This commit is contained in:
DavidXanatos 2023-02-04 14:26:14 +01:00
parent 92b767ccae
commit fd84d426ac
5 changed files with 41 additions and 36 deletions

View File

@ -14,10 +14,11 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Fixed ### Fixed
- fixed delete v1/v2 display now respects global presets - fixed delete v1/v2 display now respects global presets
- Avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660) - avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660)
- fixed issue with QtSingleApp [#2659](https://github.com/sandboxie-plus/Sandboxie/issues/2659) - fixed issue with QtSingleApp [#2659](https://github.com/sandboxie-plus/Sandboxie/issues/2659)
- fixed updater sometimes failing to create temp dir [#2615](https://github.com/sandboxie-plus/Sandboxie/issues/2615) - fixed updater sometimes failing to create temp dir [#2615](https://github.com/sandboxie-plus/Sandboxie/issues/2615)
- fixed issue with snapshot removal [2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663) - fixed issue with snapshot removal [#2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663)
- fixed issue with symbolicl inks [#2606](https://github.com/sandboxie-plus/Sandboxie/issues/2606)

View File

@ -556,7 +556,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
LIST *open_file_paths, LIST *closed_file_paths, LIST *open_file_paths, LIST *closed_file_paths,
LIST *read_file_paths, LIST *write_file_paths) LIST *read_file_paths, LIST *write_file_paths)
{ {
static const WCHAR *_PstPipe = L"\\Device\\NamedPipe\\protected_storage";
#ifdef USE_MATCH_PATH_EX #ifdef USE_MATCH_PATH_EX
static const WCHAR *_NormalPath = L"NormalFilePath"; static const WCHAR *_NormalPath = L"NormalFilePath";
#endif #endif
@ -731,6 +730,10 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
if (ok && Conf_Get_Boolean( if (ok && Conf_Get_Boolean(
proc->box->name, Driver_OpenProtectedStorage, 0, FALSE)) { proc->box->name, Driver_OpenProtectedStorage, 0, FALSE)) {
static const WCHAR *_PstPipe =
L"\\Device\\NamedPipe\\protected_storage";
ok = Process_AddPath( ok = Process_AddPath(
proc, open_file_paths, NULL, TRUE, _PstPipe, FALSE); proc, open_file_paths, NULL, TRUE, _PstPipe, FALSE);
} }
@ -740,7 +743,7 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
proc, open_file_paths, NULL, TRUE, openpipes[i], FALSE); proc, open_file_paths, NULL, TRUE, openpipes[i], FALSE);
} }
if (proc->bAppCompartment) { if (ok && proc->bAppCompartment) {
for (i = 0; openPipesCM[i] && ok; ++i) { for (i = 0; openPipesCM[i] && ok; ++i) {
ok = Process_AddPath( ok = Process_AddPath(
proc, open_file_paths, NULL, TRUE, openPipesCM[i], FALSE); proc, open_file_paths, NULL, TRUE, openPipesCM[i], FALSE);
@ -851,14 +854,13 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
} }
} }
#ifdef USE_MATCH_PATH_EX #ifdef USE_MATCH_PATH_EX
// //
// setup access restrictions to \Device\ // setup access restrictions to \Device\
// //
if (proc->restrict_devices) { if (ok && proc->restrict_devices) {
// //
// many 3rd party drivers are a great attack vector to gain execution in the kernel, // many 3rd party drivers are a great attack vector to gain execution in the kernel,
@ -872,10 +874,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
ok = Process_AddPath( ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, approved_devices[i], FALSE); proc, normal_file_paths, NULL, FALSE, approved_devices[i], FALSE);
} }
if (ok && !proc->file_block_network_files) {
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE);
}
} }
if (ok && !proc->use_privacy_mode) { // when not in privacy mode we need to set drive paths to "normal" if (ok && !proc->use_privacy_mode) { // when not in privacy mode we need to set drive paths to "normal"
@ -885,13 +883,22 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
} }
} }
if (! ok) { if (ok && !proc->file_block_network_files) {
Log_MsgP1(MSG_INIT_PATHS, Driver_Empty, proc->pid); ok = Process_AddPath(
return FALSE; proc, normal_file_paths, NULL, FALSE, File_Redirector, TRUE);
if (ok) {
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE);
}
} }
} }
#endif #endif
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, Driver_Empty, proc->pid);
return FALSE;
}
// //
// if this is a Sandboxie program (like SandboxieRpcSs), don't allow // if this is a Sandboxie program (like SandboxieRpcSs), don't allow
// the Windows compatibility (shim) DLLs to be loaded // the Windows compatibility (shim) DLLs to be loaded

