This commit is contained in:
DavidXanatos 2021-12-26 10:19:31 +01:00
parent 77f8af3a60
commit f85991b4c9
19 changed files with 256 additions and 39 deletions

View File

@ -4,6 +4,23 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.0.6 / 5.55.6] - 2021-12-??
### Added
- replaced open with with a sandboxie dialog to work on win 10 [#1138](https://github.com/sandboxie-plus/Sandboxie/issues/1138)
- added ability to run store apps in app container mode, requirers COM to be open
- added new debug options "UnstrippedToken=y" and "KeepUserGroup=y"
- added double click to recovery window [#1466](https://github.com/sandboxie-plus/Sandboxie/issues/1466)
### Changed
- "UseSbieWndStation=y" is now the default behavioure [#1442](https://github.com/sandboxie-plus/Sandboxie/issues/1442)
### Fixed
- fixed box initialization issue in privacy mode [#1469](https://github.com/sandboxie-plus/Sandboxie/issues/1469)
- fixed issue creating shortcuts introduced in a recent build [#1471](https://github.com/sandboxie-plus/Sandboxie/issues/1471)
## [1.0.5 / 5.55.5] - 2021-12-25 ## [1.0.5 / 5.55.5] - 2021-12-25

View File

@ -509,11 +509,23 @@ INT_PTR RunDialogProc(
SetDlgItemText(hwnd, IDCANCEL, SbieDll_FormatMessage0(MSG_3002)); SetDlgItemText(hwnd, IDCANCEL, SbieDll_FormatMessage0(MSG_3002));
SetDlgItemText(hwnd, IDBROWSE, SbieDll_FormatMessage0(MSG_3003)); SetDlgItemText(hwnd, IDBROWSE, SbieDll_FormatMessage0(MSG_3003));
SetDlgItemText(hwnd, IDRUNDLGTEXT, extern BOOL execute_open_with;
if (execute_open_with)
{
SetDlgItemText(hwnd, IDRUNDLGTEXT,
SbieDll_FormatMessage0(MSG_3107));
extern PWSTR ChildCmdLine;
SetDlgItemText(hwnd, IDRUNDLGTEXT2, ChildCmdLine);
}
else
{
SetDlgItemText(hwnd, IDRUNDLGTEXT,
SbieDll_FormatMessage0(MSG_3103)); SbieDll_FormatMessage0(MSG_3103));
SetDlgItemText(hwnd, IDRUNDLGTEXT2, SetDlgItemText(hwnd, IDRUNDLGTEXT2,
SbieDll_FormatMessage0(MSG_3104)); SbieDll_FormatMessage0(MSG_3104));
}
// //
// position window // position window

