1.1.0
This commit is contained in:
parent
9d8ef41fb5
commit
e94568b3a4
68
CHANGELOG.md
68
CHANGELOG.md
|
@ -6,57 +6,79 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
|
||||
|
||||
|
||||
# [1.1.0 / 5.56.0] - 2022-01-06
|
||||
## [1.1.0 / 5.56.0] - 2022-01-??
|
||||
|
||||
### Added
|
||||
- added support for NtRenameKey (this requires UseRegDeleteV2=y) [#205](https://github.com/sandboxie-plus/Sandboxie/issues/205)
|
||||
- FIXED SECURITY ISSUE: memory of unsandboxed processes can no longer be read, except for exceptions
|
||||
- added ReadIpcPath to enable more flexibility in IPC usage
|
||||
|
||||
|
||||
### Changed
|
||||
- reworked the mechanism sandboxie uses to mark host files as deleted
|
||||
-- the new behavioure creates a data file in the box root FilePaths.dat instead of creating dummy files
|
||||
-- it can be enabled with UseFileDeleteV2=y sane for the registry UseRegDeleteV2=y using RegPaths.dat
|
||||
- disabled a couple driver based workarounds for boxes in compartment mode as then thay should not be required
|
||||
|
||||
- removed "AlwaysUseWin32kHooks", now these win32 hooks are always enabled
|
||||
-- note: you can use "UseWin32kHooks=program.exe,n" to disable them for sellected programs
|
||||
- EnableObjectFiltering is now set enabled by default, and replaces sbies old process/thread handle filter
|
||||
|
||||
### Fixed
|
||||
- fixed folder rename issues (this requires UseFileDeleteV2=y) [#71](https://github.com/sandboxie-plus/Sandboxie/issues/71)
|
||||
- fixed issue with process access [#1603](https://github.com/sandboxie-plus/Sandboxie/issues/1603)
|
||||
|
||||
|
||||
|
||||
|
||||
# [1.0.10 / 5.55.10] - 2022-01-06
|
||||
## [1.0.11 / 5.55.11] - 2022-02-14
|
||||
|
||||
### Added
|
||||
- added option to show only boxes in tray with runnign processes [#1186](https://github.com/sandboxie-plus/Sandboxie/issues/1186)
|
||||
-- additional option show only pinned bixes, in box options a bix can be set to be always shown in theay list (Pinned)
|
||||
- added options menu command to reset the GUI [#1589](https://github.com/sandboxie-plus/Sandboxie/issues/1589)
|
||||
- added 'Run Un-Sandboxed' context menu option
|
||||
- added new trigger "OnBoxDelete" that allows to specify a command that is run UNBOXED just before the box content gets deleted
|
||||
-- note: this can be used as a replacemetn to the DeleteCommand [#591](https://github.com/sandboxie-plus/Sandboxie/issues/591)
|
||||
- sellected box operations (deletion) no longer show the progress dialog [1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
||||
-- instead a box with a running operation show a blinking hour glass icon, the context menu can be used to cancel the operation
|
||||
- added optional tray notification when a box content gets auto deleted
|
||||
- added FreeDownloadManager template
|
||||
- added warnign when opening unsandboxed regedit [#1606](https://github.com/sandboxie-plus/Sandboxie/issues/1606)
|
||||
|
||||
### Changed
|
||||
- HideHostProcess=program.exe can now be used to hide sandboxie services [#1336](https://github.com/sandboxie-plus/Sandboxie/issues/1336)
|
||||
- the asynchroniouse box operations introduced in the last build are due to a pupular request now disabled by default
|
||||
- moved sys tray options from general to shell integration tab
|
||||
|
||||
### Fixed
|
||||
- fixed compatybility issue with SECUROM [#1597](https://github.com/sandboxie-plus/Sandboxie/issues/1597)
|
||||
- fixed modality issue [#1615](https://github.com/sandboxie-plus/Sandboxie/issues/1615)
|
||||
|
||||
|
||||
|
||||
## [1.0.10 / 5.55.10] - 2022-02-06
|
||||
|
||||
### Added
|
||||
- added option to show only boxes in tray with running processes [#1186](https://github.com/sandboxie-plus/Sandboxie/issues/1186)
|
||||
-- additional option shows only pinned boxes, in box options a box can be set to be always shown in tray list (Pinned)
|
||||
- added Options menu command to reset the GUI [#1589](https://github.com/sandboxie-plus/Sandboxie/issues/1589)
|
||||
- added `Run Un-Sandboxed` context menu option
|
||||
- added new trigger `OnBoxDelete` that allows to specify a command that is run UNBOXED just before the box content gets deleted
|
||||
-- note: this can be used as a replacement to `DeleteCommand` [#591](https://github.com/sandboxie-plus/Sandboxie/issues/591)
|
||||
- selected box operations (deletion) no longer show the progress dialog [#1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
||||
-- if a box with a running operation shows a blinking hour glass icon, the context menu can be used to cancel the operation
|
||||
|
||||
### Changed
|
||||
- `HideHostProcess=program.exe` can now be used to hide sandboxie services [#1336](https://github.com/sandboxie-plus/Sandboxie/issues/1336)
|
||||
- updater blocking is now done using a template called BlockSoftwareUpdaters
|
||||
- enchanced "StartProgram=..." making "StartCommand=..." obsolete
|
||||
-- for same functionality as "StartCommand=..." use "StartProgram=%SbieHome%\Start.exe ..."
|
||||
- merged "Auto Start" General tab with the "Auto Exec" Advanced tab into a universal"Triggers" Advanced tab
|
||||
- enhanced `StartProgram=...` makes `StartCommand=...` obsolete
|
||||
-- for same functionality as `StartCommand=...`, use `StartProgram=%SbieHome%\Start.exe ...`
|
||||
- merged `Auto Start` General tab with the `Auto Exec` Advanced tab into a universal `Triggers` Advanced tab
|
||||
|
||||
### Fixed
|
||||
- fixed a couple issues with the new breakout process feature and improved security (thanks Diversenok)
|
||||
- fixed issues with re opening already open windows [#1584](https://github.com/sandboxie-plus/Sandboxie/issues/1584)
|
||||
- fixed issues with re-opening windows already open [#1584](https://github.com/sandboxie-plus/Sandboxie/issues/1584)
|
||||
- fixed issue with desktop access [#1588](https://github.com/sandboxie-plus/Sandboxie/issues/1588)
|
||||
- fixed issue handling commandline invokation [#1133](https://github.com/sandboxie-plus/Sandboxie/issues/1133)
|
||||
- fixed ui issue with main window state when switching always on top attribute [#1169](https://github.com/sandboxie-plus/Sandboxie/issues/1169)
|
||||
- fixed issue about command line invocation handling [#1133](https://github.com/sandboxie-plus/Sandboxie/issues/1133)
|
||||
- fixed UI issue with main window state when switching always on top attribute [#1169](https://github.com/sandboxie-plus/Sandboxie/issues/1169)
|
||||
- fixed issue with box context menu in tray list [1106](https://github.com/sandboxie-plus/Sandboxie/issues/1106)
|
||||
- fixed issue with "AutoExec=..."
