mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Merge branch 'HddSpoof' of https://github.com/love-code-yeyixiao/Sandboxie into HddSpoof

This commit is contained in:
love-code-yeyixiao 2024-07-31 14:21:39 +08:00
parent 1d07c268db c6be2f0dca
commit f6f5457ad1
9 changed files with 81 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CHANGELOG.md
View File

@ -2,18 +2,22 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## [1.14.7 / 5.69.7] - 2024-0x-xx
## [1.14.6 / 5.69.6] - 2024-07-??
### Added
- added a feature which could modify Windows Product Id in the registry to a rand value
### Fixed
- fixed issue with Windows 7 caused by the new CustomLCID option [#4117](https://github.com/sandboxie-plus/Sandboxie/issues/4117)
## [1.14.6 / 5.69.6] - 2024-07-30
### Added
- added alias for a sandbox [#4112](https://github.com/sandboxie-plus/Sandboxie/issues/4112)
- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow
- added an optional context menu option to make folder/file forced quickly
- Note: You can also use "Sandman.exe /add_force program_path" to do it
- added a feature which could modify Windows Product Id in the registry to a rand value
### Fixed
- fixed issue with Windows 7 caused by the new CustomLCID option [#4117](https://github.com/sandboxie-plus/Sandboxie/issues/4117)
- fixed Settings Window issue with non-advanced certificates introduced in 1.14.0
- fixed issue with API_PROCESS_EXEMPTION_CONTROL
@ -22,12 +26,12 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Added
- added HwID display
- added Language Spoof "CustomLCID=1033" [#4024](https://github.com/sandboxie-plus/Sandboxie/pull/4024) (thanks Yeyixiao)
- added option to always run the sandman UI as admin [#4090](https://github.com/sandboxie-plus/Sandboxie/issues/4090)
- added option to always run the SandMan UI as admin [#4090](https://github.com/sandboxie-plus/Sandboxie/issues/4090)
- added Proxy exclusion [#4036](https://github.com/sandboxie-plus/Sandboxie/issues/4036)
- added "ForceChildren=Program.exe" [#4070](https://github.com/sandboxie-plus/Sandboxie/issues/4070)
- added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow
- added an optional context menu option to make folder/file forced quickly
- Note: you can also use "Sandman.exe /add_force program_path" to do it
- Note: you can also use "SandMan.exe /add_force program_path" to do it
### Changed
- the certificate format can now take an explicit validity days specification, needed for gapless certificate renewal

2
Sandboxie/common/netfw.c
View File

@ -315,7 +315,7 @@ void NetFw_AddRule(LIST* list, NETFW_RULE* new_rule)
//
// it seems we might be able to merge these rules
// now we check the convoluted case when rules havs ip's and port's set
// now we check the convoluted case when rules have IPs and ports set.
//
if ((rule->port_map.count != 0) && (rule->ip_map.count != 0)){

2
Sandboxie/core/dll/net.c
View File

@ -765,7 +765,7 @@ _FX BOOLEAN WSA_GetProxyImpl(NETPROXY_RULE* WSA_Proxy, const short *addr, int ad
if (!WSA_Proxy)
return FALSE;
// check if there are any IP's specified for which wes should bypass the proxy
// check if there are any IPs specified for which we should bypass the proxy
if (WSA_Proxy->ip_map.count > 0) {
IP_ADDRESS ip;
if (WSA_GetIP(addr, addrlen, &ip)) {

26
Sandboxie/core/drv/api.c
View File

@ -1236,10 +1236,12 @@ _FX void Api_CopyStringToUser(
_FX NTSTATUS Api_ProcessExemptionControl(PROCESS *proc, ULONG64 *parms)
{
NTSTATUS status = STATUS_SUCCESS;
//KIRQL irql;
KIRQL irql;
API_PROCESS_EXEMPTION_CONTROL_ARGS *pArgs = (API_PROCESS_EXEMPTION_CONTROL_ARGS *)parms;
ULONG *in_flag;
ULONG in_value = 0;
ULONG *out_flag;
ULONG out_value = 0;
if (proc) // is caller sandboxed?
return STATUS_NOT_IMPLEMENTED;
@ -1259,34 +1261,38 @@ _FX NTSTATUS Api_ProcessExemptionControl(PROCESS *proc, ULONG64 *parms)
ProbeForWrite(out_flag, sizeof(ULONG), sizeof(ULONG));
}
if(!in_flag && !out_flag)
if (in_flag)
in_value = *in_flag;
else if(!out_flag)
return STATUS_INVALID_PARAMETER;
//proc = Process_Find(pArgs->process_id.val, &irql);
proc = Process_Find(pArgs->process_id.val, NULL);
proc = Process_Find(pArgs->process_id.val, &irql);
if (proc && (proc != PROCESS_TERMINATED))
{
if (pArgs->action_id.val == 'splr')
{
if (in_flag)
proc->ipc_allowSpoolerPrintToFile = *in_flag != 0;
proc->ipc_allowSpoolerPrintToFile = in_value != 0;
if (out_flag)
*out_flag = proc->ipc_allowSpoolerPrintToFile;
out_value = proc->ipc_allowSpoolerPrintToFile;
}
else if (pArgs->action_id.val == 'inet')
{
if (in_flag)
proc->AllowInternetAccess = *in_flag != 0;
proc->AllowInternetAccess = in_value != 0;
if (out_flag)
*out_flag = proc->AllowInternetAccess;
out_value = proc->AllowInternetAccess;
}
else
status = STATUS_INVALID_INFO_CLASS;
}
else
status = STATUS_NOT_FOUND;
//ExReleaseResourceLite(Process_ListLock);
//KeLowerIrql(irql);
ExReleaseResourceLite(Process_ListLock);
KeLowerIrql(irql);
if (out_flag)
*out_flag = out_value;
return status;
}