View File

@ -81,6 +81,7 @@ BOOL run_mail_agent = FALSE;
BOOL display_run_dialog = FALSE; BOOL display_run_dialog = FALSE;
BOOL display_start_menu = FALSE; BOOL display_start_menu = FALSE;
BOOL execute_auto_run = FALSE; BOOL execute_auto_run = FALSE;
BOOL execute_open_with = FALSE;
BOOL run_elevated_2 = FALSE; BOOL run_elevated_2 = FALSE;
BOOL disable_force_on_this_program = FALSE; BOOL disable_force_on_this_program = FALSE;
BOOL auto_select_default_box = FALSE; BOOL auto_select_default_box = FALSE;
@ -388,6 +389,7 @@ BOOL Parse_Command_Line(void)
static const WCHAR *mail_agent = L"mail_agent"; static const WCHAR *mail_agent = L"mail_agent";
static const WCHAR *run_dialog = L"run_dialog"; static const WCHAR *run_dialog = L"run_dialog";
static const WCHAR *start_menu = L"start_menu"; static const WCHAR *start_menu = L"start_menu";
static const WCHAR *open_with = L"open_with";
static const WCHAR *auto_run = L"auto_run"; static const WCHAR *auto_run = L"auto_run";
static const WCHAR *mount_hive = L"mount_hive"; static const WCHAR *mount_hive = L"mount_hive";
static const WCHAR *delete_sandbox = L"delete_sandbox"; static const WCHAR *delete_sandbox = L"delete_sandbox";
@ -757,6 +759,27 @@ BOOL Parse_Command_Line(void)
return TRUE; return TRUE;
// show open with dialog
} else if (wcsncmp(cmd, open_with, wcslen(open_with)) == 0) {
/*if (! SbieApi_QueryProcessInfo(
(HANDLE)(ULONG_PTR)GetCurrentProcessId(), 0)) {
// this is the instance of Start.exe outside the sandbox
// so just resend the start_menu command line to the
// instance that will restart in the sandbox
ChildCmdLine = cmd;
}*/
execute_open_with = TRUE;
DWORD len = wcslen(open_with) + 1;
ChildCmdLine = MyHeapAlloc((wcslen(cmd) - len) * sizeof(WCHAR));
wcscpy(ChildCmdLine, cmd + len);
return TRUE;
// run auto start entries // run auto start entries
} else if (wcsncmp(cmd, auto_run, wcslen(auto_run)) == 0) { } else if (wcsncmp(cmd, auto_run, wcslen(auto_run)) == 0) {
@ -1690,9 +1713,20 @@ int __stdcall WinMainCRTStartup(
while (1) { while (1) {
if (display_run_dialog) { if (display_run_dialog || execute_open_with) {
MyCoInitialize(); MyCoInitialize();
ChildCmdLine = DoRunDialog(GetModuleHandle(NULL)); WCHAR* CmdLine = DoRunDialog(GetModuleHandle(NULL));
if (! ChildCmdLine)
ChildCmdLine = CmdLine;
else { // execute_open_with
WCHAR* FilePath = ChildCmdLine;
DWORD len = wcslen(CmdLine) + 1 + wcslen(FilePath) + 16;
ChildCmdLine = MyHeapAlloc(len * sizeof(WCHAR));
wsprintf(ChildCmdLine, L"%s %s", CmdLine, FilePath);
MyHeapFree(CmdLine);
MyHeapFree(FilePath);
}
} else if (display_start_menu) { } else if (display_start_menu) {
if (! ChildCmdLine) if (! ChildCmdLine)
ChildCmdLine = DoStartMenu(); ChildCmdLine = DoStartMenu();

View File

@ -21,8 +21,8 @@
#ifndef _MY_VERSION_H #ifndef _MY_VERSION_H
#define _MY_VERSION_H #define _MY_VERSION_H
#define MY_VERSION_BINARY 5,55,5 #define MY_VERSION_BINARY 5,55,6
#define MY_VERSION_STRING "5.55.5" #define MY_VERSION_STRING "5.55.6"
#define MY_VERSION_COMPAT "5.55.0" // this refers to the driver ABI compatibility #define MY_VERSION_COMPAT "5.55.0" // this refers to the driver ABI compatibility
// These #defines are used by either Resource Compiler, or by NSIC installer // These #defines are used by either Resource Compiler, or by NSIC installer

