This commit is contained in:
DavidXanatos 2023-02-04 14:26:14 +01:00
parent 92b767ccae
commit fd84d426ac
5 changed files with 41 additions and 36 deletions

View File

@ -14,10 +14,11 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Fixed
- fixed delete v1/v2 display now respects global presets
- Avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660)
- avoid blocking the Explorer when dragging [#2660](https://github.com/sandboxie-plus/Sandboxie/pull/2660)
- fixed issue with QtSingleApp [#2659](https://github.com/sandboxie-plus/Sandboxie/issues/2659)
- fixed updater sometimes failing to create temp dir [#2615](https://github.com/sandboxie-plus/Sandboxie/issues/2615)
- fixed issue with snapshot removal [2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663)
- fixed issue with snapshot removal [#2663](https://github.com/sandboxie-plus/Sandboxie/issues/2663)
- fixed issue with symbolicl inks [#2606](https://github.com/sandboxie-plus/Sandboxie/issues/2606)

View File

@ -556,7 +556,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
LIST *open_file_paths, LIST *closed_file_paths,
LIST *read_file_paths, LIST *write_file_paths)
{
static const WCHAR *_PstPipe = L"\\Device\\NamedPipe\\protected_storage";
#ifdef USE_MATCH_PATH_EX
static const WCHAR *_NormalPath = L"NormalFilePath";
#endif
@ -731,6 +730,10 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
if (ok && Conf_Get_Boolean(
proc->box->name, Driver_OpenProtectedStorage, 0, FALSE)) {
static const WCHAR *_PstPipe =
L"\\Device\\NamedPipe\\protected_storage";
ok = Process_AddPath(
proc, open_file_paths, NULL, TRUE, _PstPipe, FALSE);
}
@ -740,7 +743,7 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
proc, open_file_paths, NULL, TRUE, openpipes[i], FALSE);
}
if (proc->bAppCompartment) {
if (ok && proc->bAppCompartment) {
for (i = 0; openPipesCM[i] && ok; ++i) {
ok = Process_AddPath(
proc, open_file_paths, NULL, TRUE, openPipesCM[i], FALSE);
@ -851,14 +854,13 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
}
}
#ifdef USE_MATCH_PATH_EX
//
// setup access restrictions to \Device\
//
if (proc->restrict_devices) {
if (ok && proc->restrict_devices) {
//
// many 3rd party drivers are a great attack vector to gain execution in the kernel,
@ -872,10 +874,6 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, approved_devices[i], FALSE);
}
if (ok && !proc->file_block_network_files) {
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE);
}
}
if (ok && !proc->use_privacy_mode) { // when not in privacy mode we need to set drive paths to "normal"
@ -885,12 +883,21 @@ _FX BOOLEAN File_InitPaths(PROCESS *proc,
}
}
if (ok && !proc->file_block_network_files) {
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, File_Redirector, TRUE);
if (ok) {
ok = Process_AddPath(
proc, normal_file_paths, NULL, FALSE, File_Mup, TRUE);
}
}
}
#endif
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, Driver_Empty, proc->pid);
return FALSE;
}
}
#endif
//
// if this is a Sandboxie program (like SandboxieRpcSs), don't allow

View File

@ -440,6 +440,7 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
L"*\\BaseNamedObjects*\\ShimCacheMutex",
L"*\\BaseNamedObjects*\\ShimSharedMemory",
L"*\\BaseNamedObjects*\\SHIMLIB_LOG_MUTEX",
L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome",
L"\\Security\\LSA_AUTHENTICATION_INITIALIZED",
L"\\LsaAuthenticationPort",
L"\\NlsCacheMutant",
@ -638,7 +639,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
ok = Process_GetPaths(proc, &proc->normal_ipc_paths, _NormalPath, FALSE);
//if (ok && proc->use_privacy_mode) {
//
// for (i = 0; normalpaths[i] && ok; ++i) {
// ok = Process_AddPath(proc, &proc->normal_ipc_paths, NULL,
// TRUE, normalpaths[i], FALSE);
@ -732,13 +732,6 @@ _FX BOOLEAN Ipc_InitPaths(PROCESS* proc)
}
}
if (ok) {
static const WCHAR *_ReturnToWelcome =
L"*\\BaseNamedObjects*\\msgina: ReturnToWelcome";
ok = Process_AddPath(proc, &proc->open_ipc_paths, NULL,
FALSE, _ReturnToWelcome, FALSE);
}
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _OpenPath, proc->pid);
return FALSE;

View File

@ -271,10 +271,6 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
//
ok = Process_GetPaths(proc, &proc->normal_key_paths, _NormalPath, TRUE);
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _NormalPath, proc->pid);
return FALSE;
}
if (ok && proc->use_privacy_mode) {
for (i = 0; normalpaths[i] && ok; ++i) {
@ -314,6 +310,11 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
proc, &proc->open_key_paths, NULL, TRUE, openkeys[i], FALSE);
}
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _OpenConf, proc->pid);
return FALSE;
}
//
// closed paths
//
@ -360,6 +361,7 @@ _FX BOOLEAN Key_InitProcess(PROCESS *proc)
proc, &proc->closed_key_paths, _WritePath, TRUE);
}
#endif
if (! ok) {
Log_MsgP1(MSG_INIT_PATHS, _WritePath, proc->pid);
return FALSE;

View File

@ -82,10 +82,15 @@ NTSTATUS NtIo_RemoveJunction(POBJECT_ATTRIBUTES objattrs)
status = NtCreateFile(&Handle, GENERIC_WRITE | DELETE, objattrs, &Iosb, 0, 0, FILE_SHARE_READ, FILE_OPEN, FILE_FLAG_OPEN_REPARSE_POINT, 0, 0); // 0x40100080, , , , , 0x00204020
if (NT_SUCCESS(status))
{
REPARSE_DATA_MOUNT_POINT ReparseData = { 0 };
ReparseData.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
REPARSE_DATA_MOUNT_POINT ReparseBuffer = { 0 };
status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_GET_REPARSE_POINT, NULL, 0, &ReparseBuffer, sizeof(ReparseBuffer));
if (NT_SUCCESS(status))
{
REPARSE_GUID_DATA_BUFFER ReparseData = { 0 };
ReparseData.ReparseTag = ReparseBuffer.ReparseTag;
ReparseData.ReparseDataLength = 0;
status = NtFsControlFile(Handle, NULL, NULL, NULL, &Iosb, FSCTL_DELETE_REPARSE_POINT, &ReparseData, REPARSE_GUID_DATA_BUFFER_HEADER_SIZE, NULL, 0);
}
NtClose(Handle);
}
@ -145,13 +150,10 @@ NTSTATUS NtIo_DeleteFolderRecursivelyImpl(POBJECT_ATTRIBUTES objattrs, bool (*cb
if (FileAttributes & (FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM))
NtIo_RemoveProblematicAttributes(&ntFoundObject.attr);
if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
{
if (FileAttributes & FILE_ATTRIBUTE_REPARSE_POINT)
status = NtIo_RemoveJunction(&ntFoundObject.attr);
else
else if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
status = NtIo_DeleteFolderRecursivelyImpl(&ntFoundObject.attr, cb, param);
}
if (NT_SUCCESS(status))
status = NtDeleteFile(&ntFoundObject.attr);