Released Sandboxie Plus (Sbie fork) Versions with Signed Driver

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Dec 7, 2020.

  1. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    This build is a major milestone in the development of Sandboxie, it marks the first open source release that has a driver properly signed for windows 10 and 8.
    image_2020_11_30T08_59_50_639Z.png
    For windows 7 unfortunately for the time being still the old provisionally signed driver has to be used, a solution is being worked on.

    The new SandMan UI finally reached full feature parity with the old legacy UI, it has a new interactive notification window and brings many new features improving on many aspects of Sandboxie-Plus, the UI has a myriad of usability improvements. The snapshot management has been greatly improved as have been the debug options for tracing and resolving compatibility issues. The process start warning mechanism has been extended to a fully fledged system wide process start blocker, that now accepts executable names as well as folders. And last but not least this build also brings an optional Updater mechanism to keep Sandboxie (Plus and Legacy) up to date.

    Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v0.5.0

    Change Log

    Added
    • added new notification window
    • added user interactive control mechanism when using the new SandMan UI
      -- when a file exceeds the copy limit instead of failing, the user is prompted if the file should be copied or not
      -- when internet access is blocked it now can be exempted in real time by the user
    • added missing file recovery and auto/quick recovery functionality
    • added silent MSG_1399 boxed process start notification to keep track of short lived boxed processes
    • added ability to prvent system wide process starts, sandboxie can now instead of just alerting also block processed on the alert list
      -- set "StartRunAlertDenied=y" to enable process blocking
    • the process start alert/block mechanism can now also handle folders use "AlertFolder=..."
    • added ability to merge snapshots
    • added icons to the sandbox context menu in the new UI
    • added more advanced options to the sandbox options window
    • added file migration progress indicator
    • added more run commands and custom run commands per sandbox
      -- the the box settings users can now specify programs to be available from the box run menu
      -- also processes can be pinned to that list from the presets menu
    • added more windows 10 specific template presets
    • added ability to create desktop shortcuts to sandboxed items
    • added icons to box option tabs
    • added box grouping
    • added new debug option "DebugTrace=y" to log debug output to the trace log
    • added check for updates to the new SandMan UI
    • added check for updates to the legacy SbieCtrl UI
    Changed
    • File migration limit can now be disabled by specifying "CopyLimitKb=-1"
    • improved and refactored message logging mechanism, reducing memory usage by factor of 2
    • terminated boxed processes are now kept listed for a couple of seconds
    • reworked sandbox deletion mechanism of the new UI
    • restructured sandbox options window
    • - SbieDLL.dll can now be compiled with an up to date ntdll.lib (Thanks to @TechLord from Team-IRA for help)
    • improved automated driver self repair
    Fixed
    • fixed issues migrating files > 4GB
    • fixed a issue that would allow a malicious application to bypass the internet blockade
    • fixed issue when logging messages from a non sandboxed process, added process_id parameter to API_LOG_MESSAGE_ARGS
    • fixed issues with localization
    • fixed issue using file recovery in legacy ui SbieCtrl.exe when "SeparateUserFolders=n" is set
    • when a program is blocked from starting due to restrictions no redundant messages are issues anymore
    • fixed UI not properly displaying async errors
    • fixed issues when a snapshot operation failed
    • fixed some special cases of IpcPath and WinClass in the new UI
    • fixed driver issues with WHQL passing compatibility testing
    • fixed issues with classical installer
     
    Last edited: Dec 8, 2020
  2. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Nice work, David! :thumb:
     
  3. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    103,305
    Location:
    U.S.A.
    David, congratulations!
     
  4. boldrake

    boldrake Registered Member

    Joined:
    Apr 18, 2016
    Posts:
    17
    Thank you very much David
     
  5. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,738
    Location:
    USA
    WOW...Thank you David.
     
  6. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    Yea...

    Although the windows 7 situation is everything but optimal, for the next 4 months I could have got a normal old school cert for W7 but as this would not be a permanent solution, see here: https://www.osr.com/blog/2020/10/15/microsoft-driver-updates-allowed-win7-win8/
    I'm looking how to properly WHQL certify the driver for use with windows 7, according to MSFT that should have been possible, and it passed all the WHQL tests.
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    25,902
    Location:
    UK
    At last David, a great result for your hard work :thumb:
     
  8. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,265
    Nice! Thank you David.
     
  9. Monica2000

    Monica2000 Registered Member

    Joined:
    May 18, 2020
    Posts:
    65
    Location:
    Spain
    I downloaded SandboxieInstall64-v5.45.0 and is not working... driver is not signed, so nothing has changed. Even Firefox refuses to download the file.
     