View File

@ -43,6 +43,7 @@ static BOOLEAN DisableWerFaultUI(void);
static BOOLEAN EnableMsiDebugging(void); static BOOLEAN EnableMsiDebugging(void);
static BOOLEAN Custom_EnableBrowseNewProcess(void); static BOOLEAN Custom_EnableBrowseNewProcess(void);
static BOOLEAN Custom_DisableBHOs(void); static BOOLEAN Custom_DisableBHOs(void);
static BOOLEAN Custom_OpenWith(void);
static HANDLE OpenExplorerKey( static HANDLE OpenExplorerKey(
HANDLE ParentKey, const WCHAR *SubkeyName, ULONG *error); HANDLE ParentKey, const WCHAR *SubkeyName, ULONG *error);
static void DeleteShellAssocKeys(ULONG Wow64); static void DeleteShellAssocKeys(ULONG Wow64);
@ -71,9 +72,9 @@ _FX BOOLEAN CustomizeSandbox(void)
// customize sandbox if we need to // customize sandbox if we need to
// //
if (GetSetCustomLevel(0) != '1') { Key_CreateBaseKeys();
Key_CreateBaseKeys(); if (GetSetCustomLevel(0) != '2') {
Custom_CreateRegLinks(); Custom_CreateRegLinks();
DisableDCOM(); DisableDCOM();
@ -85,8 +86,10 @@ _FX BOOLEAN CustomizeSandbox(void)
Custom_EnableBrowseNewProcess(); Custom_EnableBrowseNewProcess();
DeleteShellAssocKeys(0); DeleteShellAssocKeys(0);
Custom_DisableBHOs(); Custom_DisableBHOs();
if (Dll_OsBuild >= 8400) // only on win 8 and later
Custom_OpenWith();
GetSetCustomLevel('1'); GetSetCustomLevel('2');
// //
// process user-defined AutoExec settings // process user-defined AutoExec settings
@ -132,6 +135,8 @@ _FX UCHAR GetSetCustomLevel(UCHAR SetLevel)
wcscpy(path, L"\\registry\\user\\"); wcscpy(path, L"\\registry\\user\\");
wcscat(path, Dll_SidString); wcscat(path, Dll_SidString);
//wcscpy(path, Dll_BoxKeyPath);
//wcscat(path, L"\\user\\current");
wcscat(path, L"\\software\\SandboxAutoExec"); wcscat(path, L"\\software\\SandboxAutoExec");
RtlInitUnicodeString(&uni, path); RtlInitUnicodeString(&uni, path);
@ -438,6 +443,110 @@ _FX BOOLEAN EnableMsiDebugging(void)
} }
//---------------------------------------------------------------------------
// Custom_OpenWith
//
// Replace open With dialog as on Win10 it requirers UWP support
//---------------------------------------------------------------------------
_FX BOOLEAN Custom_OpenWith(void)
{
NTSTATUS status;
OBJECT_ATTRIBUTES objattrs;
UNICODE_STRING uni;
HANDLE hKeyRoot;
HANDLE hKey;
HANDLE hKeyCL;
ULONG OpenWithSize = (wcslen(Dll_BoxName) + 128) * sizeof(WCHAR);
WCHAR* OpenWithStr = Dll_AllocTemp(OpenWithSize);
OpenWithStr[0] = L'\"';
wcscpy(&OpenWithStr[1], Dll_HomeDosPath);
wcscat(OpenWithStr, L"\\" START_EXE L"\" open_with \"%1\"");
OpenWithSize = (wcslen(OpenWithStr) + 1) * sizeof(WCHAR);
// Open HKLM
RtlInitUnicodeString(&uni, Custom_PrefixHKLM);
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL);
if (NtOpenKey(&hKeyRoot, KEY_READ, &objattrs) == STATUS_SUCCESS)
{
// open Classes key
RtlInitUnicodeString(&uni, L"SOFTWARE\\Classes");
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyRoot, NULL);
if (Key_OpenOrCreateIfBoxed(&hKeyCL, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
{
// open/create Undecided\shell\open\command key
RtlInitUnicodeString(&uni, L"Undecided\\shell\\open\\command");
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
{
// set @ = "..."
RtlInitUnicodeString(&uni, L"");
status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
RtlInitUnicodeString(&uni, L"DelegateExecute");
NtDeleteValueKey(hKey, &uni);
NtClose(hKey);
}
// open/create Unknown\shell\Open\command key
RtlInitUnicodeString(&uni, L"Unknown\\shell\\Open\\command");
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
{
// set @ = "..."
RtlInitUnicodeString(&uni, L"");
status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
RtlInitUnicodeString(&uni, L"DelegateExecute");
NtDeleteValueKey(hKey, &uni);
NtClose(hKey);
}
// open/create Unknown\shell\openas\command key
RtlInitUnicodeString(&uni, L"Unknown\\shell\\openas\\command");
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
{
// set @ = "..."
RtlInitUnicodeString(&uni, L"");
status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
RtlInitUnicodeString(&uni, L"DelegateExecute");
NtDeleteValueKey(hKey, &uni);
NtClose(hKey);
}
// open/create Unknown\shell\OpenWithSetDefaultOn\command key
RtlInitUnicodeString(&uni, L"Unknown\\shell\\OpenWithSetDefaultOn\\command");
InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
{
// set @ = "..."
RtlInitUnicodeString(&uni, L"");
status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
RtlInitUnicodeString(&uni, L"DelegateExecute");
NtDeleteValueKey(hKey, &uni);
NtClose(hKey);
}
NtClose(hKeyCL);
}
NtClose(hKeyRoot);
}
Dll_Free(OpenWithStr);
return TRUE;
}
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// DisableWerFaultUI // DisableWerFaultUI
// //