|
||||
- fixed issues canceling box deletion operations didn't working [1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
||||
- fixed issue with `AutoExec=...`
|
||||
- fixed issues where canceling box deletion operations didn't work [#1061](https://github.com/sandboxie-plus/Sandboxie/issues/1061)
|
||||
- fixed issue with DPI scalling and color picker dialog [#803](https://github.com/sandboxie-plus/Sandboxie/issues/803)
|
||||
|
||||
### Removed
|
||||
- removed UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y used for free download manager as it broke other things
|
||||
-- when using free download manager ad the line manually to your sandboxie.ini
|
||||
- removed `UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y` used for Free Download Manager as it broke other things
|
||||
-- only if you use Free Download Manager together with the setting `RpcMgmtSetComTimeout=n` in a sandbox, you have to add the line manually to your Sandboxie.ini
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -373,7 +373,7 @@ static const WCHAR *Pool_large_chunks_lock_Name = L"PoolLockL";
|
|||
|
||||
ALIGNED void *Pool_Alloc_Mem(ULONG size, ULONG tag)
|
||||
{
|
||||
void *ptr;
|
||||
void *ptr = NULL;
|
||||
|
||||
Pool_Timing(NULL);
|
||||
|
||||
|
@ -382,7 +382,9 @@ ALIGNED void *Pool_Alloc_Mem(ULONG size, ULONG tag)
|
|||
#ifdef KERNEL_MODE
|
||||
ptr = ExAllocatePoolWithTag(PagedPool, size, tag);
|
||||
#else
|
||||
ptr = VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT | MEM_TOP_DOWN,
|
||||
//ptr = VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT | MEM_TOP_DOWN,
|
||||
ULONG_PTR RegionSize = size;
|
||||
NtAllocateVirtualMemory(NtCurrentProcess(), &ptr, 0, &RegionSize, MEM_RESERVE | MEM_COMMIT | MEM_TOP_DOWN,
|
||||
((UCHAR)tag == 0xFF ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE));
|
||||
#endif
|
||||
// printf("Allocated %d bytes at %08X\n", size, ptr);
|
||||
|
|
|
@ -34,14 +34,21 @@ public:
|
|||
{
|
||||
if (*m_ptr && watchActive)
|
||||
{
|
||||
free(*m_ptr);
|
||||
HeapFree(GetProcessHeap(), 0, *m_ptr);
|
||||
*m_ptr = 0;
|
||||
}
|
||||
}
|
||||
|
||||
static void* Alloc(size_t size) {
|
||||
return HeapAlloc(GetProcessHeap(), 0, size);
|
||||
}
|
||||
|
||||
void disableWatch() { watchActive = false; }
|
||||
};
|
||||
|
||||
#define NEW(size) \
|
||||
CMemPtr::Alloc(size)
|
||||
|
||||
#define WATCH(ptr) \
|
||||
CMemPtr watch_##ptr((void**)&ptr)
|
||||
|
||||
|
|
|
@ -37,17 +37,6 @@
|
|||
//HANDLE g_heap;
|
||||
BOOL g_isWow64 = TRUE;
|
||||
|
||||
void* malloc(size_t size)
|
||||
{
|
||||
return HeapAlloc(GetProcessHeap(), 0, size);
|
||||
}
|
||||
|
||||
void free(void* ptr)
|
||||
{
|
||||
if (nullptr != ptr)
|
||||
HeapFree(GetProcessHeap(), 0, ptr);
|
||||
}
|
||||
|
||||
#include "CMemPtr.h"
|
||||
|
||||
/*int _wcsicmp(const wchar_t *string1, const wchar_t *string2)
|
||||
|
@ -329,7 +318,7 @@ extern "C" DWORD64 __cdecl GetModuleHandle64(const wchar_t* lpModuleName)
|
|||
{
|
||||
getMem64(&head, head.InLoadOrderLinks.Flink, sizeof(LDR_DATA_TABLE_ENTRY64));
|
||||
|
||||
wchar_t* tempBuf = (wchar_t*)malloc(head.BaseDllName.MaximumLength);
|
||||
wchar_t* tempBuf = (wchar_t*)NEW(head.BaseDllName.MaximumLength);
|
||||
if (nullptr == tempBuf)
|
||||
return 0;
|
||||
WATCH(tempBuf);
|
||||
|
@ -373,19 +362,19 @@ DWORD64 getLdrGetProcedureAddress()
|
|||
IMAGE_EXPORT_DIRECTORY ied;
|
||||
getMem64(&ied, modBase + idd.VirtualAddress, sizeof(ied));
|
||||
|
||||
DWORD* rvaTable = (DWORD*)malloc(sizeof(DWORD)*ied.NumberOfFunctions);
|
||||
DWORD* rvaTable = (DWORD*)NEW(sizeof(DWORD)*ied.NumberOfFunctions);
|
||||
if (nullptr == rvaTable)
|
||||
return 0;
|
||||
WATCH(rvaTable);
|
||||
getMem64(rvaTable, modBase + ied.AddressOfFunctions, sizeof(DWORD)*ied.NumberOfFunctions);
|
||||
|
||||
WORD* ordTable = (WORD*)malloc(sizeof(WORD)*ied.NumberOfFunctions);
|
||||
WORD* ordTable = (WORD*)NEW(sizeof(WORD)*ied.NumberOfFunctions);
|
||||
if (nullptr == ordTable)
|
||||
return 0;
|
||||
WATCH(ordTable);
|
||||
getMem64(ordTable, modBase + ied.AddressOfNameOrdinals, sizeof(WORD)*ied.NumberOfFunctions);
|
||||
|
||||
DWORD* nameTable = (DWORD*)malloc(sizeof(DWORD)*ied.NumberOfNames);
|
||||
DWORD* nameTable = (DWORD*)NEW(sizeof(DWORD)*ied.NumberOfNames);
|
||||
if (nullptr == nameTable)
|
||||
return 0;
|
||||
WATCH(nameTable);
|
||||
|
|
|
@ -393,21 +393,20 @@ _FX BOOLEAN Win32_Init(HMODULE hmodule)
|
|||
if (Dll_OsBuild < 10041 || (Dll_ProcessFlags & SBIE_FLAG_WIN32K_HOOKABLE) == 0 || !SbieApi_QueryConfBool(NULL, L"EnableWin32kHooks", TRUE))
|
||||
return TRUE; // just return on older builds, or not enabled
|
||||
|
||||
if (Dll_CompartmentMode || SbieApi_data->flags.bNoSysHooks)
|
||||
return TRUE;
|
||||
|
||||
// disable Electron Workaround when we are ready to hook the required win32k syscalls
|
||||
extern BOOL Dll_ElectronWorkaround;
|
||||
Dll_ElectronWorkaround = FALSE;
|
||||
|
||||
if (Dll_CompartmentMode || SbieApi_data->flags.bNoSysHooks)
|
||||
return TRUE;
|
||||
|
||||
//
|
||||
// chrome needs for a working GPU acceleration the GdiDdDDI* win32k syscalls to have the right user token
|
||||
//
|
||||
|
||||
WCHAR* cmdline = GetCommandLine();
|
||||
|
||||
if ((wcsstr(cmdline, L"--type=gpu-process") != NULL && wcsstr(cmdline, L"--gpu-preferences=") != NULL)
|
||||
|| SbieDll_GetSettingsForName_bool(NULL, Dll_ImageName, L"AlwaysUseWin32kHooks", FALSE)) {
|
||||
if (SbieDll_GetSettingsForName_bool(NULL, Dll_ImageName, L"UseWin32kHooks", TRUE)) {
|
||||
|
||||
#ifndef _WIN64
|
||||
if (Dll_IsWow64)
|
||||
|
|
|
@ -407,15 +407,13 @@ void DbgPrint(const char* format, ...)
|
|||
va_list va_args;
|
||||
va_start(va_args, format);
|
||||
|
||||
char *tmp1 = Dll_AllocTemp(510);
|
||||
char tmp1[510];
|
||||
|
||||
extern int(*P_vsnprintf)(char *_Buffer, size_t Count, const char * const, va_list Args);
|
||||
P_vsnprintf(tmp1, 510, format, va_args);
|
||||
|
||||
OutputDebugStringA(tmp1);
|
||||
|
||||
Dll_Free(tmp1);
|
||||
|
||||
va_end(va_args);
|
||||
}
|
||||
|
||||
|
@ -431,18 +429,16 @@ void DbgTrace(const char* format, ...)
|
|||
va_list va_args;
|
||||
va_start(va_args, format);
|
||||
|
||||
char *tmp1 = Dll_AllocTemp(510);
|
||||
char tmp1[510];
|
||||
WCHAR tmp2[510];
|
||||
|
||||
extern int(*P_vsnprintf)(char *_Buffer, size_t Count, const char * const, va_list Args);
|
||||
P_vsnprintf(tmp1, 510, format, va_args);
|
||||
|
||||
WCHAR *tmp2 = Dll_AllocTemp(510*sizeof(WCHAR));
|
||||
Sbie_snwprintf((WCHAR *)tmp2, 510, L"%S", tmp1);
|
||||
|
||||
SbieApi_MonitorPut2(MONITOR_OTHER | MONITOR_TRACE, tmp2, FALSE);
|
||||
|
||||
Dll_Free(tmp1);
|
||||
|
||||
va_end(va_args);
|
||||
}
|
||||
|
||||
|
|
|
@ -1458,8 +1458,7 @@ _FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms)
|
|||
}
|
||||
}
|
||||
|
||||
BOOLEAN obj_filter_enabled = Conf_Get_Boolean(NULL, L"EnableObjectFiltering", 0, FALSE);
|
||||
extern BOOLEAN Obj_CallbackInstalled;
|
||||
BOOLEAN obj_filter_enabled = Conf_Get_Boolean(NULL, L"EnableObjectFiltering", 0, TRUE);
|
||||
if (Obj_CallbackInstalled != obj_filter_enabled && Driver_OsVersion > DRIVER_WINDOWS_VISTA) {
|
||||
if (obj_filter_enabled) {
|
||||
Obj_Load_Filter();
|
||||
|
|
|
@ -671,21 +671,18 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
|
|||
//
|
||||
|
||||
ok = Process_GetPaths(proc, normal_file_paths, _NormalPath, TRUE);
|
||||
if (! ok) {
|
||||