4
SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
View File

@ -1152,7 +1152,7 @@ void CSettingsWindow::OnRamDiskChange()
{
if (sender() == ui.chkRamDisk) {
if (ui.chkRamDisk->isChecked())
theGUI->CheckCertificate(this, 2);
theGUI->CheckCertificate(this);
}
if (ui.chkRamDisk->isChecked() && ui.txtRamLimit->text().isEmpty())
@ -1175,7 +1175,7 @@ void CSettingsWindow::OnVolumeChanged()
{
if (sender() == ui.chkSandboxUsb) {
if (ui.chkSandboxUsb->isChecked())
theGUI->CheckCertificate(this, 2);
theGUI->CheckCertificate(this);
}
ui.cmbUsbSandbox->setEnabled(ui.chkSandboxUsb->isChecked() && g_CertInfo.active);

7
SandboxiePlus/SandMan/sandman_de.ts
View File

@ -4998,12 +4998,12 @@ This file is part of Sandboxie and all change done to it will be reverted next t
<message>
<location filename="Views/SbieView.cpp" line="1421"/>
<source>Please enter a new alias for the Sandbox.</source>
<translation type="unfinished"></translation>
<translation>Bitte geben Sie einen neuen Alias für die Sandbox ein.</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1430"/>
<source>The entered name is not valid, do you want to set it as an alias instead?</source>
<translation type="unfinished"></translation>
<translation>Der eingegebene Name ist nicht gültig. Möchten Sie ihn stattdessen als Alias festlegen?</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1519"/>
@ -7771,7 +7771,8 @@ Dies wird gemacht, um bösartige Prozesse innerhalb der Sandbox daran zu hindern
<location filename="Forms/OptionsWindow.ui" line="1926"/>
<source>Checked: A local group will also be added to the newly created sandboxed token, which allows addressing all sandboxes at once. Would be useful for auditing policies.
Partially checked: No groups will be added to the newly created sandboxed token.</source>
<translation type="unfinished"></translation>
<translation>Angehakt: Dem neu erstellten sandgeboxten Token wird auch eine lokale Gruppe hinzugefügt, was es ermöglicht, alle Sandboxen auf einmal anzusprechen. Dies wäre für die Prüfung von Richtlinien nützlich.
Teilweise angehakt: Dem neu erstellten sandgeboxten Token werden keine lokalen Gruppen hinzugefügt.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="1930"/>

