fixes ui of job object limit restrictions

This commit is contained in:
offhub 2024-07-22 17:49:57 +03:00
parent 747d1d74a7
commit f782bdb6df
No known key found for this signature in database
GPG Key ID: 7B12A8941851DA59
4 changed files with 192 additions and 96 deletions

View File

@ -1477,7 +1477,7 @@ _FX BOOLEAN SbieApi_QueryConfBool(
//---------------------------------------------------------------------------
// SbieApi_QueryConfBool
// SbieApi_QueryConfNumber
//---------------------------------------------------------------------------
@ -1507,7 +1507,7 @@ _FX ULONG SbieApi_QueryConfNumber(
//---------------------------------------------------------------------------
// SbieApi_QueryConfBool
// SbieApi_QueryConfNumber64
//---------------------------------------------------------------------------

View File

@ -45,7 +45,7 @@
<enum>QTabWidget::North</enum>
</property>
<property name="currentIndex">
<number>3</number>
<number>1</number>
</property>
<widget class="QWidget" name="tabGeneral">
<attribute name="title">
@ -55,7 +55,7 @@
<item row="0" column="0">
<widget class="QTabWidget" name="tabsGeneral">
<property name="currentIndex">
<number>2</number>
<number>0</number>
</property>
<widget class="QWidget" name="tabOptions">
<attribute name="title">
@ -1095,7 +1095,7 @@
<item row="0" column="0">
<widget class="QTabWidget" name="tabsSecurity">
<property name="currentIndex">
<number>4</number>
<number>3</number>
</property>
<widget class="QWidget" name="tabHarden">
<attribute name="title">
@ -1579,6 +1579,71 @@
<layout class="QGridLayout" name="gridLayout_51">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout_50">
<item row="7" column="0">
<spacer name="verticalSpacer_45">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="0" colspan="2">
<widget class="QLabel" name="lblLimit">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
</property>
<property name="text">
<string>Limit restrictions</string>
</property>
</widget>
</item>
<item row="5" column="3">
<widget class="QLineEdit" name="txtTotalMemory">
<property name="maximumSize">
<size>
<width>125</width>
<height>16777215</height>
</size>
</property>
<property name="toolTip">
<string>Leave it blank to disable the setting</string>
</property>
<property name="placeholderText">
<string>unlimited</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_63">
<property name="sizePolicy">
<sizepolicy hsizetype="Fixed" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>16</width>
<height>0</height>
</size>
</property>
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="6" column="1" colspan="2">
<widget class="QLabel" name="label_86">
<property name="text">
@ -1586,7 +1651,30 @@
</property>
</widget>
</item>
<item row="1" column="1" colspan="4">
<item row="6" column="3">
<widget class="QLineEdit" name="txtTotalNumber">
<property name="maximumSize">
<size>
<width>125</width>
<height>16777215</height>
</size>
</property>
<property name="toolTip">
<string>Leave it blank to disable the setting</string>
</property>
<property name="placeholderText">
<string>unlimited</string>
</property>
</widget>
</item>
<item row="2" column="2" colspan="4">
<widget class="QCheckBox" name="chkNestedJobs">
<property name="text">
<string>Allow use of nested job objects (works on Windows 8 and later)</string>
</property>
</widget>
</item>
<item row="1" column="1" colspan="5">
<widget class="QCheckBox" name="chkAddToJob">
<property name="text">
<string>Add sandboxed processes to job objects (recommended)</string>
@ -1610,13 +1698,6 @@
</property>
</widget>
</item>
<item row="5" column="1" colspan="2">
<widget class="QLabel" name="label_56">
<property name="text">
<string>Total Processes Memory Limit:</string>
</property>
</widget>
</item>
<item row="4" column="1" colspan="2">
<widget class="QLabel" name="label_53">
<property name="text">
@ -1624,35 +1705,7 @@
</property>
</widget>
</item>
<item row="4" column="3">
<widget class="QLineEdit" name="lineSingleMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="5" column="3">
<widget class="QLineEdit" name="lineTotalMemory">
<property name="placeholderText">
<string>Leave it blank to disable the setting(Unit:KB)</string>
</property>
</widget>
</item>
<item row="6" column="3">
<widget class="QLineEdit" name="lineTotalNumber">
<property name="placeholderText">
<string>Leave it blank to disable the setting</string>
</property>
</widget>
</item>
<item row="2" column="2" colspan="3">
<widget class="QCheckBox" name="chkNestedJobs">
<property name="text">
<string>Allow use of nested job objects (works on Windows 8 and later)</string>
</property>
</widget>
</item>
<item row="7" column="4">
<item row="7" column="5">
<spacer name="horizontalSpacer_23">
<property name="orientation">
<enum>Qt::Horizontal</enum>
@ -1665,52 +1718,47 @@
</property>
</spacer>
</item>
<item row="7" column="0">
<spacer name="verticalSpacer_45">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_63">
<property name="sizePolicy">
<sizepolicy hsizetype="Fixed" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="minimumSize">
<size>
<width>16</width>
<height>0</height>
</size>
</property>
<item row="5" column="5">
<widget class="QLabel" name="lblTotalMemory">
<property name="text">
<string/>
<string>bytes</string>
</property>
</widget>
</item>
<item row="3" column="0" colspan="2">
<widget class="QLabel" name="lblLimit">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
<item row="4" column="3">
<widget class="QLineEdit" name="txtSingleMemory">
<property name="maximumSize">
<size>
<width>125</width>
<height>16777215</height>
</size>
</property>
<property name="toolTip">
<string>Protect the system from sandboxed processes</string>
<string>Leave it blank to disable the setting</string>
</property>
<property name="placeholderText">
<string>unlimited</string>
</property>
</widget>
</item>
<item row="5" column="1" colspan="2">
<widget class="QLabel" name="label_56">
<property name="text">
<string>Limit restrictions</string>
<string>Total Processes Memory Limit:</string>
</property>
</widget>
</item>
<item row="4" column="5">
<widget class="QLabel" name="lblSingleMemory">
<property name="text">
<string>bytes</string>
</property>
</widget>
</item>
<item row="6" column="5">
<widget class="QLabel" name="lblTotalNumber">
<property name="text">
<string/>
</property>
</widget>
</item>
@ -5181,8 +5229,8 @@ instead of &quot;*&quot;.</string>
<rect>
<x>0</x>
<y>0</y>
<width>75</width>
<height>16</height>
<width>98</width>
<height>28</height>
</rect>
</property>
<layout class="QGridLayout" name="dbgLayout">