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (proc->use_privacy_mode) {
|
||||
if (ok && proc->use_privacy_mode) {
|
||||
for (i = 0; normalpaths[i] && ok; ++i) {
|
||||
ok = Process_AddPath(proc, normal_file_paths, _NormalPath, TRUE, normalpaths[i], FALSE);
|
||||
ok = Process_AddPath(
|
||||
proc, normal_file_paths, NULL, TRUE, normalpaths[i], FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
if (! ok) {
|
||||
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
//
|
||||
|
|
|
@ -1311,9 +1311,11 @@ _FX ULONG_PTR Gui_NtUserPostThreadMessage(
|
|||
status = STATUS_SUCCESS;
|
||||
else {
|
||||
status = Gui_CheckBoxedThread(proc, idThread, &idProcess);
|
||||
if (status == STATUS_ACCESS_DENIED)
|
||||
status = Process_CheckProcessName(
|
||||
proc, &proc->open_win_classes, idProcess, NULL);
|
||||
if (status == STATUS_ACCESS_DENIED) {
|
||||
if (Process_CheckProcessName(
|
||||
proc, &proc->open_win_classes, idProcess, NULL))
|
||||
status = STATUS_SUCCESS;
|
||||
}
|
||||
}
|
||||
|
||||
if (Session_MonitorCount && !proc->disable_monitor) {
|
||||
|
|
|
@ -157,8 +157,7 @@ _FX BOOLEAN Ipc_Init(void)
|
|||
|
||||
if (Driver_OsVersion > DRIVER_WINDOWS_VISTA) {
|
||||
|
||||
// Don't use experimental features by default
|
||||
if (Conf_Get_Boolean(NULL, L"EnableObjectFiltering", 0, FALSE)) {
|
||||
if (Conf_Get_Boolean(NULL, L"EnableObjectFiltering", 0, TRUE)) {
|
||||
|
||||
if (!Obj_Load_Filter())
|
||||
return FALSE;
|
||||
|
@ -381,6 +380,7 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
|
|||
#endif
|
||||
static const WCHAR* _OpenPath = L"OpenIpcPath";
|
||||
static const WCHAR* _ClosedPath = L"ClosedIpcPath";
|
||||
static const WCHAR* _ReadPath = L"ReadIpcPath";
|
||||
static const WCHAR* openpaths[] = {
|
||||
L"\\Windows\\ApiPort",
|
||||
L"\\Sessions\\*\\Windows\\ApiPort",
|
||||
|
@ -576,6 +576,10 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
|
|||
// NULL
|
||||
//};
|
||||
#endif
|
||||
static const WCHAR *readpaths[] = {
|
||||
L"$:explorer.exe",
|
||||
NULL
|
||||
};
|
||||
|
||||
ULONG i;
|
||||
BOOLEAN ok;
|
||||
|
@ -586,21 +590,19 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
|
|||
|
||||
#ifdef USE_MATCH_PATH_EX
|
||||
ok = Process_GetPaths(proc, &proc->normal_ipc_paths, _NormalPath, FALSE);
|
||||
|
||||
//if (ok && proc->use_privacy_mode) {
|
||||
//
|
||||
// for (i = 0; normalpaths[i] && ok; ++i) {
|
||||
// ok = Process_AddPath(proc, &proc->normal_ipc_paths, NULL,
|
||||
// TRUE, normalpaths[i], FALSE);
|
||||
// }
|
||||
//}
|
||||
|
||||
if (!ok) {
|
||||
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
//if (proc->use_privacy_mode) {
|
||||
// for (i = 0; normalpaths[i] && ok; ++i) {
|
||||
// ok = Process_AddPath(proc, &proc->normal_ipc_paths, _NormalPath, TRUE, normalpaths[i], FALSE);
|
||||
// }
|
||||
//
|
||||
// if (! ok) {
|
||||
// Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
|
||||
// return FALSE;
|
||||
// }
|
||||
//}
|
||||
#endif
|
||||
|
||||
//
|
||||
|
@ -696,6 +698,29 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
//
|
||||
// read-only paths
|
||||
//
|
||||
|
||||
ok = Process_GetPaths(proc, &proc->read_ipc_paths, _ReadPath, TRUE);
|
||||
|
||||
if (ok) {
|
||||
|
||||
for (i = 0; readpaths[i] && ok; ++i) {
|
||||
ok = Process_AddPath(proc, &proc->read_ipc_paths, NULL,
|
||||
TRUE, readpaths[i], FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
if (! ok) {
|
||||
Log_MsgP1(MSG_INIT_PATHS, _ReadPath, proc->pid);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
//
|
||||
// other options
|
||||
//
|
||||
|
||||
proc->ipc_warn_startrun = Conf_Get_Boolean(
|
||||
proc->box->name, L"NotifyStartRunAccessDenied", 0, TRUE);
|
||||
|
||||
|
|
|
@ -260,16 +260,18 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
if (proc->use_privacy_mode) {
|
||||
if (ok && proc->use_privacy_mode) {
|
||||
|
||||
for (i = 0; normalpaths[i] && ok; ++i) {
|
||||
ok = Process_AddPath(proc, &proc->normal_key_paths, _NormalPath, TRUE, normalpaths[i], FALSE);
|
||||
ok = Process_AddPath(proc, &proc->normal_key_paths, NULL,
|
||||
TRUE, normalpaths[i], FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
if (!ok) {
|
||||
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
//
|
||||
|
|
|
@ -237,7 +237,6 @@ _FX void Log_Msg(
|
|||
const WCHAR *string1,
|
||||
const WCHAR *string2)
|
||||
{
|
||||
//DbgPrint("Sbie MSG_%d: %S; %S\r\n", (error_code & 0xFFFF), string1, string2);
|
||||
Log_Msg_Session(error_code, string1, string2, -1);
|
||||
}
|
||||
|
||||
|
@ -268,6 +267,8 @@ _FX void Log_Msg_Process(
|
|||
ULONG session_id,
|
||||
HANDLE process_id)
|
||||
{
|
||||
DbgPrint("Sbie MSG_%d: %S; %S\r\n", (error_code & 0xFFFF), string1, string2);
|
||||
|
||||
ULONG facility = (error_code >> 16) & 0x0F;
|
||||
if (facility & MSG_FACILITY_EVENT)
|
||||
Log_Event_Msg(error_code, string1, string2);
|
||||
|
|
|
@ -91,6 +91,7 @@ extern const OBJECT_NAME_INFORMATION Obj_Unnamed;
|
|||
extern P_ObGetObjectType pObGetObjectType;
|
||||
extern P_ObQueryNameInfo pObQueryNameInfo;
|
||||
|
||||
extern BOOLEAN Obj_CallbackInstalled;
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
// Macros Related to ParseProcedure
|
||||
|
|
|
@ -240,9 +240,7 @@ _FX OB_PREOP_CALLBACK_STATUS Obj_PreOperationCallback(
|
|||
goto Exit;
|
||||
|
||||
PEPROCESS ProcessObject = (PEPROCESS)PreInfo->Object;
|
||||
ACCESS_MASK WriteAccess = (InitialDesiredAccess & PROCESS_DENIED_ACCESS_MASK);
|
||||
if (!NT_SUCCESS(Thread_CheckObject_Common(
|
||||
proc, ProcessObject, InitialDesiredAccess, WriteAccess, L'P'))) {
|
||||
if (!NT_SUCCESS(Thread_CheckObject_Common(proc, ProcessObject, InitialDesiredAccess, TRUE))) {
|
||||
|
||||
#ifdef DRV_BREAKOUT
|
||||
//
|
||||
|
@ -301,9 +299,7 @@ _FX OB_PREOP_CALLBACK_STATUS Obj_PreOperationCallback(
|
|||
goto Exit;
|
||||
|
||||
PEPROCESS ProcessObject = PsGetThreadProcess((PETHREAD)PreInfo->Object);
|
||||
ACCESS_MASK WriteAccess = (InitialDesiredAccess & THREAD_DENIED_ACCESS_MASK);
|
||||
if (!NT_SUCCESS(Thread_CheckObject_Common(
|
||||
proc, ProcessObject, InitialDesiredAccess, WriteAccess, L'T'))) {
|
||||
if (!NT_SUCCESS(Thread_CheckObject_Common(proc, ProcessObject, InitialDesiredAccess, FALSE))) {
|
||||
*DesiredAccess = 0; // deny any access
|
||||
}
|
||||
//ObjectTypeName = L"PsThreadType";
|
||||
|
|
|
@ -728,8 +728,6 @@ _FX PROCESS *Process_Create(
|
|||
|
||||
proc->dont_open_for_boxed = !proc->bAppCompartment && Conf_Get_Boolean(proc->box->name, L"DontOpenForBoxed", 0, TRUE);
|
||||
|
||||
proc->hide_other_boxes = Conf_Get_Boolean(proc->box->name, L"HideOtherBoxes", 0, FALSE);
|
||||
|
||||
//
|
||||
// privacy mode requirers Rule Specificity
|
||||
//
|
||||
|
|
|
@ -139,7 +139,6 @@ struct _PROCESS {
|
|||
|
||||
BOOLEAN always_close_for_boxed;
|
||||
BOOLEAN dont_open_for_boxed;
|
||||
BOOLEAN hide_other_boxes;
|
||||
#ifdef USE_MATCH_PATH_EX
|
||||
BOOLEAN use_rule_specificity;
|
||||
BOOLEAN use_privacy_mode;
|
||||
|
@ -189,6 +188,7 @@ struct _PROCESS {
|
|||
#endif
|
||||
LIST open_ipc_paths; // PATTERN elements
|
||||
LIST closed_ipc_paths; // PATTERN elements
|
||||
LIST read_ipc_paths; // PATTERN elements
|
||||
ULONG ipc_trace;
|
||||
BOOLEAN disable_object_flt;
|
||||
BOOLEAN ipc_warn_startrun;
|
||||
|
@ -371,10 +371,10 @@ void Process_GetProcessName(
|
|||
|
||||
// Check if open_path contains setting "$:ProcessName.exe"
|
||||
// where ProcessName matches the specified idProcess.