31
SandboxiePlus/SandMan/sandman_fr.ts
View File

@ -442,7 +442,7 @@ Cette longueur permet environ 384 bits d&apos;entropie avec une phrase secrète
<message>
<location filename="Windows/SelectBoxWindow.cpp" line="23"/>
<source>Sandbox</source>
<translation>Bac à sable</translation>
<translation>Liste des bacs</translation>
</message>
</context>
<context>
@ -3241,7 +3241,7 @@ Contrairement au canal des Aperçus, cela n&apos;inclut pas les modifications no
<location filename="SandMan.cpp" line="1667"/>
<location filename="SandMan.cpp" line="1683"/>
<source>User canceled this operation.</source>
<translation type="unfinished"></translation>
<translation>L&apos;utilisateur a annulé cette opération.</translation>
</message>
<message>
<location filename="SandMan.cpp" line="1872"/>
@ -5789,12 +5789,12 @@ Remarque : La recherche de mise à jour est souvent en retard par rapport à la
<message>
<location filename="Views/SbieView.cpp" line="1421"/>
<source>Please enter a new alias for the Sandbox.</source>
<translation type="unfinished"></translation>
<translation>Veuillez saisir un nouvel alias pour le bac.</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1430"/>
<source>The entered name is not valid, do you want to set it as an alias instead?</source>
<translation type="unfinished"></translation>
<translation>Le nom saisi n&apos;est pas valide ; à la place, voulez-vous le définir en tant qu&apos;alias ?</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1468"/>
@ -5879,7 +5879,7 @@ Remarque : La recherche de mise à jour est souvent en retard par rapport à la
<location filename="Views/SbieView.cpp" line="1807"/>
<source>This sandbox is currently disabled or restricted to specific groups or users. Would you like to allow access for everyone?</source>
<oldsource>This sandbox is disabled or restricted to a group/user, do you want to allow box for everybody ?</oldsource>
<translation type="unfinished">Ce bac est désactivé ou restreint à un groupe/utilisateur ; voulez-vous le modifier ?</translation>
<translation>Ce bac est actuellement désactivé ou restreint à un ou plusieurs groupes/utilisateurs spécifiques. Voulez-vous accorder l&apos;accès à tout le monde ?</translation>
</message>
</context>
<context>
@ -8229,7 +8229,7 @@ Si des processus directeurs sont définis, tous les autres sont traités comme d
<location filename="Forms/OptionsWindow.ui" line="432"/>
<source>When &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Box Encryption&lt;/a&gt; is enabled the box&apos;s root folder, including its registry hive, is stored in an encrypted disk image, using &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;s&lt;/a&gt; AES-XTS implementation.</source>
<oldsource>When &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Box Encryption&lt;/a&gt; is enabled the boxs root folder, including its registry hive, is stored in an encrypted disk image, using &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;s&lt;/a&gt; AES-XTS implementation.</oldsource>
<translation type="unfinished">Lorsque le &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;chiffrement de bac&lt;/a&gt; est activé, le dossier racine du bac (y compris sa ruche du registre) est stocké dans une image disque chiffrée en utilisant l&apos;implémentation AES-XTS de &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&lt;/a&gt;.</translation>
<translation>Lorsque le &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;chiffrement de bac&lt;/a&gt; est activé, le dossier racine du bac (y compris sa ruche du registre) est stocké dans une image disque chiffrée en utilisant l&apos;implémentation AES-XTS de &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&lt;/a&gt;.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="445"/>
@ -8745,7 +8745,7 @@ Le niveau de correspondance du processus a une priorité plus élevée que la sp
<location filename="Forms/OptionsWindow.ui" line="1377"/>
<source>Security Isolation through the usage of a heavily restricted process token is Sandboxie&apos;s primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. it&apos;s no longer providing reliable security, just simple application compartmentalization.</source>
<oldsource>Security Isolation through the usage of a heavily restricted process token is Sandboxie&apos;s primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. its no longer providing reliable security, just simple application compartmentalization.</oldsource>
<translation type="unfinished">L&apos;isolation de sécurité par l&apos;utilisation d&apos;un jeton de processus fortement restreint est le principal moyen utilisé par Sandboxie pour appliquer les restrictions du bac. Lorsque cette fonction est désactivée, le bac fonctionne en mode conteneur d&apos;applications, c&apos;est-à-dire qu&apos;il ne fournit plus de sécurité fiable, mais seulement une simple compartimentation des applications.</translation>
<translation>L&apos;isolation de sécurité par l&apos;utilisation d&apos;un jeton de processus fortement restreint est le principal moyen utilisé par Sandboxie pour appliquer les restrictions du bac. Lorsque cette fonction est désactivée, le bac fonctionne en mode conteneur d&apos;applications, c&apos;est-à-dire qu&apos;il ne fournit plus de sécurité fiable, mais seulement une simple compartimentation des applications.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="887"/>
@ -9064,7 +9064,8 @@ au lieu de « * ».</translation>
<location filename="Forms/OptionsWindow.ui" line="1926"/>
<source>Checked: A local group will also be added to the newly created sandboxed token, which allows addressing all sandboxes at once. Would be useful for auditing policies.
Partially checked: No groups will be added to the newly created sandboxed token.</source>
<translation type="unfinished"></translation>
<translation>Coché : Un groupe local sera également ajouté au jeton nouvellement créé du bac, ce qui permet de s&apos;adresser à tous les bacs à la fois. Peut être utile pour les politiques d&apos;audit.
Partiellement coché : Aucun groupe ne sera ajouté au jeton nouvellement créé du bac.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="1930"/>
@ -9405,7 +9406,7 @@ Veuillez noter que ces valeurs sont actuellement spécifiques à l&apos;utilisat
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.</source>