View File

@ -440,6 +440,7 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
L"*\\BaseNamedObjects*\\ShimCacheMutex", L"*\\BaseNamedObjects*\\ShimCacheMutex",
L"*\\BaseNamedObjects*\\ShimSharedMemory", L"*\\BaseNamedObjects*\\ShimSharedMemory",
L"*\\BaseNamedObjects*\\SHIMLIB_LOG_MUTEX", L"*\\BaseNamedObjects*\\SHIMLIB_LOG_MUTEX",
L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome",
L"\\Security\\LSA_AUTHENTICATION_INITIALIZED", L"\\Security\\LSA_AUTHENTICATION_INITIALIZED",
L"\\LsaAuthenticationPort", L"\\LsaAuthenticationPort",
L"\\NlsCacheMutant", L"\\NlsCacheMutant",
@ -638,7 +639,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
ok = Process_GetPaths(proc, &proc->normal_ipc_paths, _NormalPath, FALSE); ok = Process_GetPaths(proc, &proc->normal_ipc_paths, _NormalPath, FALSE);
//if (ok && proc->use_privacy_mode) { //if (ok && proc->use_privacy_mode) {
//
// for (i = 0; normalpaths[i] && ok; ++i) { // for (i = 0; normalpaths[i] && ok; ++i) {
// ok = Process_AddPath(proc, &proc->normal_ipc_paths, NULL, // ok = Process_AddPath(proc, &proc->normal_ipc_paths, NULL,
// TRUE, normalpaths[i], FALSE); // TRUE, normalpaths[i], FALSE);
@ -732,13 +732,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
} }
} }
if (ok) {
static const WCHAR *_ReturnToWelcome =
L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome";
ok = Process_AddPath(proc, &proc->open_ipc_paths, NULL,
FALSE, _ReturnToWelcome, FALSE);
}
if (! ok) { if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _OpenPath, proc->pid); Log_MsgP1(MSG_INIT_PATHS, _OpenPath, proc->pid);
return FALSE; return FALSE;

View File

@ -271,10 +271,6 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
// //
ok = Process_GetPaths(proc, &proc->normal_key_paths, _NormalPath, TRUE); ok = Process_GetPaths(proc, &proc->normal_key_paths, _NormalPath, TRUE);
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
return FALSE;
}
if (ok && proc->use_privacy_mode) { if (ok && proc->use_privacy_mode) {
for (i = 0; normalpaths[i] && ok; ++i) { for (i = 0; normalpaths[i] && ok; ++i) {
@ -314,6 +310,11 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
proc, &proc->open_key_paths, NULL, TRUE, openkeys[i], FALSE); proc, &proc->open_key_paths, NULL, TRUE, openkeys[i], FALSE);
} }
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _OpenConf, proc->pid);
return FALSE;
}
// //
// closed paths // closed paths
// //
@ -360,6 +361,7 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
proc, &proc->closed_key_paths, _WritePath, TRUE); proc, &proc->closed_key_paths, _WritePath, TRUE);
} }
#endif #endif
if (! ok) { if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _WritePath, proc->pid); Log_MsgP1(MSG_INIT_PATHS, _WritePath, proc->pid);
return FALSE; return FALSE;

View File

@ -82,10 +82,15 @@ NTSTATUS NtIo_RemoveJunction(POBJECT_ATTRIBUTES objattrs)
status = NtCreateFile(&Handle, GENERIC_WRITE | DELETE, objattrs, &Iosb, 0, 0, FILE_SHARE_READ, FILE_OPEN, FILE_FLAG_OPEN_REPARSE_POINT, 0, 0); // 0x40100080, , , , , 0x00204020 status = NtCreateFile(&Handle, GENERIC_WRITE | DELETE, objattrs, &Iosb, 0, 0, FILE_SHARE_READ, FILE_OPEN, FILE_FLAG_OPEN_REPARSE_POINT, 0, 0); // 0x40100080, , , , , 0x00204020
if (NT_SUCCESS(status)) if (NT_SUCCESS(status))
{ {
REPARSE_DATA_MOUNT_POINT ReparseData = { 0 }; REPARSE_DATA_MOUNT_POINT ReparseBuffer = { 0 };
ReparseData.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT; status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_GET_REPARSE_POINT, NULL, 0, &ReparseBuffer, sizeof(ReparseBuffer));
ReparseData.ReparseDataLength = 0; if (NT_SUCCESS(status))
status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_DELETE_REPARSE_POINT, &ReparseData, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE, NULL, 0); {
REPARSE_GUID_DATA_BUFFER ReparseData = { 0 };
ReparseData.ReparseTag = ReparseBuffer.ReparseTag;
ReparseData.ReparseDataLength = 0;
status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_DELETE_REPARSE_POINT, &ReparseData, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE, NULL, 0);
}
NtClose(Handle); NtClose(Handle);
} }
@ -145,13 +150,10 @@ NTSTATUS NtIo_DeleteFolderRecursivelyImpl(POBJECT_ATTRIBUTES objattrs, bool (*cb
if (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM)) if (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM))
NtIo_RemoveProblematicAttributes(&ntFoundObject.attr); NtIo_RemoveProblematicAttributes(&ntFoundObject.attr);
if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY) if (FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT)
{ status = NtIo_RemoveJunction(&ntFoundObject.attr);
if (FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) else if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
status = NtIo_RemoveJunction(&ntFoundObject.attr); status = NtIo_DeleteFolderRecursivelyImpl(&ntFoundObject.attr, cb, param);
else
status = NtIo_DeleteFolderRecursivelyImpl(&ntFoundObject.attr, cb, param);
}
if (NT_SUCCESS(status)) if (NT_SUCCESS(status))
status = NtDeleteFile(&ntFoundObject.attr); status = NtDeleteFile(&ntFoundObject.attr);