|
||||
// If not contained, returns STATUS_ACCESS_DENIED with *pSetting = NULL
|
||||
// If contained, returns STATUS_SUCCESS with *pSetting -> matching setting
|
||||
// If not contained, returns FALSE with *pSetting = NULL
|
||||
// If contained, returns TRUE with *pSetting -> matching setting
|
||||
|
||||
NTSTATUS Process_CheckProcessName(
|
||||
BOOLEAN Process_CheckProcessName(
|
||||
PROCESS *proc, LIST *open_paths, ULONG_PTR idProcess,
|
||||
const WCHAR **pSetting);
|
||||
|
||||
|
|
|
@ -785,6 +785,9 @@ _FX NTSTATUS Process_Api_QueryPathList(PROCESS *proc, ULONG64 *parms)
|
|||
} else if (args->path_code.val == 'ic') {
|
||||
list = &proc->closed_ipc_paths;
|
||||
lock = proc->ipc_lock;
|
||||
} else if (args->path_code.val == 'ir') {
|
||||
list = &proc->read_ipc_paths;
|
||||
lock = proc->ipc_lock;
|
||||
|
||||
} else if (args->path_code.val == 'wo') {
|
||||
list = &proc->open_win_classes;
|
||||
|
|
|
@ -1173,23 +1173,23 @@ _FX void Process_GetProcessName(
|
|||
//---------------------------------------------------------------------------
|
||||
|
||||
|
||||
_FX NTSTATUS Process_CheckProcessName(
|
||||
_FX BOOLEAN Process_CheckProcessName(
|
||||
PROCESS *proc, LIST *open_paths, ULONG_PTR idProcess,
|
||||
const WCHAR **pSetting)
|
||||
{
|
||||
NTSTATUS status;
|
||||
BOOLEAN result;
|
||||
PATTERN *pat;
|
||||
void *nbuf;
|
||||
ULONG nlen;
|
||||
WCHAR *nptr;
|
||||
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
result = FALSE;
|
||||
|
||||
if (pSetting)
|
||||
*pSetting = NULL;
|
||||
|
||||
if (! idProcess)
|
||||
return status;
|
||||
return result;
|
||||
|
||||
nbuf = NULL;
|
||||
nlen = 0;
|
||||
|
@ -1213,7 +1213,7 @@ _FX NTSTATUS Process_CheckProcessName(
|
|||
break;
|
||||
}
|
||||
if (_wcsicmp(nptr, src + 2) == 0) {
|
||||
status = STATUS_SUCCESS;
|
||||
result = TRUE;
|
||||
if (pSetting)
|
||||
*pSetting = src;
|
||||
break;
|
||||
|
@ -1224,7 +1224,7 @@ _FX NTSTATUS Process_CheckProcessName(
|
|||
if (nbuf)
|
||||
Mem_Free(nbuf, nlen);
|
||||
|
||||
return status;
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
#include "process.h"
|
||||
#include "syscall.h"
|
||||
#include "token.h"
|
||||
#include "obj.h"
|
||||
#include "session.h"
|
||||
#include "api.h"
|
||||
|
||||
|
@ -147,6 +148,7 @@ _FX BOOLEAN Thread_Init(void)
|
|||
"ImpersonateAnonymousToken", Thread_ImpersonateAnonymousToken))
|
||||
return FALSE;
|
||||
|
||||
|
||||
//
|
||||
// set object open handlers
|
||||
//
|
||||
|
@ -168,6 +170,7 @@ _FX BOOLEAN Thread_Init(void)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// set API handlers
|
||||
//
|
||||
|
@ -947,10 +950,9 @@ _FX NTSTATUS Thread_CheckProcessObject(
|
|||
PROCESS *proc, void *Object, UNICODE_STRING *Name,
|
||||
ACCESS_MASK GrantedAccess)
|
||||
{
|
||||
if (Obj_CallbackInstalled) return STATUS_SUCCESS; // ObCallbacks takes care of that already
|
||||
PEPROCESS ProcessObject = (PEPROCESS)Object;
|
||||
ACCESS_MASK WriteAccess = (GrantedAccess & PROCESS_DENIED_ACCESS_MASK);
|
||||
return Thread_CheckObject_Common(
|
||||
proc, ProcessObject, GrantedAccess, WriteAccess, L'P');
|
||||
return Thread_CheckObject_Common(proc, ProcessObject, GrantedAccess, TRUE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -963,10 +965,9 @@ _FX NTSTATUS Thread_CheckThreadObject(
|
|||
PROCESS *proc, void *Object, UNICODE_STRING *Name,
|
||||
ACCESS_MASK GrantedAccess)
|
||||
{
|
||||
if (Obj_CallbackInstalled) return STATUS_SUCCESS; // ObCallbacks takes care of that already
|
||||
PEPROCESS ProcessObject = PsGetThreadProcess(Object);
|
||||
ACCESS_MASK WriteAccess = (GrantedAccess & THREAD_DENIED_ACCESS_MASK);
|
||||
return Thread_CheckObject_Common(
|
||||
proc, ProcessObject, GrantedAccess, WriteAccess, L'T');
|
||||
return Thread_CheckObject_Common(proc, ProcessObject, GrantedAccess, FALSE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -977,11 +978,34 @@ _FX NTSTATUS Thread_CheckThreadObject(
|
|||
|
||||
_FX NTSTATUS Thread_CheckObject_Common(
|
||||
PROCESS *proc, PEPROCESS ProcessObject,
|
||||
ACCESS_MASK GrantedAccess, ACCESS_MASK WriteAccess, WCHAR Letter1)
|
||||
ACCESS_MASK GrantedAccess, BOOLEAN EntireProcess)
|
||||
{
|
||||
ULONG_PTR pid;
|
||||
const WCHAR *pSetting;
|
||||
NTSTATUS status;
|
||||
WCHAR Letter1;
|
||||
ACCESS_MASK WriteAccess;
|
||||
ACCESS_MASK ReadAccess;
|
||||
|
||||
if (EntireProcess) {
|
||||
Letter1 = L'P';
|
||||
WriteAccess = (GrantedAccess & PROCESS_DENIED_ACCESS_MASK);
|
||||
ReadAccess = (GrantedAccess & PROCESS_VM_READ);
|
||||
|
||||
//
|
||||
// PROCESS_QUERY_INFORMATION allows to steal an attached debug object
|
||||
// using object filtering mitigates this issue
|
||||
// but when its not active we should block that access
|
||||
//
|
||||
|
||||
if(!Obj_CallbackInstalled)
|
||||
ReadAccess |= (GrantedAccess & PROCESS_QUERY_INFORMATION);
|
||||
}
|
||||
else {
|
||||
Letter1 = L'T';
|
||||
WriteAccess = (GrantedAccess & THREAD_DENIED_ACCESS_MASK);
|
||||
ReadAccess = 0;
|
||||
}
|
||||
|
||||
//
|
||||
// if an error occured and can't find pid, then don't allow
|
||||
|
@ -992,24 +1016,14 @@ _FX NTSTATUS Thread_CheckObject_Common(
|
|||
if (! pid)
|
||||
return STATUS_ACCESS_DENIED;
|
||||
|
||||
//
|
||||
// for read-only access to the target process, we don't care
|
||||
// if/which boxes are involved
|
||||
//
|
||||
|
||||
if (pid && (WriteAccess == 0) && !proc->hide_other_boxes) {
|
||||
status = STATUS_SUCCESS;
|
||||
goto trace;
|
||||
}
|
||||
|
||||
//
|
||||
// otherwise this is write access, confirm if same box
|
||||
// allow access if it's within the same box
|
||||
//
|
||||
|
||||
if (Process_IsSameBox(proc, NULL, pid)) {
|
||||
status = STATUS_SUCCESS;
|
||||
goto trace;
|
||||
}
|
||||
if (Process_IsSameBox(proc, NULL, pid))
|
||||
goto finish;
|
||||
|
||||
//
|
||||
// also permit if process is exiting, because it is possible that
|
||||
|
@ -1018,18 +1032,34 @@ _FX NTSTATUS Thread_CheckObject_Common(
|
|||
// (e.g. VS2012 MSBuild.exe does this with the csc.exe compiler)
|
||||
//
|
||||
|
||||
if (PsGetProcessExitProcessCalled(ProcessObject)) {
|
||||
status = STATUS_SUCCESS;
|
||||
goto trace;
|
||||
}
|
||||
if (PsGetProcessExitProcessCalled(ProcessObject))
|
||||
goto finish;
|
||||
|
||||
|
||||
//
|
||||
// write access outside box, check if we have the following setting
|
||||
// access outside box, check if we have the following setting
|
||||
// OpenIpcPath=$:ProcessName.exe
|
||||
//
|
||||
|
||||
status = Process_CheckProcessName(
|
||||
proc, &proc->open_ipc_paths, pid, &pSetting);
|
||||
if (Process_CheckProcessName(proc, &proc->closed_ipc_paths, pid, &pSetting)) {
|
||||
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
|
||||
} else if (WriteAccess != 0 || ReadAccess != 0) {
|
||||
|
||||
if (!Process_CheckProcessName(proc, &proc->open_ipc_paths, pid, &pSetting)) {
|
||||
|
||||
if (WriteAccess != 0) {
|
||||
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
|
||||
} else if (!Process_CheckProcessName(proc, &proc->read_ipc_paths, pid, &pSetting)) {
|
||||
|
||||
status = STATUS_ACCESS_DENIED;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
//
|
||||
// log the cross-sandbox access attempt, based on the status code
|
||||
|
@ -1059,12 +1089,12 @@ _FX NTSTATUS Thread_CheckObject_Common(
|
|||
}
|
||||
}
|
||||
|
||||
finish:
|
||||
|
||||
//
|
||||
// trace
|
||||
//
|
||||
|
||||
trace:
|
||||
|
||||
if (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY)) {
|
||||
|
||||
WCHAR str[32];
|
||||
|
|
|
@ -96,7 +96,7 @@ THREAD *Thread_GetByThreadId(PROCESS *proc, HANDLE tid);
|
|||
|
||||
NTSTATUS Thread_CheckObject_Common(
|
||||
PROCESS *proc, PEPROCESS ProcessObject,
|
||||
ACCESS_MASK GrantedAccess, ACCESS_MASK WriteAccess, WCHAR Letter1);
|
||||
ACCESS_MASK GrantedAccess, BOOLEAN EntireProcess);
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
|
|
|
@ -1524,7 +1524,7 @@ OpenWinClass=TENTrayMainWindow
|
|||
OpenWinClass=ENMainFrame
|
||||
OpenWinClass=ENMainFrame3
|
||||
OpenWinClass=HwndWrapper[Evernote.exe;*
|
||||
OpenWinClass=$:EvernoteClipper.exe
|
||||
OpenWinClass=$:EvernoteClipper.exe/IgnoreUIPI
|
||||
LingerProcess=EvernoteClipper.exe
|
||||
|
||||
[Template_MetaProducts_Inquiry]
|
||||
|
@ -1574,7 +1574,7 @@ Tmpl.Url=http://www.kinook.com/UltraRecall/
|
|||
Tmpl.Scan=s
|
||||
Tmpl.ScanProduct=Ultra Recall_is1
|
||||
