core/drv/process_force.c
View File

@ -221,8 +221,15 @@ _FX BOX *Process_GetForcedStartBox(
return NULL; return NULL;
} }
Process_GetProcessName( //
Driver_Pool, (ULONG_PTR)ParentId, &nbuf, &nlen, &ParentName); // initialize ParentName but only if the parrent is not a system process
//
if (!MyIsProcessRunningAsSystemAccount(ParentId)) {
Process_GetProcessName(
Driver_Pool, (ULONG_PTR)ParentId, &nbuf, &nlen, &ParentName);
}
// //
// initialize some more state before checking process // initialize some more state before checking process

2
Sandboxie/core/drv/verify.h
View File

@ -95,7 +95,7 @@ enum ECertLevel {
#define CERT_IS_TYPE(cert,t) ((cert.type & 0b11100) == (unsigned long)(t)) #define CERT_IS_TYPE(cert,t) ((cert.type & 0b11100) == (unsigned long)(t))
#define CERT_IS_SUBSCRIPTION(cert) (CERT_IS_TYPE(cert, eCertBusiness) || CERT_IS_TYPE(cert, eCertHome) || cert.type == eCertEntryPatreon || CERT_IS_TYPE(cert, eCertEvaluation)) #define CERT_IS_SUBSCRIPTION(cert) (CERT_IS_TYPE(cert, eCertBusiness) || CERT_IS_TYPE(cert, eCertHome) || cert.type == eCertEntryPatreon || CERT_IS_TYPE(cert, eCertEvaluation))
#define CERT_IS_INSIDER(cert) (CERT_IS_TYPE(cert, eCertEternal) || cert.type == eCertGreatPatreon) #define CERT_IS_INSIDER(cert) (CERT_IS_TYPE(cert, eCertEternal) || cert.type == eCertGreatPatreon)
#define CERT_IS_LEVEL(cert,l) (cert.active && cert.level >= (unsigned long)(l)) //#define CERT_IS_LEVEL(cert,l) (cert.active && cert.level >= (unsigned long)(l))
#ifdef KERNEL_MODE #ifdef KERNEL_MODE
extern SCertInfo Verify_CertInfo; extern SCertInfo Verify_CertInfo;

2
Sandboxie/core/svc/DriverAssistInject.cpp
View File

@ -133,7 +133,7 @@ void DriverAssist::InjectLow(void *_msg)
// //
// NoSbieDesk BEGIN // NoSbieDesk BEGIN
if (!CompartmentMode && !SbieApi_QueryConfBool(boxname, L"NoSandboxieDesktop", FALSE)) if (!(CompartmentMode || SbieApi_QueryConfBool(boxname, L"NoSandboxieDesktop", FALSE)))
// NoSbieDesk END // NoSbieDesk END
if (!msg->bHostInject) if (!msg->bHostInject)
{ {

2
Sandboxie/core/svc/MountManager.cpp
View File

@ -997,7 +997,7 @@ bool MountManager::AcquireBoxRoot(const WCHAR* boxname, const WCHAR* reg_root, c
std::wstring TargetNtPath; std::wstring TargetNtPath;
SCertInfo CertInfo = { 0 }; SCertInfo CertInfo = { 0 };
if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, (UseFileImage ? eCertAdvanced1 : eCertStandard)))) { if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_QueryDrvInfo(-1, &CertInfo, sizeof(CertInfo))) || !(UseFileImage ? CertInfo.opt_enc : CertInfo.active))) {
const WCHAR* strings[] = { boxname, UseFileImage ? L"UseFileImage" : L"UseRamDisk" , NULL }; const WCHAR* strings[] = { boxname, UseFileImage ? L"UseFileImage" : L"UseRamDisk" , NULL };
SbieApi_LogMsgExt(session_id, UseFileImage ? 6009 : 6008, strings); SbieApi_LogMsgExt(session_id, UseFileImage ? 6009 : 6008, strings);
errlvl = 0x66; errlvl = 0x66;