View File

@ -244,7 +244,7 @@ _FX BOOLEAN Gui_InitEnum(void)
// raises an error when CreateDesktop is call. This hook // raises an error when CreateDesktop is call. This hook
// is removed for chrome. See advapi.c: AdvApi_GetSecurityInfo // is removed for chrome. See advapi.c: AdvApi_GetSecurityInfo
if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", FALSE) && if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) &&
(Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) && (Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) &&
(Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX)) { (Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX)) {
SBIEDLL_HOOK_GUI(CreateDesktopW); SBIEDLL_HOOK_GUI(CreateDesktopW);

View File

@ -4300,7 +4300,10 @@ _FX void Key_CreateBaseKeys()
UNICODE_STRING objname; UNICODE_STRING objname;
WCHAR* base_keys[] = { WCHAR* base_keys[] = {
L"\\machine\\system", L"\\machine\\software", L"\\machine\\system", L"\\machine\\software",
L"\\user\\current\\software", L"\\user\\current_Classes", NULL}; L"\\user\\current\\software", L"\\user\\current_Classes",
L"\\machine\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer",
L"\\user\\current\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer",
NULL};
// //
// in privacy mode we need to pre create some keys or else the box initialization will fail // in privacy mode we need to pre create some keys or else the box initialization will fail

View File

@ -182,6 +182,10 @@ _FX void Ldr_LoadInjectDlls(BOOLEAN bHostInject)
WCHAR *dllname = Dll_AllocTemp(MAX_PATH * 2 * sizeof(WCHAR)); WCHAR *dllname = Dll_AllocTemp(MAX_PATH * 2 * sizeof(WCHAR));
ULONG index = 0; ULONG index = 0;
//
// We also end up here form host injection mode so Dll_HomeDosPath is not available
//
WCHAR *path = Dll_AllocTemp(1024 * sizeof(WCHAR)); WCHAR *path = Dll_AllocTemp(1024 * sizeof(WCHAR));
SbieApi_GetHomePath(NULL, 0, path, 1020); SbieApi_GetHomePath(NULL, 0, path, 1020);

View File

@ -274,6 +274,15 @@ _FX NTSTATUS Key_Callback(void *Context, void *Arg1, void *Arg2)
pRemainingName = &RemainingName; pRemainingName = &RemainingName;
} }
//
// Store app container support
//
if (Driver_OsVersion >= DRIVER_WINDOWS_10) {
if (_wcsnicmp(pRemainingName->Buffer, proc->box->key_path + 9, (proc->box->key_path_len - (sizeof(WCHAR) * (9 + 1))) / sizeof(WCHAR)) == 0) // +9 skip \REGISTRY, +1 don't compare '\0'
return STATUS_SUCCESS;
}
// //
// call Key_MyParseProc_2 // call Key_MyParseProc_2
// //