OpenWinClass=Afx:00400000:0
|
||||
OpenWinClass=$:UltraRecall.exe
|
||||
OpenWinClass=$:UltraRecall.exe/IgnoreUIPI
|
||||
OpenIpcPath=*\BaseNamedObjects*\UltraRecall
|
||||
|
||||
#
|
||||
|
@ -1750,7 +1750,7 @@ Tmpl.Class=Security
|
|||
Tmpl.Url=http://www.covenanteyes.com/
|
||||
Tmpl.Scan=i
|
||||
OpenIpcPath=*\BaseNamedObjects*\CE_*Obj
|
||||
OpenWinClass=$:nmSvc.exe
|
||||
OpenWinClass=$:nmSvc.exe/IgnoreUIPI
|
||||
|
||||
[Template_ComodoInternetSecurity]
|
||||
Tmpl.Title=Comodo Internet Security / Antivirus / Firewall
|
||||
|
@ -1939,7 +1939,7 @@ Tmpl.Url=http://technet.microsoft.com/en-us/security/jj653751
|
|||
Tmpl.Scan=s
|
||||
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Microsoft\EMET
|
||||
OpenIpcPath=*\BaseNamedObjects*\emet_pid_*
|
||||
OpenWinClass=$:EMET_notifier.exe
|
||||
OpenWinClass=$:EMET_notifier.exe/IgnoreUIPI
|
||||
# EMET 4
|
||||
OpenPipePath=\Device\Mailslot\EMET_Agent_*
|
||||
OpenPipePath=\Device\Mailslot\EMET_Recipient_*
|
||||
|
@ -2046,7 +2046,7 @@ Tmpl.Url=http://windows.microsoft.com/en-US/windows/products/security-essentials
|
|||
Tmpl.Scan=s
|
||||
Tmpl.ScanService=MsMpSvc
|
||||
OpenWinClass=msseces_class
|
||||
OpenWinClass=$:msseces.exe
|
||||
OpenWinClass=$:msseces.exe/IgnoreUIPI
|
||||
IContextMenuClsid={09A47860-11B0-4DA5-AFA5-26D86198A780}
|
||||
|
||||
[Template_Mirekusoft_Install_Monitor]
|
||||
|
@ -2244,7 +2244,7 @@ Tmpl.Class=Security
|
|||
Tmpl.Url=http://www.proxifier.com/
|
||||
Tmpl.Scan=w
|
||||
OpenWinClass=Proxifier32Cls
|
||||
OpenWinClass=$:proxifier.exe
|
||||
OpenWinClass=$:proxifier.exe/IgnoreUIPI
|
||||
OpenIpcPath=*\BaseNamedObjects*\Proxifier*
|
||||
OpenPipePath=\Device\NamedPipe\proxifier
|
||||
|
||||
|
@ -2411,7 +2411,7 @@ Tmpl.Class=Desktop
|
|||
Tmpl.Url=http://support.asus.com/Download.aspx?SLanguage=en&m=Eee+PC+1015PX&p=20&s=1
|
||||
Tmpl.Scan=s
|
||||
Tmpl.ScanProduct={4B5092B6-F231-4D18-83BC-2618B729CA45}
|
||||
OpenWinClass=$:CapsHook.exe
|
||||
OpenWinClass=$:CapsHook.exe/IgnoreUIPI
|
||||
|
||||
[Template_AcerGridVista]
|
||||
Tmpl.Title=Acer GridVista
|
||||
|
@ -2535,7 +2535,7 @@ Tmpl.Class=Desktop
|
|||
Tmpl.Url=http://www.cottonwoodsw.com/fx3summ.html
|
||||
Tmpl.Scan=s
|
||||
Tmpl.ScanProduct=File-Ex v3.*
|
||||
OpenWinClass=$:FileEx.exe
|
||||
OpenWinClass=$:FileEx.exe/IgnoreUIPI
|
||||
|
||||
[Template_GoogleToolbarIE]
|
||||
Tmpl.Title=Google Toolbar for Internet Explorer
|
||||
|
@ -2546,7 +2546,7 @@ OpenIpcPath=*\BaseNamedObjects*\{B7F1F778-8315-4EB2-AC1E-5AFCAA603271}
|
|||
OpenIpcPath=*\BaseNamedObjects*\{DEBFCCE1-B446-4992-9C9E-CA1CB548C718}
|
||||
OpenIpcPath=*\BaseNamedObjects*\*{E709AE98-F4E6-40DE-BE47-CFBA9B4605C0}
|
||||
OpenWinClass={A7E495BF-9589-4A6E-8479-DDA2D8D3C05F}
|
||||
OpenWinClass=$:GoogleToolbarNotifier.exe
|
||||
OpenWinClass=$:GoogleToolbarNotifier.exe/IgnoreUIPI
|
||||
OpenClsid={FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
|
||||
LingerProcess=GoogleToolbarUser.exe
|
||||
LingerProcess=GoogleToolbarUser_32.exe
|
||||
|
@ -2608,7 +2608,7 @@ Tmpl.Class=Desktop
|
|||
Tmpl.Url=http://www.intelife.net/ninja/
|
||||
Tmpl.Scan=i
|
||||
OpenIpcPath=*\BaseNamedObjects*\KEYBOARD_NINJA_2
|
||||
OpenWinClass=$:ninja.exe
|
||||
OpenWinClass=$:ninja.exe/IgnoreUIPI
|
||||
|
||||
[Template_Lingoes]
|
||||
Tmpl.Title=Lingoes Translator
|
||||
|
@ -2618,7 +2618,7 @@ Tmpl.Scan=i
|
|||
OpenIpcPath=*\BaseNamedObjects*\OpenText_ZWFilter_GlobaData*
|
||||
OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_GlobaData*
|
||||
OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_Mutex*
|
||||
OpenWinClass=$:lingoes.exe
|
||||
OpenWinClass=$:lingoes.exe/IgnoreUIPI
|
||||
|
||||
[Template_Linkman]
|
||||
Tmpl.Title=Linkman
|
||||
|
@ -2637,19 +2637,20 @@ Tmpl.Url=http://www.xrayz.co.uk/
|
|||
Tmpl.Scan=w
|
||||
OpenWinClass=LinkStash
|
||||
OpenWinClass=LinkStashMonitor
|
||||
OpenWinClass=$:lnkstash.exe
|
||||
OpenWinClass=$:lnkstash.exe/IgnoreUIPI
|
||||
|
||||
[Template_Listary]
|
||||
Tmpl.Title=Listary
|
||||
Tmpl.Class=Desktop
|
||||
Tmpl.Url=http://www.listary.com/
|
||||
Tmpl.Url=https://www.listary.com/
|
||||
Tmpl.Scan=s
|
||||
Tmpl.ScanProduct=Listary_is1
|
||||
OpenIpcPath=*\BaseNamedObjects*\ListarySharedData
|
||||
OpenWinClass=ListaryToolbarCls
|
||||
OpenWinClass=$:listary.exe
|
||||
# v4
|
||||
OpenWinClass=$:listary.exe/IgnoreUIPI
|
||||
# v5
|
||||
OpenIpcPath=*\BaseNamedObjects*\Listary_MainSharedMemory
|
||||
# v6
|
||||
OpenIpcPath=*\BaseNamedObjects*\ListaryX_MainSharedMemory
|
||||
|
||||
[Template_Logitech_G15_Keyboard]
|
||||
Tmpl.Title=Logitech Keyboard LCD Display
|
||||
|
@ -2880,13 +2881,13 @@ Tmpl.Class=Desktop
|
|||
Tmpl.Url=http://www.sumitsoft.com/
|
||||
Tmpl.Scan=i
|
||||
OpenIpcPath=*\BaseNamedObjects*\Typing Assistant (*)
|
||||
OpenWinClass=$:Typing Assistant (English).exe
|
||||
OpenWinClass=$:Typing Assistant (French).exe
|
||||
OpenWinClass=$:Typing Assistant (German).exe
|
||||
OpenWinClass=$:Typing Assistant (Hungarian).exe
|
||||
OpenWinClass=$:Typing Assistant (Italian).exe
|
||||
OpenWinClass=$:Typing Assistant (Portuguese).exe
|
||||
OpenWinClass=$:Typing Assistant (Spanish).exe
|
||||
OpenWinClass=$:Typing Assistant (English).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (French).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (German).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (Hungarian).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (Italian).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (Portuguese).exe/IgnoreUIPI
|
||||
OpenWinClass=$:Typing Assistant (Spanish).exe/IgnoreUIPI
|
||||
|
||||
[Template_TwoPilots_SpeedTyping]
|
||||
Tmpl.Title=Two Pilots Speed Typing
|
||||
|
@ -3154,6 +3155,12 @@ OpenClsid={AC746233-E9D3-49CD-862F-068F7B7CCCA4}
|
|||
# prevent access to host port
|
||||
# BlockPort=1001
|
||||
|
||||
[Template_FreeDownloadManager]
|
||||
Tmpl.Title=Free Download Manager
|
||||
Tmpl.Class=Download
|
||||
Tmpl.Url=http://www.freedownloadmanager.org/
|
||||
RpcMgmtSetComTimeout=fdm.exe,y
|
||||
|
||||
[Template_SothinkWebVideoDownloader]
|
||||
Tmpl.Title=Sothink Web Video Downloader Stand-alone
|
||||
Tmpl.Class=Download
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
<x>0</x>
|
||||
<y>0</y>
|
||||
<width>634</width>
|
||||
<height>440</height>
|
||||
<height>451</height>
|
||||
</rect>
|
||||
</property>
|
||||
<property name="sizePolicy">
|
||||
|
@ -54,108 +54,7 @@
|
|||
<layout class="QGridLayout" name="gridLayout_9">
|
||||
<item row="0" column="0">
|
||||
<layout class="QGridLayout" name="gridLayout_8">
|
||||
<item row="8" column="0">
|
||||
<widget class="QLabel" name="label_5">
|
||||
<property name="font">
|
||||
<font>
|
||||
<weight>75</weight>
|
||||
<bold>true</bold>
|
||||
<kerning>true</kerning>
|
||||
</font>
|
||||
</property>
|
||||
<property name="text">
|
||||
<string>Systray options</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="7" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkWatchConfig">
|
||||
<property name="text">
|
||||
<string>Watch Sandboxie.ini for changes</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="1" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkDarkTheme">
|
||||
<property name="text">
|
||||
<string>Use Dark Theme (fully applied after a restart)</string>
|
||||
</property>
|
||||
<property name="tristate">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="4" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkShowRecovery">
|
||||
<property name="text">
|
||||
<string>Show first recovery window when emptying sandboxes</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="6" column="1" colspan="3">
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_3">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="chkPanic">
|
||||
<property name="text">
|
||||
<string>Hotkey for terminating all boxed processes:</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QKeySequenceEdit" name="keyPanic"/>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
<item row="12" column="1">
|
||||
<spacer name="verticalSpacer_4">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Vertical</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>20</width>
|
||||
<height>40</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="9" column="1">
|
||||
<widget class="QComboBox" name="cmbSysTray"/>
|
||||
</item>
|
||||
