This build fixes again a few security issues, as well as brings some new functionality and expands on the tracing features.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
You can support the project through donations, any help will be greatly appreciated.
ChangeLog
Added
- sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
- the trace log buffer can now be adjusted with "TraceBufferPages=2560"
-- the value denotes the count of 4k large pages to be used, here for a total of 10 MB - new functionality to the list finder
- Enchanced RpcMgmtSetComTimeout handing with "UseRpcMgmtSetComTimeout=some.dll,n"
-- this option allows to specify for each individual dll if RpcMgmtSetComTimeout should be used or not
-- this setting takes precedence over hard coded and per process presets
-- "UseRpcMgmtSetComTimeout=some.dll" and "UseRpcMgmtSetComTimeout=some.dll,y" are equivalent - Added "FakeAdminRights=y" option that makes processes in a given box think thay have admin permissions
-- this option is recomended to be used in combination with "DropAdminRights=y" to improve securits
-- With "FakeAdminRights=y" and "DropAdminRights=y" installers should still work - added RPC support for SSDP API (the Simple Service Discovery Protocol), Enable with "OpenUPnP=y"
Changed
- improved RPC debugging
- improved IPC handling around RpcMgmtSetComTimeout
-- required exceptions have been hard coded for specific calling dll's - the LogApi dll is now using Sbies tracing facility to logg events instead of an own pipe server
- SbieCrypto no longer triggers message 1313
- changed enum process API now more (no limit) than 511 proceses per box can be enumerated
- Reorganized box settings a bit
- Made COM tracing more verbose
Fixed
- FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
- fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
- fixed issue with resource monitor sort by timestamp
- FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain a elevated rights handle to a process (thanks typpos)
- FIXED SECURITY ISSUE: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421)
-- this allowed elevated processes to change passwords, delete users and alike, to disable filtering use "OpenSamEndpoint=y" - FIXED SECURITY ISSUE: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421)
-- this allowed elevated processes to change hardware configuration, to disable filtering use "OpenDevCMApi=y" - fixed issues with webcam access when the DevCMApi filtering is in place
- fixed issue with free download manager for 'AppXDeploymentClient.dll' RpcMgmtSetComTimeout=y is used
- fixed not all WinRM files were blocked by the driver, with "BlockWinRM=n" this file block can be disabled