1.3.1
This commit is contained in:
parent
56396e62f0
commit
e15f39d2e7
|
@ -1468,6 +1468,9 @@ _FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void Syscall_Update_Lockdown();
|
||||||
|
Syscall_Update_Lockdown();
|
||||||
|
|
||||||
/*
|
/*
|
||||||
#ifdef HOOK_WIN32K
|
#ifdef HOOK_WIN32K
|
||||||
// must be windows 10 or later
|
// must be windows 10 or later
|
||||||
|
|
|
@ -46,6 +46,8 @@ static BOOLEAN Syscall_Init_ServiceData(void);
|
||||||
|
|
||||||
static void Syscall_ErrorForAsciiName(const UCHAR *name_a);
|
static void Syscall_ErrorForAsciiName(const UCHAR *name_a);
|
||||||
|
|
||||||
|
void Syscall_Update_Lockdown();
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
@ -980,6 +982,40 @@ _FX NTSTATUS Syscall_Api_Query(PROCESS *proc, ULONG64 *parms)
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Syscall_Update_Lockdown
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX void Syscall_Update_Lockdown()
|
||||||
|
{
|
||||||
|
SYSCALL_ENTRY *entry;
|
||||||
|
|
||||||
|
#ifdef HOOK_WIN32K
|
||||||
|
Syscall_Update_Lockdown32();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
LIST approved_syscalls;
|
||||||
|
Syscall_LoadHookMap(L"ApproveWinNtSysCall", &approved_syscalls);
|
||||||
|
|
||||||
|
entry = List_Head(&Syscall_List);
|
||||||
|
while (entry) {
|
||||||
|
|
||||||
|
entry->approved = (Syscall_HookMapMatch(entry->name, entry->name_len, &approved_syscalls) != 0);
|
||||||
|
|
||||||
|
entry = List_Next(entry);
|
||||||
|
}
|
||||||
|
|
||||||
|
Syscall_FreeHookMap(&approved_syscalls);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Syscall_QuerySystemInfo_SupportProcmonStack
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
_FX BOOLEAN Syscall_QuerySystemInfo_SupportProcmonStack(
|
_FX BOOLEAN Syscall_QuerySystemInfo_SupportProcmonStack(
|
||||||
PROCESS *proc, SYSCALL_ENTRY *syscall_entry, ULONG_PTR *user_args)
|
PROCESS *proc, SYSCALL_ENTRY *syscall_entry, ULONG_PTR *user_args)
|
||||||
{
|
{
|
||||||
|
|
|
@ -29,6 +29,8 @@ static BOOLEAN Syscall_Init_List32(void);
|
||||||
|
|
||||||
static BOOLEAN Syscall_Init_Table32(void);
|
static BOOLEAN Syscall_Init_Table32(void);
|
||||||
|
|
||||||
|
void Syscall_Update_Lockdown32();
|
||||||
|
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
@ -710,3 +712,25 @@ _FX NTSTATUS Syscall_Api_Query32(PROCESS *proc, ULONG64 *parms)
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
// Syscall_Update_Lockdown32
|
||||||
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
_FX void Syscall_Update_Lockdown32()
|
||||||
|
{
|
||||||
|
SYSCALL_ENTRY *entry;
|
||||||
|
|
||||||
|
LIST approved_syscalls;
|
||||||
|
Syscall_LoadHookMap(L"ApproveWin32SysCall", &approved_syscalls);
|
||||||
|
|
||||||
|
entry = List_Head(&Syscall_List32);
|
||||||
|
while (entry) {
|
||||||
|
|
||||||
|
entry->approved = (Syscall_HookMapMatch(entry->name, entry->name_len, &approved_syscalls) != 0);
|
||||||
|
|
||||||
|
entry = List_Next(entry);
|
||||||
|
}
|
||||||
|
|
||||||
|
Syscall_FreeHookMap(&approved_syscalls);
|
||||||
|
}
|
|
@ -2427,7 +2427,7 @@ void CSandMan::OnEditIni()
|
||||||
|
|
||||||
void CSandMan::OnReloadIni()
|
void CSandMan::OnReloadIni()
|
||||||
{
|
{
|
||||||
theAPI->ReloadConfig();
|
theAPI->ReloadConfig(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