View File

@ -69,7 +69,7 @@ static NTSTATUS Token_RestrictHelper2(
static void *Token_RestrictHelper3( static void *Token_RestrictHelper3(
void *TokenObject, TOKEN_GROUPS *Groups, TOKEN_PRIVILEGES *Privileges, void *TokenObject, TOKEN_GROUPS *Groups, TOKEN_PRIVILEGES *Privileges,
PSID UserSid, ULONG FilterFlags, ULONG SessionId); PSID UserSid, ULONG FilterFlags, PROCESS *proc);
static BOOLEAN Token_AssignPrimary( static BOOLEAN Token_AssignPrimary(
void *ProcessObject, void *TokenObject, ULONG SessionId); void *ProcessObject, void *TokenObject, ULONG SessionId);
@ -894,6 +894,11 @@ _FX void *Token_Restrict(
void *FixedTokenObject = Token_RestrictHelper1( void *FixedTokenObject = Token_RestrictHelper1(
TokenObject, OutIntegrityLevel, proc); TokenObject, OutIntegrityLevel, proc);
// OpenToken BEGIN
if (Conf_Get_Boolean(proc->box->name, L"UnstrippedToken", 0, FALSE))
NewTokenObject = FixedTokenObject;
else
// OpenToken END
if (FixedTokenObject) { if (FixedTokenObject) {
TOKEN_PRIVILEGES *privs_arg = TOKEN_PRIVILEGES *privs_arg =
@ -901,17 +906,11 @@ _FX void *Token_Restrict(
NewTokenObject = Token_RestrictHelper3( NewTokenObject = Token_RestrictHelper3(
FixedTokenObject, groups, privs_arg, FixedTokenObject, groups, privs_arg,
user->User.Sid, FilterFlags, proc->box->session_id); user->User.Sid, FilterFlags, proc);
ObDereferenceObject(FixedTokenObject); ObDereferenceObject(FixedTokenObject);
} }
else
NewTokenObject = NULL;
} }
else
NewTokenObject = NULL;
if (user) if (user)
ExFreePool(user); ExFreePool(user);
@ -1430,7 +1429,7 @@ _FX NTSTATUS Token_RestrictHelper2(
_FX void *Token_RestrictHelper3( _FX void *Token_RestrictHelper3(
void *TokenObject, TOKEN_GROUPS *Groups, TOKEN_PRIVILEGES *Privileges, void *TokenObject, TOKEN_GROUPS *Groups, TOKEN_PRIVILEGES *Privileges,
PSID UserSid, ULONG FilterFlags, ULONG SessionId) PSID UserSid, ULONG FilterFlags, PROCESS *proc)
{ {
void *NewTokenObject; void *NewTokenObject;
TOKEN_GROUPS *Disabled; TOKEN_GROUPS *Disabled;
@ -1459,6 +1458,7 @@ _FX void *Token_RestrictHelper3(
BOOLEAN UserSidAlreadyInGroups = FALSE; BOOLEAN UserSidAlreadyInGroups = FALSE;
BOOLEAN AnonymousLogonSidAlreadyInGroups = FALSE; BOOLEAN AnonymousLogonSidAlreadyInGroups = FALSE;
// todo: should we do somethign with SandboxieLogonSid here? // todo: should we do somethign with SandboxieLogonSid here?
BOOLEAN KeepUserGroup = Conf_Get_Boolean(proc->box->name, L"KeepUserGroup", 0, FALSE);
n = 0; n = 0;
@ -1467,8 +1467,11 @@ _FX void *Token_RestrictHelper3(
if (Groups->Groups[i].Attributes & SE_GROUP_INTEGRITY) if (Groups->Groups[i].Attributes & SE_GROUP_INTEGRITY)
continue; continue;
if (RtlEqualSid(Groups->Groups[i].Sid, UserSid)) if (RtlEqualSid(Groups->Groups[i].Sid, UserSid)) {
if (KeepUserGroup)
continue;
UserSidAlreadyInGroups = TRUE; UserSidAlreadyInGroups = TRUE;
}
if (RtlEqualSid(Groups->Groups[i].Sid, AnonymousLogonSid)) if (RtlEqualSid(Groups->Groups[i].Sid, AnonymousLogonSid))
AnonymousLogonSidAlreadyInGroups = TRUE; AnonymousLogonSidAlreadyInGroups = TRUE;
@ -1482,7 +1485,7 @@ _FX void *Token_RestrictHelper3(
// append the user SID and the anonymous logon SID to the array // append the user SID and the anonymous logon SID to the array
// //
if (!UserSidAlreadyInGroups) { if (!UserSidAlreadyInGroups && !KeepUserGroup) {
Disabled->Groups[n].Sid = UserSid; Disabled->Groups[n].Sid = UserSid;
Disabled->Groups[n].Attributes = 0; Disabled->Groups[n].Attributes = 0;
@ -1529,7 +1532,7 @@ _FX void *Token_RestrictHelper3(
if (!NT_SUCCESS(status)) { if (!NT_SUCCESS(status)) {
NewTokenObject = NULL; NewTokenObject = NULL;
Log_Status_Ex_Session(MSG_1222, 0x33, status, NULL, SessionId); Log_Status_Ex_Session(MSG_1222, 0x33, status, NULL, proc->box->session_id);
} }
} }