<oldsource>Sandboxies resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ClosedFilePath=! iexplore.exe,C:Users* will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the Access policies page.
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.</oldsource>
<translation type="unfinished">Les règles d&apos;accès aux ressources de Sandboxie discriminent souvent les binaires des programmes situés dans le bac. OpenFilePath et OpenKeyPath fonctionnent uniquement pour les binaires des applications situées nativement sur l&apos;hôte. Afin de définir une règle sans cette restriction, OpenPipePath et OpenConfPath doivent être utilisés. De même, toutes les directives Closed(File|Key|Ipc)Path qui sont définies par une négation (par exemple « ClosedFilePath=! iexplore.exe,C:Users* ») seront toujours fermées aux binaires situés dans un bac. Les deux politiques de restriction peuvent être désactivées sur la page « Politiques d&apos;accès ».
<translation>Les règles d&apos;accès aux ressources de Sandboxie discriminent souvent les binaires des programmes situés dans le bac. OpenFilePath et OpenKeyPath fonctionnent uniquement pour les binaires des applications situées nativement sur l&apos;hôte. Afin de définir une règle sans cette restriction, OpenPipePath et OpenConfPath doivent être utilisés. De même, toutes les directives Closed(File|Key|Ipc)Path qui sont définies par une négation (par exemple « ClosedFilePath=!iexplore.exe,C:Users* ») seront toujours fermées aux binaires situés dans un bac. Les deux politiques de restriction peuvent être désactivées sur la page « Politiques d&apos;accès ».
Ceci est fait pour empêcher les processus malveillants à l&apos;intérieur du bac de créer une copie renommée d&apos;eux-mêmes et d&apos;accéder aux ressources protégées. Un autre vecteur d&apos;exploit est l&apos;injection d&apos;une bibliothèque dans un processus autorisé afin d&apos;accéder à tout ce qu&apos;il est autorisé d&apos;accéder. En utilisant la Protection d&apos;Image de l&apos;Hôte, cela peut être empêché en bloquant les applications (installées sur l&apos;hôte) lancées dans un bac de charger des bibliothèques depuis le bac lui-même.</translation>
</message>
<message>
@ -9573,19 +9574,19 @@ Ceci est fait pour empêcher les processus malveillants à l&apos;intérieur du
<location filename="Forms/OptionsWindow.ui" line="4776"/>
<source>Hide Firmware Information</source>
<oldsource>Hide Firmware Informations</oldsource>
<translation type="unfinished">Masquer les informations du microgiciel</translation>
<translation>Masquer les informations du microgiciel</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4806"/>
<source>Some programs read system details through WMI (a Windows built-in database) instead of normal ways. For example, &quot;tasklist.exe&quot; could get full processes list through accessing WMI, even if &quot;HideOtherBoxes&quot; is used. Enable this option to stop this behaviour.</source>
<oldsource>Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,&quot;tasklist.exe&quot; could get full processes list even if &quot;HideOtherBoxes&quot; is opened through accessing WMI. Enable this option to stop these behaviour.</oldsource>
<translation type="unfinished">Certains programmes lisent les détails du système en se servant de WMI (une base de données incluse avec Windows) au lieu d&apos;utiliser des méthodes normales. Par exemple, « tasklist.exe » peut ainsi obtenir la liste complète des processus même si « Masquer les propres processus de Sandboxie de la liste des tâches » est activé. Utilisez cette option pour empêcher ce comportement.</translation>
<translation>Certains programmes lisent les détails du système en se servant de WMI (une base de données incluse avec Windows) au lieu d&apos;utiliser des méthodes normales. Par exemple, « tasklist.exe » peut ainsi obtenir la liste complète des processus même si « Masquer les propres processus de Sandboxie de la liste des tâches » est activé. Utilisez cette option pour empêcher ce comportement.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4809"/>
<source>Prevent sandboxed processes from accessing system details through WMI (see tooltip for more info)</source>
<oldsource>Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)</oldsource>
<translation type="unfinished">Empêcher les processus d&apos;un bac d&apos;accéder aux détails du système en se servant de WMI (voir la bulle d&apos;aide pour plus d&apos;information)</translation>
<translation>Empêcher les processus d&apos;un bac d&apos;accéder aux détails du système en se servant de WMI (voir la bulle d&apos;aide pour plus d&apos;information)</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4847"/>
@ -9606,7 +9607,7 @@ Ceci est fait pour empêcher les processus malveillants à l&apos;intérieur du
<location filename="Forms/OptionsWindow.ui" line="4919"/>
<source>Dump the current Firmware Tables to HKCU\System\SbieCustom</source>
<oldsource>Dump the current Firmare Tables to HKCU\System\SbieCustom</oldsource>
<translation type="unfinished">Copier la table du microgiciel actuel dans « HKCU\System\SbieCustom »</translation>
<translation>Copier la table du microgiciel actuel dans « HKCU\System\SbieCustom »</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4922"/>
@ -9789,7 +9790,7 @@ Ceci est fait pour empêcher les processus malveillants à l&apos;intérieur du
<message>
<location filename="Forms/SelectBoxWindow.ui" line="105"/>
<source>Select the sandbox in which to start the program, installer or document.</source>
<translation>Sélectionnez le bac dans lequel lancer le programme, l&apos;installeur, ou le document.</translation>
<translation>Choisir le bac dans lequel exécuter le programme ou le document.</translation>
</message>
<message>
<location filename="Forms/SelectBoxWindow.ui" line="64"/>
@ -10317,7 +10318,7 @@ Ceci est fait pour empêcher les processus malveillants à l&apos;intérieur du
<location filename="Forms/SettingsWindow.ui" line="643"/>
<source>Add &apos;Set Force in Sandbox&apos; to the context menu</source>
<oldsource>Add Set Force in Sandbox&apos; to the context menu</oldsource>
<translation type="unfinished">Ajouter « Toujours forcer dans un bac à sable » au menu contextuel</translation>
<translation>Ajouter « Toujours forcer dans un bac à sable » au menu contextuel</translation>
</message>
<message>
<location filename="Forms/SettingsWindow.ui" line="650"/>