<item row="11" column="1">
|
||||
<widget class="QComboBox" name="cmbOnClose"/>
|
||||
</item>
|
||||
<item row="0" column="0">
|
||||
<widget class="QLabel" name="label_19">
|
||||
<property name="text">
|
||||
<string>UI Language:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="3" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkSandboxUrls">
|
||||
<property name="text">
|
||||
<string>Open urls from this ui sandboxed</string>
|
||||
</property>
|
||||
<property name="tristate">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="2" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkNotifications">
|
||||
<property name="text">
|
||||
<string>Show Notifications for relevant log Messages</string>
|
||||
</property>
|
||||
<property name="checked">
|
||||
<bool>false</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="12" column="2">
|
||||
<item row="9" column="2">
|
||||
<spacer name="horizontalSpacer_8">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
|
@ -168,26 +67,10 @@
|
|||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="11" column="0">
|
||||
<widget class="QLabel" name="label_18">
|
||||
<item row="8" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkWatchConfig">
|
||||
<property name="text">
|
||||
<string>On main window close:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="9" column="0">
|
||||
<widget class="QLabel" name="label_20">
|
||||
<property name="text">
|
||||
<string>Show Icon in Systray:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
<property name="openExternalLinks">
|
||||
<bool>true</bool>
|
||||
<string>Watch Sandboxie.ini for changes</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
|
@ -198,6 +81,46 @@
|
|||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="0" column="0">
|
||||
<widget class="QLabel" name="label_19">
|
||||
<property name="text">
|
||||
<string>UI Language:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="9" column="1">
|
||||
<spacer name="verticalSpacer_4">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Vertical</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>20</width>
|
||||
<height>40</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="4" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkShowRecovery">
|
||||
<property name="text">
|
||||
<string>Show first recovery window when emptying sandboxes</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="1" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkDarkTheme">
|
||||
<property name="text">
|
||||
<string>Use Dark Theme (fully applied after a restart)</string>
|
||||
</property>
|
||||
<property name="tristate">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="0" column="2">
|
||||
<widget class="QLabel" name="label">
|
||||
<property name="text">
|
||||
|
@ -211,21 +134,46 @@
|
|||
<item row="0" column="1">
|
||||
<widget class="QComboBox" name="uiLang"/>
|
||||
</item>
|
||||
<item row="10" column="0">
|
||||
<widget class="QLabel" name="label_21">
|
||||
<item row="2" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkNotifications">
|
||||
<property name="text">
|
||||
<string>Show boxes in tray list:</string>
|
||||
<string>Show Notifications for relevant log Messages</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
<property name="checked">
|
||||
<bool>false</bool>
|
||||
</property>
|
||||
<property name="openExternalLinks">
|
||||
</widget>
|
||||
</item>
|
||||
<item row="3" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkSandboxUrls">
|
||||
<property name="text">
|
||||
<string>Open urls from this ui sandboxed</string>
|
||||
</property>
|
||||
<property name="tristate">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="10" column="1">
|
||||
<widget class="QComboBox" name="cmbTrayBoxes"/>
|
||||
<item row="6" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkAsyncBoxOps">
|
||||
<property name="text">
|
||||
<string>Run box operations asynchronously whenever possible (like content deletion)</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="7" column="1" colspan="3">
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_3">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="chkPanic">
|
||||
<property name="text">
|
||||
<string>Hotkey for terminating all boxed processes:</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QKeySequenceEdit" name="keyPanic"/>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
|
@ -238,6 +186,69 @@
|
|||
<layout class="QGridLayout" name="gridLayout_14">
|
||||
<item row="0" column="0">
|
||||
<layout class="QGridLayout" name="gridLayout_13">
|
||||
<item row="4" column="1" colspan="3">
|
||||
<widget class="QCheckBox" name="chkShellMenu">
|
||||
<property name="text">
|
||||
<string>Add 'Run Sandboxed' to the explorer context menu</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="3" column="3">
|
||||
<spacer name="horizontalSpacer_6">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>40</width>
|
||||
<height>20</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="12" column="1">
|
||||
<spacer name="verticalSpacer_6">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Vertical</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>20</width>
|
||||
<height>40</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="11" column="0">
|
||||
<widget class="QLabel" name="label_18">
|
||||
<property name="text">
|
||||
<string>On main window close:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="2" column="1" colspan="3">
|
||||
<widget class="QCheckBox" name="chkSvcStart">
|
||||
<property name="text">
|
||||
<string>Start UI when a sandboxed process is started</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="9" column="0">
|
||||
<widget class="QLabel" name="label_21">
|
||||
<property name="text">
|
||||
<string>Show boxes in tray list:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
<property name="openExternalLinks">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="3" column="0">
|
||||
<widget class="QLabel" name="label_8">
|
||||
<property name="font">
|
||||
|
@ -252,6 +263,20 @@
|
|||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="5" column="2" colspan="3">
|
||||
<widget class="QCheckBox" name="chkAlwaysDefault">
|
||||
<property name="text">
|
||||
<string>Always use DefaultBox</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="6" column="2" colspan="3">
|
||||
<widget class="QCheckBox" name="chkShellMenu2">
|
||||
<property name="text">
|
||||
<string>Add 'Run Un-Sandboxed' to the context menu</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="0" column="0">
|
||||
<widget class="QLabel" name="label_6">
|
||||
<property name="font">
|
||||
|
@ -266,55 +291,7 @@
|
|||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="1" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkAutoStart">
|
||||
<property name="text">
|
||||
<string>Start UI with Windows</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="4" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkShellMenu">
|
||||
<property name="text">
|
||||
<string>Add 'Run Sandboxed' to the explorer context menu</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="3" column="2">
|
||||
<spacer name="horizontalSpacer_6">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>40</width>
|
||||
<height>20</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="2" column="1" colspan="2">
|
||||
<widget class="QCheckBox" name="chkSvcStart">
|
||||
<property name="text">
|
||||
<string>Start UI when a sandboxed process is started</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="6" column="2" colspan="2">
|
||||
<widget class="QCheckBox" name="chkShellMenu2">
|
||||
<property name="text">
|
||||
<string>Add 'Run Un-Sandboxed' to the context menu</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="5" column="2" colspan="2">
|
||||
<widget class="QCheckBox" name="chkAlwaysDefault">
|
||||
<property name="text">
|
||||
<string>Always use DefaultBox</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="7" column="2" colspan="2">
|
||||
<item row="12" column="3" colspan="2">
|
||||
<spacer name="horizontalSpacer_2">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
|
@ -327,15 +304,65 @@
|
|||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
<item row="7" column="1">
|
||||
<spacer name="verticalSpacer_6">
|
||||