View File

@ -3385,6 +3385,10 @@ RpcPortBinding=kernel32.dll,'0497b57d-2e66-424f-a0c6-157cd5d41700@ncalrpc:',Reso
RpcPortBindingIfId=AppInfo,{0497b57d-2e66-424f-a0c6-157cd5d41700} RpcPortBindingIfId=AppInfo,{0497b57d-2e66-424f-a0c6-157cd5d41700}
#RpcPortBindingSvc=AppInfo,appinfo #RpcPortBindingSvc=AppInfo,appinfo
# AppInfo for Store Apps
RpcPortBinding=apisethost.appexecutionalias.dll,'0497b57d-2e66-424f-a0c6-157cd5d41700@ncalrpc:',Resolve=AppInfo,TimeOut=n
# RpcMgmtSetComTimeout presets # RpcMgmtSetComTimeout presets
UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y
UseRpcMgmtSetComTimeout=WINNSI.DLL,n UseRpcMgmtSetComTimeout=WINNSI.DLL,n

View File

@ -748,6 +748,10 @@ Remove command from command history
Select the sandbox in which to start the program or document. Select the sandbox in which to start the program or document.
. .
3107;txt;01
Type the name, or path to a program to open the following file with in the current sandbox:
.
3111;txt;01 3111;txt;01
Sandboxie Start Menu - %2 %0 Sandboxie Start Menu - %2 %0
. .

View File

@ -993,7 +993,7 @@ QString CSbieAPI::GetUserSection(QString* pUserName, bool* pIsAdmin) const
return UserSection; return UserSection;
} }
SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, bool Elevated, const QString& WorkingDir) SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, bool Elevated, const QString& WorkingDir, QProcess* pProcess)
{ {
if (m_SbiePath.isEmpty()) if (m_SbiePath.isEmpty())
return SB_ERR(SB_PathFail); return SB_ERR(SB_PathFail);
@ -1010,13 +1010,23 @@ SB_STATUS CSbieAPI::RunStart(const QString& BoxName, const QString& Command, boo
//wchar_t sysPath[MAX_PATH]; //wchar_t sysPath[MAX_PATH];
//GetSystemDirectoryW(sysPath, MAX_PATH); //GetSystemDirectoryW(sysPath, MAX_PATH);
QProcess process; if (pProcess) {
//process.setWorkingDirectory(QString::fromWCharArray(sysPath)); //pProcess->setWorkingDirectory(QString::fromWCharArray(sysPath));
if (!WorkingDir.isEmpty()) if (!WorkingDir.isEmpty())
process.setWorkingDirectory(WorkingDir); pProcess->setWorkingDirectory(WorkingDir);
process.setProgram(GetStartPath()); pProcess->setProgram(GetStartPath());
process.setNativeArguments(StartArgs); pProcess->setNativeArguments(StartArgs);
process.startDetached(); pProcess->start();
}
else {
QProcess process;
//process.setWorkingDirectory(QString::fromWCharArray(sysPath));
if (!WorkingDir.isEmpty())
process.setWorkingDirectory(WorkingDir);
process.setProgram(GetStartPath());
process.setNativeArguments(StartArgs);
process.startDetached();
}
/* /*
QString CommandLine = "\"" + GetStartPath() + "\" " + StartArgs; QString CommandLine = "\"" + GetStartPath() + "\" " + StartArgs;

View File

@ -131,7 +131,7 @@ public:
// Other // Other
virtual QString GetSbieMsgStr(quint32 code, quint32 Lang = 1033); virtual QString GetSbieMsgStr(quint32 code, quint32 Lang = 1033);
virtual SB_STATUS RunStart(const QString& BoxName, const QString& Command, bool Elevated = false, const QString& WorkingDir = QString()); virtual SB_STATUS RunStart(const QString& BoxName, const QString& Command, bool Elevated = false, const QString& WorkingDir = QString(), QProcess* pProcess = NULL);
virtual QString GetStartPath() const; virtual QString GetStartPath() const;
virtual quint32 GetSessionID() const; virtual quint32 GetSessionID() const;