39
SandboxiePlus/SandMan/sandman_tr.ts
View File

@ -4798,8 +4798,7 @@ Lütfen Sandboxie için bir güncelleme olup olmadığını kontrol edin.</trans
<message>
<location filename="Views/SbieView.cpp" line="1807"/>
<source>This sandbox is currently disabled or restricted to specific groups or users. Would you like to allow access for everyone?</source>
<oldsource>This sandbox is disabled or restricted to a group/user, do you want to allow box for everybody ?</oldsource>
<translation type="unfinished">Bu alan devre dışı veya bir grup/kullanıcı ile sınırlandırılmış, etkinleştirmek istiyor musunuz?</translation>
<translation>Bu korumalı alan şu anda devre dışı veya belirli gruplarla veya kullanıcılarla sınırlı. Herkesin erişimine izin vermek ister misiniz?</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1263"/>
@ -5095,12 +5094,12 @@ Lütfen Sandboxie için bir güncelleme olup olmadığını kontrol edin.</trans
<message>
<location filename="Views/SbieView.cpp" line="1421"/>
<source>Please enter a new alias for the Sandbox.</source>
<translation type="unfinished"></translation>
<translation>Lütfen korumalı alan için yeni bir takma ad girin.</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1430"/>
<source>The entered name is not valid, do you want to set it as an alias instead?</source>
<translation type="unfinished"></translation>
<translation>Girilen ad geçerli değil, bunu bir takma ad olarak ayarlamak ister misiniz?</translation>
</message>
<message>
<location filename="Views/SbieView.cpp" line="1562"/>
@ -7361,8 +7360,7 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl
<message>
<location filename="Forms/OptionsWindow.ui" line="432"/>
<source>When &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Box Encryption&lt;/a&gt; is enabled the box&apos;s root folder, including its registry hive, is stored in an encrypted disk image, using &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;s&lt;/a&gt; AES-XTS implementation.</source>
<oldsource>When &lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Box Encryption&lt;/a&gt; is enabled the boxs root folder, including its registry hive, is stored in an encrypted disk image, using &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;s&lt;/a&gt; AES-XTS implementation.</oldsource>
<translation type="unfinished">&lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Alan Şifreleme&lt;/a&gt; etkinleştirildiğinde, kayıt defteri kovanı da dahil olmak üzere alanın kök klasörü, &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;un&lt;/a&gt; AES-XTS uygulaması kullanılarak şifrelenmiş bir disk görüntüsünde depolanır.</translation>
<translation>&lt;a href=&quot;sbie://docs/boxencryption&quot;&gt;Alan Şifreleme&lt;/a&gt; etkinleştirildiğinde, kayıt defteri kovanı da dahil olmak üzere alanın kök klasörü, &lt;a href=&quot;https://diskcryptor.org&quot;&gt;Disk Cryptor&apos;un&lt;/a&gt; AES-XTS uygulaması kullanılarak şifrelenmiş bir disk görüntüsünde depolanır.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="348"/>
@ -7580,10 +7578,8 @@ Not: Bir korumalı alana ilişkin Zorunlu Programlar ve Zorunlu Klasörler ayarl
<location filename="Forms/OptionsWindow.ui" line="4303"/>
<source>Sandboxie&apos;s resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. &apos;ClosedFilePath=!iexplore.exe,C:Users*&apos; will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the &quot;Access policies&quot; page.
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.</source>
<oldsource>Sandboxies resource access rules often discriminate against program binaries located inside the sandbox. OpenFilePath and OpenKeyPath work only for application binaries located on the host natively. In order to define a rule without this restriction, OpenPipePath or OpenConfPath must be used. Likewise, all Closed(File|Key|Ipc)Path directives which are defined by negation e.g. ClosedFilePath=! iexplore.exe,C:Users* will be always closed for binaries located inside a sandbox. Both restriction policies can be disabled on the Access policies page.