<item row="8" column="0">
|
||||
<widget class="QLabel" name="label_20">
|
||||
<property name="text">
|
||||
<string>Show Icon in Systray:</string>
|
||||
</property>
|
||||
<property name="alignment">
|
||||
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
|
||||
</property>
|
||||
<property name="openExternalLinks">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="1" column="1" colspan="3">
|
||||
<widget class="QCheckBox" name="chkAutoStart">
|
||||
<property name="text">
|
||||
<string>Start UI with Windows</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="10" column="1" colspan="3">
|
||||
<widget class="QCheckBox" name="chkBoxOpsNotify">
|
||||
<property name="text">
|
||||
<string>Show a tray notification when automatic box operations are started</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="7" column="0">
|
||||
<widget class="QLabel" name="label_5">
|
||||
<property name="font">
|
||||
<font>
|
||||
<weight>75</weight>
|
||||
<bold>true</bold>
|
||||
<kerning>true</kerning>
|
||||
</font>
|
||||
</property>
|
||||
<property name="text">
|
||||
<string>Systray options</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="8" column="1" colspan="2">
|
||||
<widget class="QComboBox" name="cmbSysTray"/>
|
||||
</item>
|
||||
<item row="9" column="1" colspan="2">
|
||||
<widget class="QComboBox" name="cmbTrayBoxes"/>
|
||||
</item>
|
||||
<item row="11" column="1" colspan="2">
|
||||
<widget class="QComboBox" name="cmbOnClose"/>
|
||||
</item>
|
||||
<item row="3" column="2">
|
||||
<spacer name="horizontalSpacer_9">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Vertical</enum>
|
||||
<enum>Qt::Horizontal</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>20</width>
|
||||
<height>40</height>
|
||||
<width>40</width>
|
||||
<height>20</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
|
@ -433,7 +460,7 @@
|
|||
<item row="7" column="1" colspan="5">
|
||||
<widget class="QCheckBox" name="chkObjCb">
|
||||
<property name="text">
|
||||
<string>Activate Kernel Mode Object Filtering (experimental)</string>
|
||||
<string>Activate Kernel Mode Object Filtering</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
|
|
|
@ -900,6 +900,20 @@ void CSandMan::timerEvent(QTimerEvent* pEvent)
|
|||
}
|
||||
}
|
||||
|
||||
bool CSandMan::DoDeleteCmd(const CSandBoxPtr &pBox)
|
||||
{
|
||||
foreach(const QString& Value, pBox->GetTextList("OnBoxDelete", true, false, true)) {
|
||||
QString Value2 = pBox->Expand(Value);
|
||||
CSbieProgressPtr pProgress = CSbieUtils::RunCommand(Value2, true);
|
||||
if (!pProgress.isNull()) {
|
||||
AddAsyncOp(pProgress, true, tr("Executing OnBoxDelete: %1").arg(Value2));
|
||||
if (pProgress->IsCanceled())
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
void CSandMan::OnBoxClosed(const QString& BoxName)
|
||||
{
|
||||
CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName);
|
||||
|
@ -913,10 +927,33 @@ void CSandMan::OnBoxClosed(const QString& BoxName)
|
|||
if(!theGUI->OpenRecovery(pBox, DeleteShapshots, true)) // unless no files are found than continue silently
|
||||
return;
|
||||
|
||||
if(theConf->GetBool("Options/AutoBoxOpsNotify", false))
|
||||
OnLogMessage(tr("Auto deleting content of %1").arg(BoxName), true);
|
||||
|
||||
if (theConf->GetBool("Options/UseAsyncBoxOps", false))
|
||||
{
|
||||
auto pBoxEx = pBox.objectCast<CSandBoxPlus>();
|
||||
SB_STATUS Status = pBoxEx->DeleteContentAsync(DeleteShapshots);
|
||||
CheckResults(QList<SB_STATUS>() << Status);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!DoDeleteCmd(pBox))
|
||||
return;
|
||||
|
||||
SB_PROGRESS Status;
|
||||
if (!DeleteShapshots && pBox->HasSnapshots()) { // in auto delete mdoe always return to last snapshot
|
||||
QString Current;
|
||||
pBox->GetDefaultSnapshot(&Current);
|
||||
Status = pBox->SelectSnapshot(Current);
|
||||
}
|
||||
else // if there are no snapshots just use the normal cleaning procedure
|
||||
Status = pBox->CleanBox();
|
||||
|
||||
if (Status.GetStatus() == OP_ASYNC)
|
||||
AddAsyncOp(Status.GetValue(), true, tr("Auto Deleting %1 content").arg(BoxName));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void CSandMan::OnSelectionChanged()
|
||||
|
@ -1156,7 +1193,7 @@ void CSandMan::OnLogSbieMessage(quint32 MsgCode, const QStringList& MsgData, qui
|
|||
Message = tr("The box %1 is configured to use features exclusively available to project supporters, these presets will be ignored.").arg(MsgData[1]);
|
||||
Message.append(tr("<br /><a href=\"https://sandboxie-plus.com/go.php?to=sbie-get-cert\">Become a project supporter</a>, and receive a <a href=\"https://sandboxie-plus.com/go.php?to=sbie-cert\">supporter certificate</a>"));
|
||||
|
||||
QMessageBox msgBox;
|
||||
QMessageBox msgBox(this);
|
||||
msgBox.setTextFormat(Qt::RichText);
|
||||
msgBox.setIcon(QMessageBox::Critical);
|
||||
msgBox.setWindowTitle("Sandboxie-Plus");
|
||||
|
@ -1206,7 +1243,7 @@ bool CSandMan::CheckCertificate()
|
|||
// return false;
|
||||
//}
|
||||
|
||||
QMessageBox msgBox;
|
||||
QMessageBox msgBox(this);
|
||||
msgBox.setTextFormat(Qt::RichText);
|
||||
msgBox.setIcon(QMessageBox::Information);
|
||||
msgBox.setWindowTitle("Sandboxie-Plus");
|
||||
|
@ -1589,9 +1626,9 @@ void CSandMan::HandleMaintenance(SB_RESULT(void*) Status)
|
|||
if (dwStatus != 0)
|
||||
{
|
||||
if(m_bStopPending)
|
||||
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to stop all Sandboxie components"));
|
||||
QMessageBox::warning(this, tr("Sandboxie-Plus - Error"), tr("Failed to stop all Sandboxie components"));
|
||||
else if(m_bConnectPending)
|
||||
QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to start required Sandboxie components"));
|
||||
QMessageBox::warning(this, tr("Sandboxie-Plus - Error"), tr("Failed to start required Sandboxie components"));
|
||||
|
||||
OnLogMessage(tr("Maintenance operation failed (%1)").arg((quint32)dwStatus));
|
||||
CheckResults(QList<SB_STATUS>() << SB_ERR(dwStatus));
|
||||
|
|
|
@ -38,6 +38,8 @@ public:
|
|||
|
||||
SB_PROGRESS RecoverFiles(const QList<QPair<QString, QString>>& FileList, int Action = 0);
|
||||
|
||||
bool DoDeleteCmd(const CSandBoxPtr &pBox);
|
||||
|
||||
bool AddAsyncOp(const CSbieProgressPtr& pProgress, bool bWait = false, const QString& InitialMsg = QString());
|
||||
static QString FormatError(const SB_STATUS& Error);
|
||||
static void CheckResults(QList<SB_STATUS> Results);
|
||||
|
|
|
@ -872,6 +872,17 @@ void CSbieView::OnSandBoxAction(QAction* Action)
|
|||
return;
|
||||
}
|
||||
|
||||
if (theConf->GetInt("Options/WarnOpenRegistry", -1) == -1)
|
||||
{
|
||||
bool State = false;
|
||||
if (CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("WARNING: The opened registry editor is not sand boxed, please be careful and only do changes to the pre-selected sandbox locations.")
|
||||
, tr("Don't show this warning in future"), &State, QDialogButtonBox::Ok | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Information) != QDialogButtonBox::Ok)
|
||||
return;
|
||||
|
||||
if (State)
|
||||
theConf->SetValue("Options/WarnOpenRegistry", 1);
|
||||
}
|
||||
|
||||
wstring path = QCoreApplication::applicationFilePath().toStdWString();
|
||||
|
||||
QStringList RegRoot = SandBoxes.first()->GetRegRoot().split("\\");
|
||||
|
@ -1020,12 +1031,39 @@ void CSbieView::OnSandBoxAction(QAction* Action)
|
|||
return;
|
||||
|
||||
foreach(const CSandBoxPtr &pBox, SandBoxes)
|
||||
{
|
||||
if (theConf->GetBool("Options/UseAsyncBoxOps", false))
|
||||
{
|
||||
auto pBoxEx = pBox.objectCast<CSandBoxPlus>();
|
||||
SB_STATUS Status = pBoxEx->DeleteContentAsync(DeleteShapshots);
|
||||
if (Status.IsError())
|
||||
Results.append(Status);
|
||||
}
|
||||
else
|
||||
{
|
||||
SB_STATUS Status1 = pBox->TerminateAll();
|
||||
if (Status1.IsError()) {
|
||||
Results.append(Status1);
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!theGUI->DoDeleteCmd(pBox))
|
||||
continue;
|
||||
|
||||
SB_PROGRESS Status;
|
||||
if (!DeleteShapshots && pBox->HasSnapshots()) {
|
||||
QString Default = pBox->GetDefaultSnapshot();
|
||||
Status = pBox->SelectSnapshot(Default);
|
||||
}
|
||||
else // if there are no snapshots jut use the normal cleaning procedure
|
||||
Status = pBox->CleanBox();
|
||||
|
||||
if (Status.GetStatus() == OP_ASYNC)
|
||||
theGUI->AddAsyncOp(Status.GetValue());
|
||||
else if (Status.IsError())