View File

@ -347,7 +347,7 @@ bool CSbieUtils::GetStartMenuShortcut(CSbieAPI* pApi, QString &BoxName, QString
QString Command = "start_menu:" + QString::fromWCharArray(MapName); QString Command = "start_menu:" + QString::fromWCharArray(MapName);
if (!LinkPath.isEmpty()) if (!LinkPath.isEmpty())
Command += ":" + LinkPath; Command += ":" + LinkPath;
pApi->RunStart(BoxName, Command, &Process); pApi->RunStart(BoxName, Command, false, QString(), &Process);
//Process.waitForFinished(-1); //Process.waitForFinished(-1);
while(Process.state() != QProcess::NotRunning) while(Process.state() != QProcess::NotRunning)
QCoreApplication::processEvents(); // keep UI responsive QCoreApplication::processEvents(); // keep UI responsive

View File

@ -163,8 +163,10 @@ bool CSandBoxPlus::CheckUnsecureConfig() const
if (GetBool("OriginalToken", false)) return true; if (GetBool("OriginalToken", false)) return true;
if (GetBool("OpenToken", false)) return true; if (GetBool("OpenToken", false)) return true;
if(GetBool("UnrestrictedToken", false)) return true; if(GetBool("UnrestrictedToken", false)) return true;
if (!GetBool("AnonymousLogon", true)) return true;
if (GetBool("KeepTokenIntegrity", false)) return true; if (GetBool("KeepTokenIntegrity", false)) return true;
if (GetBool("UnstrippedToken", false)) return true;
if (GetBool("KeepUserGroup", false)) return true;
if (!GetBool("AnonymousLogon", true)) return true;
if(GetBool("UnfilteredToken", false)) return true; if(GetBool("UnfilteredToken", false)) return true;
if (GetBool("DisableFileFilter", false)) return true; if (GetBool("DisableFileFilter", false)) return true;
if (GetBool("DisableKeyFilter", false)) return true; if (GetBool("DisableKeyFilter", false)) return true;

View File

@ -65,7 +65,7 @@ void COptionsWindow::LoadAdvanced()
{ {
ui.chkPreferExternalManifest->setChecked(m_pBox->GetBool("PreferExternalManifest", false)); ui.chkPreferExternalManifest->setChecked(m_pBox->GetBool("PreferExternalManifest", false));
ui.chkNestedJobs->setChecked(m_pBox->GetBool("AllowBoxedJobs", false)); ui.chkNestedJobs->setChecked(m_pBox->GetBool("AllowBoxedJobs", false));
ui.chkUseSbieWndStation->setChecked(m_pBox->GetBool("UseSbieWndStation", false)); ui.chkUseSbieWndStation->setChecked(m_pBox->GetBool("UseSbieWndStation", true));
ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false)); ui.chkAddToJob->setChecked(!m_pBox->GetBool("NoAddProcessToJob", false));
ui.chkProtectSCM->setChecked(!m_pBox->GetBool("UnrestrictedSCM", false)); ui.chkProtectSCM->setChecked(!m_pBox->GetBool("UnrestrictedSCM", false));
@ -130,7 +130,7 @@ void COptionsWindow::LoadAdvanced()
void COptionsWindow::SaveAdvanced() void COptionsWindow::SaveAdvanced()
{ {
WriteAdvancedCheck(ui.chkPreferExternalManifest, "PreferExternalManifest", "y", ""); WriteAdvancedCheck(ui.chkPreferExternalManifest, "PreferExternalManifest", "y", "");
WriteAdvancedCheck(ui.chkUseSbieWndStation, "UseSbieWndStation", "y", ""); WriteAdvancedCheck(ui.chkUseSbieWndStation, "UseSbieWndStation", "", "n");
WriteAdvancedCheck(ui.chkAddToJob, "NoAddProcessToJob", "", "y"); WriteAdvancedCheck(ui.chkAddToJob, "NoAddProcessToJob", "", "y");
WriteAdvancedCheck(ui.chkProtectSCM, "UnrestrictedSCM", "", "y"); WriteAdvancedCheck(ui.chkProtectSCM, "UnrestrictedSCM", "", "y");
@ -242,10 +242,14 @@ void COptionsWindow::OnOpenCOM()
{ {
if (ui.chkOpenCOM->isChecked()) { if (ui.chkOpenCOM->isChecked()) {
SetAccessEntry(eIPC, "", eOpen, "\\RPC Control\\epmapper"); SetAccessEntry(eIPC, "", eOpen, "\\RPC Control\\epmapper");
SetAccessEntry(eIPC, "", eOpen, "\\RPC Control\\LRPC*");
SetAccessEntry(eIPC, "", eOpen, "\\RPC Control\\OLE*");
SetAccessEntry(eIPC, "", eOpen, "*\\BaseNamedObjects*\\__ComCatalogCache__"); SetAccessEntry(eIPC, "", eOpen, "*\\BaseNamedObjects*\\__ComCatalogCache__");
} }
else { else {
DelAccessEntry(eIPC, "", eOpen, "\\RPC Control\\epmapper"); DelAccessEntry(eIPC, "", eOpen, "\\RPC Control\\epmapper");
DelAccessEntry(eIPC, "", eOpen, "\\RPC Control\\LRPC*");
DelAccessEntry(eIPC, "", eOpen, "\\RPC Control\\OLE*");
DelAccessEntry(eIPC, "", eOpen, "*\\BaseNamedObjects*\\__ComCatalogCache__"); DelAccessEntry(eIPC, "", eOpen, "*\\BaseNamedObjects*\\__ComCatalogCache__");
} }
} }
@ -399,6 +403,8 @@ void COptionsWindow::CreateDebug()
QString Info = DbgOption.Name + "=" + DbgOption.Value; QString Info = DbgOption.Name + "=" + DbgOption.Value;
QCheckBox* pCheck = new QCheckBox(tr("%1 (%2)").arg(Description).arg(Info)); QCheckBox* pCheck = new QCheckBox(tr("%1 (%2)").arg(Description).arg(Info));
if (ValueDescr.size() >= 2 && ValueDescr[1] == "x")
pCheck->setDisabled(true);
//pCheck->setToolTip(Info); //pCheck->setToolTip(Info);
ui.dbgLayout->addWidget(pCheck, RowCount++, Column, 1, 10-Column); ui.dbgLayout->addWidget(pCheck, RowCount++, Column, 1, 10-Column);
@ -439,4 +445,4 @@ void COptionsWindow::SaveDebug()
WriteAdvancedCheck(pCheck, DbgOption.Name, DbgOption.Value); WriteAdvancedCheck(pCheck, DbgOption.Name, DbgOption.Value);
DbgOption.Changed = false; DbgOption.Changed = false;
} }
} }