    Last edited: Dec 7, 2020
  10. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    I presume you are using windows 7 see the comment:
    Currently the installer installs two driver files:
    SbieDrv.sys.w10 that is the signed file that works on 10 and probably 8.1, and
    SbieDrv.sys.rc4 that's the file signed with the leaked certificate.
    It first tries to load the properly signed driver if that fails, as it does on windows 7, it than proceeds to de obfuscate the rc4 file and tried to use it.
     
  11. Monica2000

    Monica2000 Registered Member

    Joined:
    May 18, 2020
    Posts:
    65
    Location:
    Spain
    No, i am using Windows 10.

    https://github.com/sandboxie-plus/Sandboxie/issues/208

    You should not include the windows 7 driver on windows 10 installer as it is creating conflict and false positives again.
     
  12. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    25,902
    Location:
    UK
    Win 10 20H2
    Build 5.45. does not install over the top of 5.41. Nothing will run. Tried everything., reboots, running installer again etc etc.
    Icon in taskbar with exclamation mark says...

    SBIE1101 Sandboxie driver (SbieDrv) version 5.44.1 initialized
    SBIE9234 Service startup error level 9154 status=00000000 error=0
    SBIE1101 Sandboxie driver (SbieDrv) version 5.44.1 initialized
    SBIE9234 Service startup error level 9154 status=00000000 error=0
    SBIE2331 Service start failed: [22 / 5] Access is denied.

    Ran 5.41. installer again to get a working sbie again (until Defender kills it of course!)
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,498
    Location:
    .
    Yeah, 5.45.0 does not install over the top of 5.43.7 ...for me.
    I uninstalled 5.43.7 ....then installed 5.45.0
     
  14. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    @stapp Try uninstalling and checking in the C:\Program Files\Sandboxie the old driver file SbieDrv.sys is gone,
    than clean install. After clean install and first start a new sys file should be created.
     
  15. Monica2000

    Monica2000 Registered Member

    Joined:
    May 18, 2020
    Posts:
    65
    Location:
    Spain
    It´s working now, uninstalling previous and then installing the new version but... what's the point of having the signed driver if you include the "trojan driver" in the windows 10 installer. We are in the same situation as before. You should create a new win7 installer and "cleaning" the win10 installer until you can sign the windows 7 driver.
     
  16. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,191
    Location:
    Nicaragua
    Congratulations, David. I am in awe. :)

    Bo
     
  17. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    The "Provisionally signed" driver is obfuscated so its not apparent from outside that its included, it is only unpacked when its found to be needed.
     
  18. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    25,902
    Location:
    UK
    @DavidXanatos
    I had done a clean install when the over the top didn't work. Perhaps it may be an idea to suggest a clean install for this build?

    By the way 5.45 is working very well :)
    Also Digital Signature shows up in the Properties of SbieDrv.sys :)
     
  19. Monica2000

    Monica2000 Registered Member

    Joined:
    May 18, 2020
    Posts:
    65
    Location:
    Spain
    What I mean is that it is still a pain to install ... as I said before, Firefox blocked the download of the file, Windows Defender detected a trojan and I had to juggle to finally install the program. Not to mention that Virustotal sees different Trojans in the installer.

    Anyways thanks for your work and ur time.
     
  20. cisko99za

    cisko99za Registered Member

    Joined:
    Nov 29, 2020
    Posts:
    7
    Location:
    Zurigo
    on win 7 x64 also for me not work (5.45 version upgraded fro, 5.44.1). also reboot machine not work.
    but uninstalled and reinstalled (5.45 version) work fine!
     
  21. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    25,902
    Location:
    UK
    @Monica2000
    My problem came with using Sbie 5.41. to download 5.45. Defender cried as usual.
    However, I had no problem at all installing 5.45 as a clean install. It installed like Sbie always used to,, smooth and quiet.
    Also after uploading 5.45 to VT there are not loads of hits now.
     
  22. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,410
    Congratulations!

    Now I can finally try your builds.

    Is this expected?

    defender.png
     
  23. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    Yes because the installer itself is not signed, as that's not a requirement.
     
  24. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,410
    Bummer. Well, installed it anyway, but the service does not seem to start (or stop immediately?).

    service.png

    EDIT: Fixed after uninstall & reinstall!
     
  25. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    615
    Location:
    Austria
    Indeed.

    But apart from this, my first experience with version 5.45.0 (on Windows 10, 32 bit) is very positive. For me it is like described above by stapp:

    Many thanks, David, for all your restless work. :thumb:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.