This is done to prevent rogue processes inside the sandbox from creating a renamed copy of themselves and accessing protected resources. Another exploit vector is the injection of a library into an authorized process to get access to everything it is allowed to access. Using Host Image Protection, this can be prevented by blocking applications (installed on the host) running inside a sandbox from loading libraries from the sandbox itself.</oldsource>
<translation type="unfinished">Sandboxie&apos;nin kaynak erişim kuralları, genellikle korumalı alan içinde bulunan program ikili dosyalarına göre ayrım yapar. OpenFilePath ve OpenKeyPath yalnızca ana sistemde yerel olarak bulunan uygulama ikili dosyaları için çalışır.
Bu kısıtlama olmaksızın bir kural tanımlamak için OpenPipePath veya OpenConfPath kullanılmalıdır. Aynı şekilde, olumsuzlama ile tanımlanan tüm Closed(File|Key|Ipc)Path yönergeleri, örn. &apos;ClosedFilePath=! iexplore.exe,C:Users*&apos;, korumalı alan içinde bulunan ikili dosyalar için her zaman kapalı olacaktır. Her iki kısıtlama ilkesi de &quot;Erişim İlkeleri&quot; sayfasından devre dışı bırakılabilir.
<translation>Sandboxie&apos;nin kaynak erişim kuralları, genellikle korumalı alan içinde bulunan program ikili dosyalarına göre ayrım yapar. OpenFilePath ve OpenKeyPath yalnızca ana sistemde yerel olarak bulunan uygulama ikili dosyaları için çalışır.
Bu kısıtlama olmaksızın bir kural tanımlamak için OpenPipePath veya OpenConfPath kullanılmalıdır. Aynı şekilde, olumsuzlama ile tanımlanan tüm Closed(File|Key|Ipc)Path yönergeleri, örn. &apos;ClosedFilePath=!iexplore.exe,C:\Users\*&apos;, korumalı alan içinde bulunan ikili dosyalar için her zaman kapalı olacaktır. Her iki kısıtlama ilkesi de &quot;Erişim İlkeleri&quot; sayfasından devre dışı bırakılabilir.
Bu, korumalı alan içindeki haydut işlemlerin kendilerinin yeniden adlandırılmış bir kopyasını oluşturmasını ve korunan kaynaklara erişmesini önlemek için yapılır. Başka bir istismar vektörü de bir kütüphanenin yetkili bir işleme yerleşerek ona izin verilen her şeye erişim hakkı elde etmesidir. Ana Sistem Görüntü Koruması kullanılarak, bir korumalı alanda çalışan uygulamaların (ana sistemde yüklü) korumalı alanda bulunan kütüphaneleri yüklemesi engellenerek bu durum önlenebilir.</translation>
</message>
<message>
@ -7734,7 +7730,8 @@ Bu, korumalı alan içindeki haydut işlemlerin kendilerinin yeniden adlandırı
<location filename="Forms/OptionsWindow.ui" line="1926"/>
<source>Checked: A local group will also be added to the newly created sandboxed token, which allows addressing all sandboxes at once. Would be useful for auditing policies.
Partially checked: No groups will be added to the newly created sandboxed token.</source>
<translation type="unfinished"></translation>
<translation>İşaretli: Yeni oluşturulan korumalı alan belirtecine yerel bir grup da eklenir, bu da tüm korumalı aların aynı anda adreslenmesine olanak tanır. Denetim ilkeleri için kullanılabilir.
Kısmen işaretli: Yeni oluşturulan korumalı alan belirtecine hiçbir grup eklenmez.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="2204"/>
@ -8043,20 +8040,17 @@ Bir işlemi belirtmek için yol olarak &apos;$:program.exe&apos; kullanın.</tra
<message>
<location filename="Forms/OptionsWindow.ui" line="4776"/>
<source>Hide Firmware Information</source>
<oldsource>Hide Firmware Informations</oldsource>
<translation type="unfinished">Ürün Yazılımı Bilgilerini Gizle</translation>
<translation>Ürün Yazılımı Bilgisini Gizle</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4806"/>
<source>Some programs read system details through WMI (a Windows built-in database) instead of normal ways. For example, &quot;tasklist.exe&quot; could get full processes list through accessing WMI, even if &quot;HideOtherBoxes&quot; is used. Enable this option to stop this behaviour.</source>
<oldsource>Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,&quot;tasklist.exe&quot; could get full processes list even if &quot;HideOtherBoxes&quot; is opened through accessing WMI. Enable this option to stop these behaviour.</oldsource>
<translation type="unfinished">Bazı programlar, geleneksel yöntemleri kullanmak yerine, yerleşik bir Windows veritabanı olan WMI (Windows Yönetim Araçları) aracılığıyla sistem ayrıntılarını alır. Örneğin, &amp;apos;tasklist.exe&amp;apos;, &amp;apos;HideOtherBoxes&amp;apos; etkin olsa bile işlemlerin tam listesine erişebilir. Bu tür davranışları önlemek için bu seçeneği etkinleştirin.</translation>
