From fd84d426acd508466b3aa6f7db31d2eced0cb2f8 Mon Sep 17 00:00:00 2001 From: DavidXanatos <3890945+DavidXanatos@users.noreply.github.com> Date: Sat, 4 Feb 2023 14:26:14 +0100 Subject: [PATCH] 1.7.2 --- CHANGELOG.md | 5 +++-- Sandboxie/core/drv/file.c | 29 +++++++++++++++---------- Sandboxie/core/drv/ipc.c | 9 +------- Sandboxie/core/drv/key.c | 10 +++++---- SandboxiePlus/QSbieAPI/Helpers/NtIO.cpp | 24 ++++++++++---------- 5 files changed, 41 insertions(+), 36 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6a00f660..a8d39412 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,10 +14,11 @@ This project adheres to [Semantic Versioning](http://semver.org/). ### Fixed - fixed delete v1/v2 display now respects global presets -- Avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660) +- avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660) - fixed issue with QtSingleApp [#2659](https://github.com/sandboxie-plus/Sandboxie/issues/2659) - fixed updater sometimes failing to create temp dir [#2615](https://github.com/sandboxie-plus/Sandboxie/issues/2615) -- fixed issue with snapshot removal [2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663) +- fixed issue with snapshot removal [#2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663) +- fixed issue with symbolicl inks [#2606](https://github.com/sandboxie-plus/Sandboxie/issues/2606) diff --git a/Sandboxie/core/drv/file.c b/Sandboxie/core/drv/file.c index 0e211e2f..0550e778 100644 --- a/Sandboxie/core/drv/file.c +++ b/Sandboxie/core/drv/file.c @@ -556,7 +556,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, LIST *open_file_paths, LIST *closed_file_paths, LIST *read_file_paths, LIST *write_file_paths) { - static const WCHAR *_PstPipe = L"\\Device\\NamedPipe\\protected_storage"; #ifdef USE_MATCH_PATH_EX static const WCHAR *_NormalPath = L"NormalFilePath"; #endif @@ -731,6 +730,10 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, if (ok && Conf_Get_Boolean( proc->box->name, Driver_OpenProtectedStorage, 0, FALSE)) { + + static const WCHAR *_PstPipe = + L"\\Device\\NamedPipe\\protected_storage"; + ok = Process_AddPath( proc, open_file_paths, NULL, TRUE, _PstPipe, FALSE); } @@ -740,7 +743,7 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, proc, open_file_paths, NULL, TRUE, openpipes[i], FALSE); } - if (proc->bAppCompartment) { + if (ok && proc->bAppCompartment) { for (i = 0; openPipesCM[i] && ok; ++i) { ok = Process_AddPath( proc, open_file_paths, NULL, TRUE, openPipesCM[i], FALSE); @@ -851,14 +854,13 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, } } - #ifdef USE_MATCH_PATH_EX // // setup access restrictions to \Device\ // - if (proc->restrict_devices) { + if (ok && proc->restrict_devices) { // // many 3rd party drivers are a great attack vector to gain execution in the kernel, @@ -872,10 +874,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, ok = Process_AddPath( proc, normal_file_paths, NULL, FALSE, approved_devices[i], FALSE); } - if (ok && !proc->file_block_network_files) { - ok = Process_AddPath( - proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE); - } } if (ok && !proc->use_privacy_mode) { // when not in privacy mode we need to set drive paths to "normal" @@ -885,13 +883,22 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc, } } - if (! ok) { - Log_MsgP1(MSG_INIT_PATHS, Driver_Empty, proc->pid); - return FALSE; + if (ok && !proc->file_block_network_files) { + ok = Process_AddPath( + proc, normal_file_paths, NULL, FALSE, File_Redirector, TRUE); + if (ok) { + ok = Process_AddPath( + proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE); + } } } #endif + if (! ok) { + Log_MsgP1(MSG_INIT_PATHS, Driver_Empty, proc->pid); + return FALSE; + } + // // if this is a Sandboxie program (like SandboxieRpcSs), don't allow // the Windows compatibility (shim) DLLs to be loaded diff --git a/Sandboxie/core/drv/ipc.c b/Sandboxie/core/drv/ipc.c index 137e3177..dcd8efec 100644 --- a/Sandboxie/core/drv/ipc.c +++ b/Sandboxie/core/drv/ipc.c @@ -440,6 +440,7 