View File

@ -83,7 +83,7 @@ CRecoveryWindow::CRecoveryWindow(const CSandBoxPtr& pBox, QWidget *parent)
//connect(ui.treeFiles, SIGNAL(clicked(const QModelIndex&)), this, SLOT(UpdateSnapshot(const QModelIndex&))); //connect(ui.treeFiles, SIGNAL(clicked(const QModelIndex&)), this, SLOT(UpdateSnapshot(const QModelIndex&)));
//connect(ui.treeFiles->selectionModel(), SIGNAL(currentChanged(QModelIndex, QModelIndex)), this, SLOT(UpdateSnapshot(const QModelIndex&))); //connect(ui.treeFiles->selectionModel(), SIGNAL(currentChanged(QModelIndex, QModelIndex)), this, SLOT(UpdateSnapshot(const QModelIndex&)));
//connect(ui.treeFiles, SIGNAL(doubleClicked(const QModelIndex&)), this, SLOT(OnSelectSnapshot())); connect(ui.treeFiles, SIGNAL(doubleClicked(const QModelIndex&)), this, SLOT(OnRecover()));
connect(ui.btnAddFolder, SIGNAL(clicked(bool)), this, SLOT(OnAddFolder())); connect(ui.btnAddFolder, SIGNAL(clicked(bool)), this, SLOT(OnAddFolder()));
connect(ui.chkShowAll, SIGNAL(clicked(bool)), this, SLOT(FindFiles())); connect(ui.chkShowAll, SIGNAL(clicked(bool)), this, SLOT(FindFiles()));

View File

@ -2,7 +2,7 @@
#define VERSION_MJR 1 #define VERSION_MJR 1
#define VERSION_MIN 0 #define VERSION_MIN 0
#define VERSION_REV 5 #define VERSION_REV 6
#define VERSION_UPD 0 #define VERSION_UPD 0
#ifndef STR #ifndef STR