Released Sandboxie Plus (Sbie fork) Versions with Signed Driver

oh!
in that case could you please send ma a copy of the old configuration you had, I would like to reproduce and fix the issue.

@Survivor
I have found one issue with
ClosedIpcPath=\RPC Control\LSARPC_ENDPOINT
as of now:
MSI installers fail to elevate
so try some other installers of the sort that only produce the UAC prompt some ware in the middle to see if that's a generic problem or msi specific.
I would tent to add a hard coded exception for MSI if its the only one negatively affected.

 

@DavidXanatos

I did some trial and error with the old config and the issue is caused by long local template names. If it's longer than 48 characters it will crash.

Code:

Template_Local_Test0123456789xxxxxxxx49characters > 48 characters = BSOD (after reloading config)

Template_Local_Test0123456789xxxxxxx48characters =< 48 characters = NO BSOD (after reloading config)

 

I can confirm it, installed the witcher, which includes MS C redist. The general install went well, but the MS ones failed. Removed the parameter and it installed fine.
Tried two other non MS installer, worked fine with parameter.

 

strange i tryed with

Code:

[DefaultBox]

Enabled=y
[...]
Template=Local_Test0123456789xxxxxxxx49charactersxxxxxxxxxx

[Template_Local_Test0123456789xxxxxxxx49charactersxxxxxxxxxx]
RecoverFolder=C:\Temp
RecoverFolder=C:\test

and did not get a crash



@Survivor
An other issue I found is that tools like Task info when ran in side the sandbox can no longer resolve sids and alike

 

Autostart? You mean "Start with Windows"? There seems to be no special option whether to autostart minimized in Systray or in a normal window.

 

@DavidXanatos
Did you try with SandMan.exe?

1. Sandboxie Service: Manual
2. SandMan autorun: disabled
3. Reboot
4. Replace config
5. Start SandMan (Make sure Maintenance -> Connect)

Also:

 

i mean clear the setting and re apply it to fix the missing parameter auto start should be always in to tray, except when I forget to add the right parameter to the installer

 

About the ClosedIpcPath=\RPC Control\LSARPC_ENDPOINT
I have implemented a driver Level request filter that blocks potentially problematic requests and allows those that should be unproblematic so no more tests of that settings are required, thanks all for the participation.

 

Ok, that I have immediately tried (uncheck "Start with Windows", applied, re-checked, applied). Doesn't seem to make any difference. Upon re-boot Sandman initially shows up again as normal window (as well as tray-icon), but the open window still needs to be closed manually.

 

@algol1
I just have tested that when sandman.exe is started with "-autorun" command it opens to tray and no window is shown initially.

 

will be fixed in the next build

 

What is this setting for?

Code:

OpenProtectedStorage

 

Got this issue not knowing if it was made by design or introduced recently or I DON'T KNOW how to handle it properly lol

This template applied to [GlobalSettings]

Code:

[Template_BlockVaultAccess]
Tmpl.Title=Block Vault Access
Tmpl.Class=Security
ClosedFilePath=!aaaaa.exe,E:\

It works. All exes in all sandboxes got blocked access to E: except aaaaa.exe


Then, as soon as I add one more exe:

Code:

[Template_BlockVaultAccess]
Tmpl.Title=Block Vault Access
Tmpl.Class=Security
ClosedFilePath=!aaaaa.exe,E:\
ClosedFilePath=!bbbbb.exe,E:\

It does not work anymore. All exes are blocked to access E:

 

I still cannot get Excel to run sandboxed, getting the error



I have tried installing SB+ into its default location, and checked that the software compatibility settings were correctly set. I also tried separate installs allowing it to find/use my old sandboxie.ini file and a totally clean install/default sandbox. I also turned off AVG but it made no difference. Nothing works!

I have also tried using the default

HostInjectDll=\SboxHostDll.dll
HostInjectDll64=\SboxHostDll.dll​

and when it was installed in my non-default location both the above and

HostInjectDll=C:\Program Files\Utils\Sandboxie-Plus\SboxHostDll.dll
HostInjectDll64=C:\Program Files\Utils\Sandboxie-Plus\SboxHostDll.dll​

Software details:

Excel (365) v2101 (build 13628.20000 Click-to-Run)
Sandboxie-Plus v0.5.3b
Win 10x64 v20H2 (build 19042.685)​

I really need to get this sorted!

 

JFYI: I can confirm the problem. Every Office application now shows error 1752.

Sandboxie Classic 5.45.2, Windows 10 20H2 (x64), Office 2016 (Click-to-Run)

 

@Mr.X
that is as it should booth rules mutually exclude each other, you nead to create a program group containing aaaaa.exe and bbbbb. exe and mke a close rule with the program group.

@henryg1 please check whats the last version that was working properly.

 

Sandboxie Classic 5.45.2, Windows 10 20H2 (x64), Office 2016. All office applications works sandboxed.

 

Are you using the MSI or the C2R version?

 

Some more info for groups, I thought there is more issues with delete content, but tried again and all good.

Remove groups, do you want to remove, yes, result: Still there
As said, no group in group hierarchy, but funny what happens, if you try now.
Created group TEAR
Added to this group TEST
And also TRA
Result is one group in the end of list TEAR
and two at the top What?
Besides this box to group and out is OK.

How did you even make this?? Sandboxie Plus (Sbie fork)

I wonder if Brummelchen even still cares about groups, or he just triggered my intererest now to make it work. LOL

 

I've been almost begging to @DavidXanatos to have a look into this issue for months last year. I'm still suffering. Lol

So much that I started trying PopMan which runs fine so far on top of Sandboxie.

 

I don't know about the version. I have Windows 10 Pro and Microsoft Office Professional Plus installed.

 

I upgraded from 5.33.3 to Classic 5.45.1 (uninstalled first). Chrome now works! Thanks!

We get the following error when starting Chrome 87.0.4280.88 or going to some webpages:
SBIE2303 Could not hook SetCurrentProcessExplicitAppUserModeID (33, 1655)

It doesn't happen every time, just perhaps 50% of the time. We just choose to ignore the error and so far everything is working. Should I just hide the error? Is this how to do it?

SbieCtrl_HideMessage=SBIE2303,SetCurrentProcessExplicitAppUserModeID

 

Thanks a lot. This global template worked as you advised

Code:

[GlobalSettings]

Template=BlockDeviceAccess
. . .
. .
.

[Template_BlockDeviceAccess]

Tmpl.Title=Block Device Access
Tmpl.Class=Security
ProcessGroup=<AllowVaultAccess>,aaaaa.exe,bbbbb.exe,ccccc.exe,ddddd.exe,eeeee.exe,fffff.exe,ggggg.exe
ClosedFilePath=!<AllowVaultAccess>,E:\
ClosedFilePath=\Device\Harddisk3\DR3
ClosedFilePath=G:\
ClosedFilePath=\Device\Harddisk4\DR4
ClosedFilePath=H:\
ClosedFilePath=\Device\Harddisk2\DR2
ClosedFilePath=I:\
. . .
. .
.

 

@DavidXanatos
With all respect for your work, I also ask a question.
I am a user who use sandboxie only for internet browsing and certain office documents.
If an update of windows 10 appears, can you update the Sandboxie Classic accordingly?
I do not intend to use Sandboxie Plus.
Thanks!

 

I have tried. In fact, I went back to 5.33.6 and still couldn't get Excel to work sandboxed. But it definitely did!

In the process of trying various options and SB versions, I totally messed up my sandboxie.ini file and had to recreate it from a newly installed SB default. Still doesn't work though, and I have spent loads of time trying to no avail.