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc) L"*\\BaseNamedObjects*\\ShimCacheMutex", L"*\\BaseNamedObjects*\\ShimSharedMemory", L"*\\BaseNamedObjects*\\SHIMLIB_LOG_MUTEX", + L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome", L"\\Security\\LSA_AUTHENTICATION_INITIALIZED", L"\\LsaAuthenticationPort", L"\\NlsCacheMutant", @@ -638,7 +639,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc) ok = Process_GetPaths(proc, &proc->normal_ipc_paths, _NormalPath, FALSE); //if (ok && proc->use_privacy_mode) { - // // for (i = 0; normalpaths[i] && ok; ++i) { // ok = Process_AddPath(proc, &proc->normal_ipc_paths, NULL, // TRUE, normalpaths[i], FALSE); @@ -732,13 +732,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc) } } - if (ok) { - static const WCHAR *_ReturnToWelcome = - L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome"; - ok = Process_AddPath(proc, &proc->open_ipc_paths, NULL, - FALSE, _ReturnToWelcome, FALSE); - } - if (! ok) { Log_MsgP1(MSG_INIT_PATHS, _OpenPath, proc->pid); return FALSE; diff --git a/Sandboxie/core/drv/key.c b/Sandboxie/core/drv/key.c index e992de55..66f24445 100644 --- a/Sandboxie/core/drv/key.c +++ b/Sandboxie/core/drv/key.c @@ -271,10 +271,6 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc) // ok = Process_GetPaths(proc, &proc->normal_key_paths, _NormalPath, TRUE); - if (! ok) { - Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid); - return FALSE; - } if (ok && proc->use_privacy_mode) { for (i = 0; normalpaths[i] && ok; ++i) { @@ -314,6 +310,11 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc) proc, &proc->open_key_paths, NULL, TRUE, openkeys[i], FALSE); } + if (! ok) { + Log_MsgP1(MSG_INIT_PATHS, _OpenConf, proc->pid); + return FALSE; + } + // // closed paths // @@ -360,6 +361,7 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc) proc, &proc->closed_key_paths, _WritePath, TRUE); } #endif + if (! ok) { Log_MsgP1(MSG_INIT_PATHS, _WritePath, proc->pid); return FALSE; diff --git a/SandboxiePlus/QSbieAPI/Helpers/NtIO.cpp b/SandboxiePlus/QSbieAPI/Helpers/NtIO.cpp index d512aafa..da15a3d8 100644 --- a/SandboxiePlus/QSbieAPI/Helpers/NtIO.cpp +++ b/SandboxiePlus/QSbieAPI/Helpers/NtIO.cpp @@ -82,10 +82,15 @@ NTSTATUS NtIo_RemoveJunction(POBJECT_ATTRIBUTES objattrs) status = NtCreateFile(&Handle, GENERIC_WRITE | DELETE, objattrs, &Iosb, 0, 0, FILE_SHARE_READ, FILE_OPEN, FILE_FLAG_OPEN_REPARSE_POINT, 0, 0); // 0x40100080, , , , , 0x00204020 if (NT_SUCCESS(status)) { - REPARSE_DATA_MOUNT_POINT ReparseData = { 0 }; - ReparseData.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT; - ReparseData.ReparseDataLength = 0; - status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_DELETE_REPARSE_POINT, &ReparseData, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE, NULL, 0); + REPARSE_DATA_MOUNT_POINT ReparseBuffer = { 0 }; + status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_GET_REPARSE_POINT, NULL, 0, &ReparseBuffer, sizeof(ReparseBuffer)); + if (NT_SUCCESS(status)) + { + REPARSE_GUID_DATA_BUFFER ReparseData = { 0 }; + ReparseData.ReparseTag = ReparseBuffer.ReparseTag; + ReparseData.ReparseDataLength = 0; + status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_DELETE_REPARSE_POINT, &ReparseData, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE, NULL, 0); + } NtClose(Handle); } @@ -145,13 +150,10 @@ NTSTATUS NtIo_DeleteFolderRecursivelyImpl(POBJECT_ATTRIBUTES objattrs, bool (*cb if (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM)) NtIo_RemoveProblematicAttributes(&ntFoundObject.attr); - if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY) - { - if (FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) - status = NtIo_RemoveJunction(&ntFoundObject.attr); - else - status = NtIo_DeleteFolderRecursivelyImpl(&ntFoundObject.attr, cb, param); - } + if (FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) + status = NtIo_RemoveJunction(&ntFoundObject.attr); + else if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY) + status = NtIo_DeleteFolderRecursivelyImpl(&ntFoundObject.attr, cb, param); if (NT_SUCCESS(status)) status = NtDeleteFile(&ntFoundObject.attr);