void CSandMan::OnIniReloaded()
|
void CSandMan::OnIniReloaded()
|
||||||
|
|
|
@ -44,19 +44,21 @@ void COptionsWindow::OnAccessChanged()
|
||||||
|
|
||||||
UpdateAccessPolicy();
|
UpdateAccessPolicy();
|
||||||
|
|
||||||
|
if ((sender() == ui.chkPrivacy || sender() == ui.chkRestrictDevices) && !(ui.chkPrivacy->isChecked() || ui.chkRestrictDevices->isChecked())) {
|
||||||
|
ui.chkUseSpecificity->setChecked(m_pBox->GetBool("UseRuleSpecificity", false));
|
||||||
|
}
|
||||||
|
|
||||||
m_AccessChanged = true;
|
m_AccessChanged = true;
|
||||||
OnOptChanged();
|
OnOptChanged();
|
||||||
}
|
}
|
||||||
|
|
||||||
void COptionsWindow::UpdateAccessPolicy()
|
void COptionsWindow::UpdateAccessPolicy()
|
||||||
{
|
{
|
||||||
|
ui.chkUseSpecificity->setEnabled(!(ui.chkPrivacy->isChecked() || ui.chkRestrictDevices->isChecked()));
|
||||||
|
|
||||||
if (ui.chkPrivacy->isChecked() || ui.chkRestrictDevices->isChecked()) {
|
if (ui.chkPrivacy->isChecked() || ui.chkRestrictDevices->isChecked()) {
|
||||||
ui.chkUseSpecificity->setEnabled(false);
|
|
||||||
ui.chkUseSpecificity->setChecked(true);
|
ui.chkUseSpecificity->setChecked(true);
|
||||||
}
|
}
|
||||||
else {
|
|
||||||
ui.chkUseSpecificity->setEnabled(true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
QTreeWidgetItem* COptionsWindow::GetAccessEntry(EAccessType Type, const QString& Program, EAccessMode Mode, const QString& Path)
|
QTreeWidgetItem* COptionsWindow::GetAccessEntry(EAccessType Type, const QString& Program, EAccessMode Mode, const QString& Path)
|
||||||
|
|
|
@ -256,6 +256,11 @@ void COptionsWindow::OnIsolationChanged()
|
||||||
|
|
||||||
UpdateBoxIsolation();
|
UpdateBoxIsolation();
|
||||||
|
|
||||||
|
if (sender() == ui.chkNoSecurityIsolation && !ui.chkNoSecurityIsolation->isChecked()) {
|
||||||
|
ui.chkCloseForBox->setChecked(m_pBox->GetBool("AlwaysCloseForBoxed", true));
|
||||||
|
ui.chkNoOpenForBox->setChecked(m_pBox->GetBool("DontOpenForBoxed", true));
|
||||||
|
}
|
||||||
|
|
||||||
m_AdvancedChanged = true;
|
m_AdvancedChanged = true;
|
||||||
OnOptChanged();
|
OnOptChanged();
|
||||||
}
|
}
|
||||||
|
@ -275,8 +280,6 @@ void COptionsWindow::UpdateBoxIsolation()
|
||||||
ui.chkRawDiskRead->setEnabled(!ui.chkNoSecurityIsolation->isChecked()); // without isolation only user mode
|
ui.chkRawDiskRead->setEnabled(!ui.chkNoSecurityIsolation->isChecked()); // without isolation only user mode
|
||||||
ui.chkRawDiskNotify->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
ui.chkRawDiskNotify->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
|
|
||||||
UpdateBoxSecurity();
|
|
||||||
|
|
||||||
ui.chkBlockNetShare->setEnabled(!ui.chkNoSecurityFiltering->isChecked());
|
ui.chkBlockNetShare->setEnabled(!ui.chkNoSecurityFiltering->isChecked());
|
||||||
|
|
||||||
ui.chkBlockSpooler->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
ui.chkBlockSpooler->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
|
@ -286,17 +289,13 @@ void COptionsWindow::UpdateBoxIsolation()
|
||||||
ui.chkCloseClipBoard->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
ui.chkCloseClipBoard->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
ui.chkVmRead->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
ui.chkVmRead->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
|
|
||||||
|