<translation>Bazı programlar, geleneksel yöntemleri kullanmak yerine, yerleşik bir Windows veritabanı olan WMI (Windows Yönetim Araçları) aracılığıyla sistem ayrıntılarına erişebilir. Örneğin, &quot;tasklist.exe&quot;, &quot;HideOtherBoxes&quot; etkin olsa bile işlemlerin tam listesine erişebilir. Bu tür davranışları önlemek için bu seçeneği etkinleştirin.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4809"/>
<source>Prevent sandboxed processes from accessing system details through WMI (see tooltip for more info)</source>
<oldsource>Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)</oldsource>
<translation type="unfinished">Korumalı alandaki işlemlerin WMI aracılığıyla sistem ayrıntılarına erişmesini önle (daha fazla bilgi için ipucuna bakın)</translation>
<translation>Korumalı alandaki işlemlerin WMI aracılığıyla sistem ayrıntılarına erişmesini önle (daha fazla bilgi için ipucuna bakın)</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4847"/>
@ -8076,8 +8070,7 @@ Bir işlemi belirtmek için yol olarak &apos;$:program.exe&apos; kullanın.</tra
<message>
<location filename="Forms/OptionsWindow.ui" line="4919"/>
<source>Dump the current Firmware Tables to HKCU\System\SbieCustom</source>
<oldsource>Dump the current Firmare Tables to HKCU\System\SbieCustom</oldsource>
<translation type="unfinished">Mevcut Ürün Yazılımı Tablolarını HKCU\System\SbieCustom anahtarına döker</translation>
<translation>Mevcut Ürün Yazılımı Tablolarını HKCU\System\SbieCustom anahtarına döker</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4922"/>
@ -8430,8 +8423,7 @@ Lütfen bu değerlerin kullanıcıya özel olduğunu ve tüm alanlar için globa
<message>
<location filename="Forms/OptionsWindow.ui" line="1377"/>
<source>Security Isolation through the usage of a heavily restricted process token is Sandboxie&apos;s primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. it&apos;s no longer providing reliable security, just simple application compartmentalization.</source>
<oldsource>Security Isolation through the usage of a heavily restricted process token is Sandboxie&apos;s primary means of enforcing sandbox restrictions, when this is disabled the box is operated in the application compartment mode, i.e. its no longer providing reliable security, just simple application compartmentalization.</oldsource>
<translation type="unfinished">Güvenlik Yalıtımı, Sandboxie&apos;nin çok kısıtlı işlem belirteci kullanımı yoluyla korumalı alan kısıtlamalarını uygulamasının birincil yoludur. Bu devre dışı bırakılırsa, alan, uygulama bölmesi modunda çalıştırılır, yani artık sağlıklı bir güvenlik sağlayamaz ve yalnızca basit uygulama bölümlemesi sağlar.</translation>
<translation>Güvenlik Yalıtımı, Sandboxie&apos;nin çok kısıtlı işlem belirteci kullanımı yoluyla korumalı alan kısıtlamalarını uygulamasının birincil yoludur. Bu devre dışı bırakılırsa, alan, uygulama bölmesi modunda çalıştırılır, yani artık sağlıklı bir güvenlik sağlayamaz ve yalnızca basit uygulama bölümlemesi sağlar.</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="1357"/>
@ -9440,13 +9432,12 @@ The process match level has a higher priority than the specificity and describes
<message>
<location filename="Forms/SettingsWindow.ui" line="643"/>
<source>Add &apos;Set Force in Sandbox&apos; to the context menu</source>
<oldsource>Add Set Force in Sandbox&apos; to the context menu</oldsource>
<translation type="unfinished">Bağlam menüsüne Korumalı Alanda Zorlamaya Ayarla&apos; seçeneği ekle</translation>
<translation>Bağlam menüsüne &apos;Korumalı Alanda Zorlamaya Ayarla&apos; seçeneği ekle</translation>
</message>
<message>
<location filename="Forms/SettingsWindow.ui" line="650"/>
<source>Add &apos;Set Open Path in Sandbox&apos; to context menu</source>
<translation>Bağlam menüsüne Korumalı Alanda ık Erişime Ayarla&apos; seçeneği ekle</translation>
<translation>Bağlam menüsüne &apos;Korumalı Alanda ık Erişime Ayarla&apos; seçeneği ekle</translation>
</message>
<message>
<location filename="Forms/SettingsWindow.ui" line="1583"/>