View File

@ -17,6 +17,11 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkElevateCreateProcessFix, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkNoWindowRename, SIGNAL(clicked(bool)), this, SLOT(OnNoWindowRename()));
connect(ui.chkNestedJobs, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.txtSingleMemory, SIGNAL(textChanged(const QString&)), this, SLOT(OnAdvancedChanged()));
connect(ui.txtTotalMemory, SIGNAL(textChanged(const QString&)), this, SLOT(OnAdvancedChanged()));
connect(ui.txtTotalNumber, SIGNAL(textChanged(const QString&)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkUseSbieDeskHack, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkUseSbieWndStation, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@ -141,6 +146,18 @@ void COptionsWindow::LoadAdvanced()
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
ui.chkNestedJobs->setChecked(m_pBox->GetBool("AllowBoxedJobs", false));
qint64 iSingleMemory = m_pBox->GetNum64("ProcessMemoryLimit", 0);
if (iSingleMemory > 0x0LL && iSingleMemory <= 0x7FFFFFFFFFFFFFFFLL)
ui.txtSingleMemory->setText(QString::number(iSingleMemory));
qint64 iTotalMemory = m_pBox->GetNum64("TotalMemoryLimit", 0);
if (iTotalMemory > 0x0LL && iTotalMemory <= 0x7FFFFFFFFFFFFFFFLL)
ui.txtTotalMemory->setText(QString::number(iTotalMemory));
qint64 iTotalNumber = m_pBox->GetNum64("ProcessNumberLimit", 0);
if (iTotalNumber > 0x0LL && iTotalNumber <= 0xFFFFFFFFLL)
ui.txtTotalNumber->setText(QString::number(iTotalNumber));
ui.chkUseSbieDeskHack->setChecked(m_pBox->GetBool("UseSbieDeskHack", true));
ui.chkUseSbieWndStation->setChecked(m_pBox->GetBool("UseSbieWndStation", true));
@ -380,6 +397,25 @@ void COptionsWindow::SaveAdvanced()
WriteAdvancedCheck(ui.chkAddToJob, "NoAddProcessToJob", "", "y");
WriteAdvancedCheck(ui.chkProtectSCM, "UnrestrictedSCM", "", "y");
WriteAdvancedCheck(ui.chkNestedJobs, "AllowBoxedJobs", "y", "");
qint64 iSingleMemory = !ui.txtSingleMemory->text().isEmpty() ? ui.txtSingleMemory->text().toLongLong() : -1;
if (iSingleMemory > 0x0LL && iSingleMemory <= 0x7FFFFFFFFFFFFFFFLL)
WriteText("ProcessMemoryLimit", QString::number(iSingleMemory));
else
m_pBox->DelValue("ProcessMemoryLimit");
qint64 iTotalMemory = !ui.txtTotalMemory->text().isEmpty() ? ui.txtTotalMemory->text().toLongLong() : -1;
if (iTotalMemory > 0x0LL && iTotalMemory <= 0x7FFFFFFFFFFFFFFFLL)
WriteText("TotalMemoryLimit", QString::number(iTotalMemory));
else
m_pBox->DelValue("TotalMemoryLimit");
qint64 iTotalNumber = !ui.txtTotalNumber->text().isEmpty() ? ui.txtTotalNumber->text().toLongLong() : -1;
if (iTotalNumber > 0x0LL && iTotalNumber <= 0xFFFFFFFFLL)
WriteText("ProcessNumberLimit", QString::number(iTotalNumber));
else
m_pBox->DelValue("ProcessNumberLimit");
WriteAdvancedCheck(ui.chkRestrictServices, "RunServicesAsSystem", "", "y");
WriteAdvancedCheck(ui.chkElevateRpcss, "RunRpcssAsSystem", "y", "");
WriteAdvancedCheck(ui.chkProtectSystem, "ExposeBoxedSystem", "", "y");
@ -668,9 +704,32 @@ void COptionsWindow::UpdateJobOptions()
bool bUseJobObject = !IsAllWndOpen && ui.chkAddToJob->isChecked();
ui.chkNestedJobs->setEnabled(bUseJobObject);
ui.lineSingleMemory->setEnabled(bUseJobObject);
ui.lineTotalMemory->setEnabled(bUseJobObject);
ui.lineTotalNumber->setEnabled(bUseJobObject);
qint64 iSingleMemory = ui.txtSingleMemory->text().toLongLong();
if (iSingleMemory == 0x0LL || iSingleMemory > 0x7FFFFFFFFFFFFFFFLL) {
ui.lblSingleMemory->setText(tr("bytes (unlimited)"));
}
else {
ui.lblSingleMemory->setText(tr("bytes (%1)").arg(FormatSize(iSingleMemory)));
}
ui.txtSingleMemory->setEnabled(bUseJobObject);
qint64 iTotalMemory = ui.txtTotalMemory->text().toLongLong();
if (iTotalMemory == 0x0LL || iTotalMemory > 0x7FFFFFFFFFFFFFFFLL) {
ui.lblTotalMemory->setText(tr("bytes (unlimited)"));
}
else {
ui.lblTotalMemory->setText(tr("bytes (%1)").arg(FormatSize(iTotalMemory)));
}
ui.txtTotalMemory->setEnabled(bUseJobObject);
qint64 iTotalNumber = ui.txtTotalNumber->text().toLongLong();
if (iTotalNumber == 0X0LL || iTotalNumber > 0xFFFFFFFFLL) {
ui.lblTotalNumber->setText(tr("unlimited"));
}
else {
ui.lblTotalNumber->setText("");
}
ui.txtTotalNumber->setEnabled(bUseJobObject);
}
void COptionsWindow::CheckOpenCOM()