|
||||
Results.append(Status);
|
||||
}
|
||||
}
|
||||
}
|
||||
else if (Action == m_pMenuEmptyBox)
|
||||
{
|
||||
|
|
|
@ -195,18 +195,19 @@ void COptionsWindow::ParseAndAddAccessEntry(EAccessEntry EntryType, const QStrin
|
|||
case eOpenPipePath: Type = eFile; Mode = eOpen4All; break;
|
||||
case eClosedFilePath: Type = eFile; Mode = eClosed; break;
|
||||
case eReadFilePath: Type = eFile; Mode = eReadOnly; break;
|
||||
case eWriteFilePath: Type = eFile; Mode = eWriteOnly; break;
|
||||
case eWriteFilePath: Type = eFile; Mode = eBoxOnly; break;
|
||||
|
||||
case eNormalKeyPath: Type = eKey; Mode = eNormal; break;
|
||||
case eOpenKeyPath: Type = eKey; Mode = eOpen; break;
|
||||
case eOpenConfPath: Type = eKey; Mode = eOpen4All;break;
|
||||
case eClosedKeyPath: Type = eKey; Mode = eClosed; break;
|
||||
case eReadKeyPath: Type = eKey; Mode = eReadOnly; break;
|
||||
case eWriteKeyPath: Type = eKey; Mode = eWriteOnly; break;
|
||||
case eWriteKeyPath: Type = eKey; Mode = eBoxOnly; break;
|
||||
|
||||
case eNormalIpcPath: Type = eIPC; Mode = eNormal; break;
|
||||
case eOpenIpcPath: Type = eIPC; Mode = eOpen; break;
|
||||
case eClosedIpcPath: Type = eIPC; Mode = eClosed; break;
|
||||
case eReadIpcPath: Type = eIPC; Mode = eReadOnly; break;
|
||||
|
||||
case eOpenWinClass: Type = eWnd; Mode = eOpen; break;
|
||||
|
||||
|
@ -243,7 +244,7 @@ QString COptionsWindow::GetAccessModeStr(EAccessMode Mode)
|
|||
case eClosed: return tr("Closed");
|
||||
case eClosedRT: return tr("Closed RT");
|
||||
case eReadOnly: return tr("Read Only");
|
||||
case eWriteOnly: return tr("Boxed Only");
|
||||
case eBoxOnly: return tr("Box Only (Write Only)");
|
||||
}
|
||||
return tr("Unknown");
|
||||
}
|
||||
|
@ -328,7 +329,7 @@ QString COptionsWindow::MakeAccessStr(EAccessType Type, EAccessMode Mode)
|
|||
case eOpen4All: return "OpenPipePath";
|
||||
case eClosed: return "ClosedFilePath";
|
||||
case eReadOnly: return "ReadFilePath";
|
||||
case eWriteOnly: return "WriteFilePath";
|
||||
case eBoxOnly: return "WriteFilePath";
|
||||
}
|
||||
break;
|
||||
case eKey:
|
||||
|
@ -339,7 +340,7 @@ QString COptionsWindow::MakeAccessStr(EAccessType Type, EAccessMode Mode)
|
|||
case eOpen4All: return "OpenConfPath";
|
||||
case eClosed: return "ClosedKeyPath";
|
||||
case eReadOnly: return "ReadKeyPath";
|
||||
case eWriteOnly: return "WriteKeyPath";
|
||||
case eBoxOnly: return "WriteKeyPath";
|
||||
}
|
||||
break;
|
||||
case eIPC:
|
||||
|
@ -348,6 +349,7 @@ QString COptionsWindow::MakeAccessStr(EAccessType Type, EAccessMode Mode)
|
|||
case eNormal: return "NormalIpcPath";
|
||||
case eOpen: return "OpenIpcPath";
|
||||
case eClosed: return "ClosedIpcPath";
|
||||
case eReadOnly: return "ReadIpcPath";
|
||||
}
|
||||
break;
|
||||
case eWnd:
|
||||
|
@ -448,8 +450,8 @@ QList<COptionsWindow::EAccessMode> COptionsWindow::GetAccessModes(EAccessType Ty
|
|||
{
|
||||
switch (Type)
|
||||
{
|
||||
case eFile: return QList<EAccessMode>() << eNormal << eOpen << eOpen4All << eClosed << eReadOnly << eWriteOnly;
|
||||
case eKey: return QList<EAccessMode>() << eNormal << eOpen << eOpen4All << eClosed << eReadOnly << eWriteOnly;
|
||||
case eFile: return QList<EAccessMode>() << eNormal << eOpen << eOpen4All << eClosed << eReadOnly << eBoxOnly;
|
||||
case eKey: return QList<EAccessMode>() << eNormal << eOpen << eOpen4All << eClosed << eReadOnly << eBoxOnly;
|
||||
case eIPC: return QList<EAccessMode>() << eNormal << eOpen << eClosed;
|
||||
case eWnd: return QList<EAccessMode>() << eOpen;
|
||||
case eCOM: return QList<EAccessMode>() << eOpen << eClosed << eClosedRT;
|
||||
|
@ -556,7 +558,7 @@ void COptionsWindow::SaveAccessList()
|
|||
QStringList Keys = QStringList()
|
||||
<< "NormalFilePath" << "OpenFilePath" << "OpenPipePath" << "ClosedFilePath" << "ReadFilePath" << "WriteFilePath"
|
||||
<< "NormalKeyPath" << "OpenKeyPath" << "OpenConfPath" << "ClosedKeyPath" << "ReadKeyPath" << "WriteKeyPath"
|
||||
<< "NormalIpcPath"<< "OpenIpcPath" << "ClosedIpcPath" << "OpenWinClass" << "OpenClsid" << "ClosedClsid" << "ClosedRT";
|
||||
<< "NormalIpcPath"<< "OpenIpcPath" << "ClosedIpcPath" << "ReadIpcPath" << "OpenWinClass" << "OpenClsid" << "ClosedClsid" << "ClosedRT";
|
||||
|
||||
QMap<QString, QList<QString>> AccessMap;
|
||||
for (int i = 0; i < ui.treeAccess->topLevelItemCount(); i++)
|
||||
|
|
|
@ -202,6 +202,7 @@ protected:
|
|||
eNormalIpcPath,
|
||||
eOpenIpcPath,
|
||||
eClosedIpcPath,
|
||||
eReadIpcPath,
|
||||
|
||||
eOpenWinClass,
|
||||
|
||||
|
@ -229,7 +230,7 @@ protected:
|
|||
eClosed,
|
||||
eClosedRT,
|
||||
eReadOnly,
|
||||
eWriteOnly
|
||||
eBoxOnly
|
||||
};
|
||||
|
||||
enum ETriggerAction {
|
||||
|
|
|
@ -130,7 +130,7 @@ CSettingsWindow::CSettingsWindow(QWidget *parent)
|
|||
m_FeaturesChanged = false;
|
||||
connect(ui.chkWFP, SIGNAL(stateChanged(int)), this, SLOT(OnFeaturesChanged()));
|
||||
connect(ui.chkObjCb, SIGNAL(stateChanged(int)), this, SLOT(OnFeaturesChanged()));
|
||||
connect(ui.chkWin32k, SIGNAL(stateChanged(int)), this, SLOT(OnFeaturesChanged()));
|
||||
//connect(ui.chkWin32k, SIGNAL(stateChanged(int)), this, SLOT(OnFeaturesChanged()));
|
||||
|
||||
m_WarnProgsChanged = false;
|
||||
|
||||
|
@ -218,7 +218,7 @@ Qt::CheckState CSettingsWindow__IsContextMenu()
|
|||
void CSettingsWindow__AddContextMenu()
|
||||
{
|
||||
CSbieUtils::AddContextMenu(QApplication::applicationDirPath().replace("/", "\\") + "\\SandMan.exe",
|
||||
CSettingsWindow::tr("Run &Sandboxed"), CSettingsWindow::tr("Explore &Sandboxed"),
|
||||
CSettingsWindow::tr("Run &Sandboxed"), //CSettingsWindow::tr("Explore &Sandboxed"),
|
||||
QApplication::applicationDirPath().replace("/", "\\") + "\\Start.exe");
|
||||
}
|
||||
|
||||
|
@ -253,6 +253,7 @@ void CSettingsWindow::LoadSettings()
|
|||
|
||||
ui.chkShowRecovery->setChecked(theConf->GetBool("Options/ShowRecovery", false));
|
||||
ui.chkNotifyRecovery->setChecked(!theConf->GetBool("Options/InstantRecovery", true));
|
||||
ui.chkAsyncBoxOps->setChecked(theConf->GetBool("Options/UseAsyncBoxOps", false));
|
||||
|
||||
ui.chkPanic->setChecked(theConf->GetBool("Options/EnablePanicKey", false));
|
||||
ui.keyPanic->setKeySequence(QKeySequence(theConf->GetString("Options/PanicKeySequence", "Shift+Pause")));
|
||||
|
@ -262,6 +263,7 @@ void CSettingsWindow::LoadSettings()
|
|||
|
||||
ui.cmbSysTray->setCurrentIndex(theConf->GetInt("Options/SysTrayIcon", 1));
|
||||
ui.cmbTrayBoxes->setCurrentIndex(theConf->GetInt("Options/SysTrayFilter", 0));
|
||||
ui.chkBoxOpsNotify->setChecked(theConf->GetBool("Options/AutoBoxOpsNotify", false));
|
||||
ui.cmbOnClose->setCurrentIndex(ui.cmbOnClose->findData(theConf->GetString("Options/OnClose", "ToTray")));
|
||||
|
||||
|
||||
|
@ -277,7 +279,7 @@ void CSettingsWindow::LoadSettings()
|
|||
ui.ipcRoot->setText(theAPI->GetGlobalSettings()->GetText("IpcRootPath", IpcRootPath_Default));
|
||||
|
||||
ui.chkWFP->setChecked(theAPI->GetGlobalSettings()->GetBool("NetworkEnableWFP", false));
|
||||
ui.chkObjCb->setChecked(theAPI->GetGlobalSettings()->GetBool("EnableObjectFiltering", false));
|
||||
ui.chkObjCb->setChecked(theAPI->GetGlobalSettings()->GetBool("EnableObjectFiltering", true));
|
||||
ui.chkWin32k->setChecked(theAPI->GetGlobalSettings()->GetBool("EnableWin32kHooks", true));
|
||||
|
||||
ui.chkAdminOnly->setChecked(theAPI->GetGlobalSettings()->GetBool("EditAdminOnly", false));
|
||||
|
@ -406,6 +408,7 @@ void CSettingsWindow::SaveSettings()
|
|||
|
||||
theConf->SetValue("Options/ShowRecovery", ui.chkShowRecovery->isChecked());
|
||||
theConf->SetValue("Options/InstantRecovery", !ui.chkNotifyRecovery->isChecked());
|
||||
theConf->SetValue("Options/UseAsyncBoxOps", ui.chkAsyncBoxOps->isChecked());
|
||||
|
||||
theConf->SetValue("Options/EnablePanicKey", ui.chkPanic->isChecked());
|
||||
theConf->SetValue("Options/PanicKeySequence", ui.keyPanic->keySequence().toString());
|
||||
|
@ -414,6 +417,7 @@ void CSettingsWindow::SaveSettings()
|
|||
|
||||
theConf->SetValue("Options/SysTrayIcon", ui.cmbSysTray->currentIndex());
|
||||
theConf->SetValue("Options/SysTrayFilter", ui.cmbTrayBoxes->currentIndex());
|
||||
theConf->SetValue("Options/AutoBoxOpsNotify", ui.chkBoxOpsNotify->isChecked());
|
||||
theConf->SetValue("Options/OnClose", ui.cmbOnClose->currentData());
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue