diff --git a/Sandboxie/core/dll/dllmain.c b/Sandboxie/core/dll/dllmain.c index 125cdb6b25..ac4e5e858a 100644 --- a/Sandboxie/core/dll/dllmain.c +++ b/Sandboxie/core/dll/dllmain.c @@ -581,57 +581,24 @@ _FX ULONG Dll_GetImageType(const WCHAR *ImageName) L"explorer.exe", (WCHAR *)DLL_IMAGE_SHELL_EXPLORER, L"rundll32.exe", (WCHAR *)DLL_IMAGE_RUNDLL32, L"dllhost.exe", (WCHAR *)DLL_IMAGE_DLLHOST, + L"ServiceModelReg.exe", (WCHAR *)DLL_IMAGE_SERVICE_MODEL_REG, L"iexplore.exe", (WCHAR *)DLL_IMAGE_INTERNET_EXPLORER, - L"firefox.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"waterfox.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"palemoon.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"basilisk.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"seamonkey.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"k-meleon.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - L"librewolf.exe", (WCHAR *)DLL_IMAGE_MOZILLA_FIREFOX, - - L"thunderbird.exe", (WCHAR *)DLL_IMAGE_MOZILLA_THUNDERBIRD, - L"wmplayer.exe", (WCHAR *)DLL_IMAGE_WINDOWS_MEDIA_PLAYER, L"winamp.exe", (WCHAR *)DLL_IMAGE_NULLSOFT_WINAMP, L"kmplayer.exe", (WCHAR *)DLL_IMAGE_PANDORA_KMPLAYER, L"wlmail.exe", (WCHAR *)DLL_IMAGE_WINDOWS_LIVE_MAIL, - L"ServiceModelReg.exe", (WCHAR *)DLL_IMAGE_SERVICE_MODEL_REG, L"wisptis.exe", (WCHAR *)DLL_IMAGE_WISPTIS, - L"iron.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"dragon.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"chrome.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"opera.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"neon.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"maxthon.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"vivaldi.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"brave.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, - L"browser.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, // Yandex Browser - L"msedge.exe", (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, // Modern Edge is Chromium-based L"GoogleUpdate.exe", (WCHAR *)DLL_IMAGE_GOOGLE_UPDATE, - L"PuffinSecureBrowser.exe", (WCHAR *)DLL_IMAGE_OTHER_WEB_BROWSER, - L"AcroRd32.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, L"Acrobat.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, L"plugin-container.exe", (WCHAR *)DLL_IMAGE_PLUGIN_CONTAINER, L"Outlook.exe", (WCHAR *)DLL_IMAGE_OFFICE_OUTLOOK, L"Excel.exe", (WCHAR *)DLL_IMAGE_OFFICE_EXCEL, - L"winmail.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"IncMail.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"eudora.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"thebat32.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"thebat64.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"Foxmail.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"Mailbird.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"MailClient.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"postbox.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - L"Inky.exe", (WCHAR *)DLL_IMAGE_OTHER_MAIL_CLIENT, - NULL, NULL }; diff --git a/Sandboxie/core/drv/conf.c b/Sandboxie/core/drv/conf.c index 421b272e91..7e2be6440b 100644 --- a/Sandboxie/core/drv/conf.c +++ b/Sandboxie/core/drv/conf.c @@ -167,6 +167,7 @@ static PERESOURCE Conf_Lock = NULL; static const WCHAR *Conf_GlobalSettings = L"GlobalSettings"; static const WCHAR *Conf_UserSettings_ = L"UserSettings_"; static const WCHAR *Conf_Template_ = L"Template_"; +static const WCHAR *Conf_DefaultTemplates = L"DefaultTemplates"; const WCHAR *Conf_TemplateSettings = L"TemplateSettings"; static const WCHAR *Conf_Template = L"Template"; @@ -711,6 +712,40 @@ _FX NTSTATUS Conf_Read_Line(STREAM *stream, WCHAR *line, int *linenum) } +//--------------------------------------------------------------------------- +// Conf_Get_Section +//--------------------------------------------------------------------------- + + +_FX CONF_SECTION* Conf_Get_Section( + CONF_DATA* data, const WCHAR* section_name) +{ +#ifdef USE_CONF_MAP + // + // lookup the template section in the hash map + // + + return map_get(&data->sections_map, section_name); +#else + // + // scan for a matching template section + // + + CONF_SECTION* section = List_Head(&data->sections); + while (section) { + + if (_wcsicmp(section->name, section_name) == 0) { + + break; + } + + section = List_Next(section); + } + return section; +#endif +} + + //--------------------------------------------------------------------------- // Conf_Merge_Templates //--------------------------------------------------------------------------- @@ -723,28 +758,35 @@ _FX NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id) CONF_SETTING *setting; // - // scan sections to find a sandbox section + // first handle the global section // - sandbox = List_Head(&data->sections); - while (sandbox) { - - CONF_SECTION *next_sandbox = List_Next(sandbox); + CONF_SECTION* global = Conf_Get_Section(data, Conf_GlobalSettings); + if (global) { + status = Conf_Merge_Global(data, session_id, global); + if (!NT_SUCCESS(status)) + return status; + } - // - // if we found the global section, handle it - // + // + // second handle the default templates + // - if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0) { + global = Conf_Get_Section(data, Conf_DefaultTemplates); + if (global) { + status = Conf_Merge_Global(data, session_id, global); + if (!NT_SUCCESS(status)) + return status; + } - status = Conf_Merge_Global(data, session_id, sandbox); + // + // scan sections to find a sandbox section + // - if (! NT_SUCCESS(status)) - return status; + sandbox = List_Head(&data->sections); + while (sandbox) { - sandbox = next_sandbox; - continue; - } + CONF_SECTION *next_sandbox = List_Next(sandbox); // // break once the template section starts @@ -757,10 +799,11 @@ _FX NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id) } // - // skip any local template sections and user settings sections + // skip the global section, skip any local template sections and user settings sections // - if (_wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || // Template_ or Template_Local_ + if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || + _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || // Template_ or Template_Local_ _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { sandbox = next_sandbox; @@ -868,20 +911,21 @@ _FX NTSTATUS Conf_Merge_Global( CONF_SECTION *next_sandbox = List_Next(sandbox); // - // skip the global section + // break once the template section starts // - if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0) { - - sandbox = next_sandbox; - continue; + if (sandbox->from_template) { + // we can break because template sections come after + // all non-template sections + break; } // - // skip any template sections and user settings sections + // skip the global section, any template sections and user settings sections // - if (_wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || + if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || + _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { sandbox = next_sandbox; @@ -925,37 +969,14 @@ _FX NTSTATUS Conf_Merge_Template( CONF_DATA *data, ULONG session_id, const WCHAR *tmpl_name, CONF_SECTION *section) { - -#ifdef USE_CONF_MAP - // - // lookup the template section in the hash map - // + CONF_SECTION *tmpl = NULL; WCHAR section_name[130]; // 128 + 2 // max regular section length is 64 - CONF_SECTION *tmpl = NULL; if (wcslen(tmpl_name) < 119) { // 128 - wcslen(Conf_Template_) wcscpy(section_name, Conf_Template_); wcscat(section_name, tmpl_name); - tmpl = map_get(&data->sections_map, section_name); - } -#else - // - // scan for a matching template section - // - - CONF_SECTION *tmpl = List_Head(&data->sections); - while (tmpl) { - - if (wcslen(tmpl->name) >= 10 && - _wcsnicmp(tmpl->name, Conf_Template_, 9) == 0 && - _wcsicmp(tmpl->name + 9, tmpl_name) == 0) { - - break; - } - - tmpl = List_Next(tmpl); + tmpl = Conf_Get_Section(data, section_name); } -#endif // // copy settings from template section into sandbox section diff --git a/Sandboxie/install/Templates.ini b/Sandboxie/install/Templates.ini index a862660ff8..84c4e3801e 100644 --- a/Sandboxie/install/Templates.ini +++ b/Sandboxie/install/Templates.ini @@ -58,6 +58,11 @@ # Sandbox Control program. # +[DefaultTemplates] +Template=RpcPortBindings +Template=SpecialImages + + [TemplateSettings] Tmpl.Version=1 Tmpl.RoboForm=%Personal%\My RoboForm Data @@ -91,6 +96,51 @@ Tmpl.KasperskyDataRoot=%AllUsersProfile%\Kaspersky Lab Tmpl.TheBat=%AppData%\The Bat! Tmpl.eM_Client=%AppData%\eM Client + +# +# Custom handling for special images +# + +[Template_SpecialImages] +#Tmpl.Title=#xxxx +Tmpl.Class=Misc + +SpecialImage=chrome,chrome.exe +SpecialImage=chrome,msedge.exe +SpecialImage=chrome,iron.exe +SpecialImage=chrome,dragon.exe +SpecialImage=chrome,opera.exe +SpecialImage=chrome,neon.exe +SpecialImage=chrome,maxthon.exe +SpecialImage=chrome,vivaldi.exe +SpecialImage=chrome,brave.exe +SpecialImage=chrome,browser.exe +SpecialImage=chrome,slack.exe + +SpecialImage=firefox,firefox.exe +SpecialImage=firefox,waterfox.exe +SpecialImage=firefox,palemoon.exe +SpecialImage=firefox,basilisk.exe +SpecialImage=firefox,seamonkey.exe +SpecialImage=firefox,k-meleon.exe +SpecialImage=firefox,librewolf.exe + +SpecialImage=thunderbird,thunderbird.exe + +SpecialImage=mail,winmail.exe +SpecialImage=mail,IncMail.exe +SpecialImage=mail,eudora.exe +SpecialImage=mail,thebat32.exe +SpecialImage=mail,thebat64.exe +SpecialImage=mail,Foxmail.exe +SpecialImage=mail,Mailbird.exe +SpecialImage=mail,MailClient.exe +SpecialImage=mail,postbox.exe +SpecialImage=mail,Inky.exe + +SpecialImage=browser,PuffinSecureBrowser.exe + + # # Internet Explorer # @@ -3145,8 +3195,8 @@ DontCopy=*.wmv [Template_RpcPortBindings] Tmpl.Title=#4296 Tmpl.Class=Misc -Tmpl.Scan=s -Tmpl.ScanService=RpcSs +#Tmpl.Scan=s +#Tmpl.ScanService=RpcSs #Tmpl.ScanService=RpcEptMapper #Tmpl.ScanService=DcomLaunch