View File

@ -282,10 +282,6 @@ void COptionsWindow::LoadGeneral()
ui.chkOpenSpooler->setChecked(m_pBox->GetBool("OpenPrintSpooler", false));
ui.chkPrintToFile->setChecked(m_pBox->GetBool("AllowSpoolerPrintToFile", false));
ui.lineSingleMemory->setText(m_pBox->GetText("ProcessMemoryLimit", ""));
ui.lineTotalMemory->setText(m_pBox->GetText("TotalMemoryLimit", ""));
ui.lineTotalNumber->setText(m_pBox->GetText("TotalNumberLimit", ""));
//ui.chkOpenProtectedStorage->setChecked(m_pBox->GetBool("OpenProtectedStorage", false));
ui.chkOpenProtectedStorage->setChecked(m_BoxTemplates.contains("OpenProtectedStorage"));
ui.chkOpenCredentials->setChecked(!ui.chkOpenCredentials->isEnabled() || m_pBox->GetBool("OpenCredentials", false));
@ -426,13 +422,6 @@ void COptionsWindow::SaveGeneral()
WriteAdvancedCheck(ui.chkOpenSpooler, "OpenPrintSpooler", "y", "");
WriteAdvancedCheck(ui.chkPrintToFile, "AllowSpoolerPrintToFile", "y", "");
if (!ui.lineSingleMemory->text().isEmpty()) WriteText("ProcessMemoryLimit", ui.lineSingleMemory->text());
else m_pBox->DelValue("ProcessMemoryLimit");
if (!ui.lineTotalMemory->text().isEmpty()) WriteText("TotalMemoryLimit", ui.lineTotalMemory->text());
else m_pBox->DelValue("TotalMemoryLimit");
if (!ui.lineTotalNumber->text().isEmpty()) WriteText("ProcessNumberLimit", ui.lineTotalNumber->text());
else m_pBox->DelValue("ProcessNumberLimit");
//WriteAdvancedCheck(ui.chkOpenProtectedStorage, "OpenProtectedStorage", "y", "");
SetTemplate("OpenProtectedStorage", ui.chkOpenProtectedStorage->isChecked());
if (ui.chkOpenCredentials->isEnabled())