ui.chkCloseForBox->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
|
ui.chkNoOpenForBox->setEnabled(!ui.chkNoSecurityIsolation->isChecked());
|
||||||
|
|
||||||
if (ui.chkNoSecurityIsolation->isChecked()) {
|
if (ui.chkNoSecurityIsolation->isChecked()) {
|
||||||
ui.chkCloseForBox->setEnabled(false);
|
|
||||||
ui.chkCloseForBox->setChecked(false);
|
ui.chkCloseForBox->setChecked(false);
|
||||||
ui.chkNoOpenForBox->setEnabled(false);
|
|
||||||
ui.chkNoOpenForBox->setChecked(false);
|
ui.chkNoOpenForBox->setChecked(false);
|
||||||
}
|
}
|
||||||
else {
|
|
||||||
ui.chkCloseForBox->setEnabled(true);
|
|
||||||
ui.chkNoOpenForBox->setEnabled(true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void COptionsWindow::OnSysSvcChanged()
|
void COptionsWindow::OnSysSvcChanged()
|
||||||
|
|
|
@ -295,11 +295,17 @@ void COptionsWindow::UpdateBoxSecurity()
|
||||||
ui.chkLockDown->setEnabled(!ui.chkSecurityMode->isChecked());
|
ui.chkLockDown->setEnabled(!ui.chkSecurityMode->isChecked());
|
||||||
ui.chkRestrictDevices->setEnabled(!ui.chkSecurityMode->isChecked());
|
ui.chkRestrictDevices->setEnabled(!ui.chkSecurityMode->isChecked());
|
||||||
|
|
||||||
|
|
||||||
if (!theAPI->IsRunningAsAdmin()) {
|
if (!theAPI->IsRunningAsAdmin()) {
|
||||||
ui.chkDropRights->setEnabled(!ui.chkSecurityMode->isChecked() && !ui.chkNoSecurityIsolation->isChecked() && !theAPI->IsRunningAsAdmin());
|
ui.chkDropRights->setEnabled(!ui.chkSecurityMode->isChecked() && !ui.chkNoSecurityIsolation->isChecked() && !theAPI->IsRunningAsAdmin());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ui.chkSecurityMode->isChecked()) {
|
||||||
|
ui.chkLockDown->setChecked(true);
|
||||||
|
ui.chkRestrictDevices->setChecked(true);
|
||||||
|
|
||||||
|
ui.chkDropRights->setChecked(true);
|
||||||
|
}
|
||||||
|
|
||||||
ui.chkMsiExemptions->setEnabled(!ui.chkDropRights->isChecked());
|
ui.chkMsiExemptions->setEnabled(!ui.chkDropRights->isChecked());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -308,15 +314,19 @@ void COptionsWindow::OnSecurityMode()
|
||||||
if (ui.chkSecurityMode->isChecked() || ui.chkLockDown->isChecked() || ui.chkRestrictDevices->isChecked())
|
if (ui.chkSecurityMode->isChecked() || ui.chkLockDown->isChecked() || ui.chkRestrictDevices->isChecked())
|
||||||
theGUI->CheckCertificate(this);
|
theGUI->CheckCertificate(this);
|
||||||
|
|
||||||
if (ui.chkSecurityMode->isChecked()) {
|
|
||||||
ui.chkLockDown->setChecked(true);
|
|
||||||
ui.chkRestrictDevices->setChecked(true);
|
|
||||||
ui.chkDropRights->setChecked(true);
|
|
||||||
}
|
|
||||||
|
|
||||||
UpdateBoxSecurity();
|
UpdateBoxSecurity();
|
||||||
|
|
||||||
OnGeneralChanged();
|
if (sender() == ui.chkSecurityMode && !ui.chkSecurityMode->isChecked()) {
|
||||||
|
ui.chkLockDown->setChecked(m_pBox->GetBool("SysCallLockDown", false));
|
||||||
|
ui.chkRestrictDevices->setChecked(m_pBox->GetBool("RestrictDevices", false));
|
||||||
|
|
||||||
|
ui.chkDropRights->setChecked(m_pBox->GetBool("DropAdminRights", false));
|
||||||
|
}
|
||||||
|
|
||||||
|
m_GeneralChanged = true;
|
||||||
|
OnOptChanged();
|
||||||
|
|
||||||
|
OnAccessChanged(); // for rule specificity
|
||||||
}
|
}
|
||||||
|
|
||||||
void COptionsWindow::OnPickColor()
|
void COptionsWindow::OnPickColor()
|
||||||
|
|
Loading…
Reference in New Issue