26
SandboxiePlus/SandMan/sandman_uk.ts
View File

@ -27,7 +27,7 @@
<message>
<location filename="Forms/BoxImageWindow.ui" line="100"/>
<source>Show Password</source>
<translation type="unfinished"></translation>
<translation>Показати пароль</translation>
</message>
<message>
<location filename="Forms/BoxImageWindow.ui" line="49"/>
@ -37,12 +37,12 @@
<message>
<location filename="Forms/BoxImageWindow.ui" line="66"/>
<source>New Password</source>
<translation type="unfinished"></translation>
<translation>Новий пароль</translation>
</message>
<message>
<location filename="Forms/BoxImageWindow.ui" line="83"/>
<source>Repeat Password</source>
<translation type="unfinished"></translation>
<translation>Повторіть пароль</translation>
</message>
<message>
<location filename="Forms/BoxImageWindow.ui" line="107"/>
@ -3913,17 +3913,17 @@ Note: The update check is often behind the latest GitHub release to ensure that
<location filename="SandMan.cpp" line="1016"/>
<location filename="SandMan.cpp" line="1017"/>
<source>Edit Sandboxie.ini</source>
<translation type="unfinished"></translation>
<translation>Редагувати Sandboxie.ini</translation>
</message>
<message>
<location filename="SandMan.cpp" line="630"/>
<source>Edit Templates.ini</source>
<translation type="unfinished"></translation>
<translation>Редагувати Templates.ini</translation>
</message>
<message>
<location filename="SandMan.cpp" line="632"/>
<source>Edit Sandboxie-Plus.ini</source>
<translation type="unfinished"></translation>
<translation>Редагувати Sandboxie-Plus.ini</translation>
</message>
<message>
<location filename="SandMan.cpp" line="636"/>
@ -7616,7 +7616,7 @@ If leader processes are defined, all others are treated as lingering processes.<
<message>
<location filename="Forms/OptionsWindow.ui" line="411"/>
<source>Set Password</source>
<translation type="unfinished"></translation>
<translation>Встановити пароль</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="293"/>
@ -7680,7 +7680,7 @@ If leader processes are defined, all others are treated as lingering processes.<
<message>
<location filename="Forms/OptionsWindow.ui" line="1292"/>
<source>Security Isolation</source>
<translation type="unfinished"></translation>
<translation>Ізоляція безпеки</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="1330"/>
@ -7690,7 +7690,7 @@ If leader processes are defined, all others are treated as lingering processes.<
<message>
<location filename="Forms/OptionsWindow.ui" line="1340"/>
<source>Disable Security Isolation</source>
<translation type="unfinished"></translation>
<translation>Вимкнути ізоляцію безпеки</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="904"/>
@ -7982,7 +7982,7 @@ Partially checked: No groups will be added to the newly created sandboxed token.
<message>
<location filename="Forms/OptionsWindow.ui" line="2678"/>
<source>Files</source>
<translation type="unfinished"></translation>
<translation>Файли</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="2771"/>
@ -8045,7 +8045,7 @@ To specify a process use &apos;$:program.exe&apos; as path.</source>
<message>
<location filename="Forms/OptionsWindow.ui" line="3225"/>
<source>Access Policies</source>
<translation type="unfinished"></translation>
<translation>Політики доступу</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="3238"/>
@ -8055,7 +8055,7 @@ To specify a process use &apos;$:program.exe&apos; as path.</source>
<message>
<location filename="Forms/OptionsWindow.ui" line="3339"/>
<source>Network Options</source>
<translation type="unfinished"></translation>
<translation>Параметри мережі</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="3436"/>
@ -8826,7 +8826,7 @@ Please note that this values are currently user specific and saved globally for
<message>
<location filename="Forms/OptionsWindow.ui" line="673"/>
<source>Restrictions</source>
<translation type="unfinished"></translation>
<translation>Обмеження</translation>
</message>
<message>
<location filename="Forms/OptionsWindow.ui" line="4125"/>