All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.
- added more documentation links to the plus UI
- added tray menu option to dismiss a pending update notification
- improved compatybility template for Data Protection mode (thanks offhub)
- fixed Qt6 issues in ARM64 build
- fixed delete V2 bug when using box mounts without a drive letter
- fixed icon overlay issue with high DPI scaling
- fix behaviour on multiple selection (thanks okrc)
- added global setting to disable overlay icons
- added ability to specify Sandboxie.ini location in registry
- open "HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv" and set "IniPath" #2837
- use a REG_SZ string for the path, like "??\C:\my_path\my_sandboxie.ini"
- improved handling of DLL injection failure
- updated Polish translation (thanks to user 7zip)
- added box presets menu option to toggle 'DisableForceRules=y' (thanks offhub) #2851
- fixed issue with SBIE1305 message
- fixed encoding issue with Korean translation #2833
- added option to disable all force rules of a given sandbox #2797
- reworked configuration storage for box grouping
- fixed system check in Classic installer #2812
- fixed memory corruption issue with Normal[File/Key]Path #2588
- fixed DPI scaling in the snapshot manager window #782
- fixed issue with arm64 DialogProc hook #2838
- fixed Qt6 compatibility issue with 7z FS implementation #2681
- fixed issue with TLS support using Qt6 #2682
- added template preset for Spotify #2673
- added missing localisation to finder #2845
- added local template editor to the global settings window
- added hidden message list
- added option to prevent processes located outside the sandbox from loading boxed DLLs
- to enable it, use "ProtectHostImages=y"
- added option to block box intern programs but not box external ones
- added SbieLogon option to the new box wizard #2823
- added a few UI debug options #2816
- run menu entries now can have custom icons
- the init edit page will automatically switch to edit when the user changes something
- improved change handling in the global settings window
- reorganized global options
- fixed issue with group renaming in the SandMan UI #2804
- added installer icon #2795
- added token type indicator to process list
- fixed compatibility issue with Microsoft Edge 112.x
- fixed updater issue #2790
- fixed box naming issue in the new box wizard by making the box name static #2792
- fixed issue with Firefox/Thunderbird #2799
- fixed issue with WFP support and driver verifier
- disabled token-based workarounds when in compartment mode
- fixed issue with the new SBIE2307 message being triggered on media removal
- excluded some old token hacks (for Firefox) from being disabled
- long-standing ping issue with compartment type boxes #1608
- reworked CreateAppContainerToken hook to return a restricted token for the issue #2762
- Note: this behaviour can be disabled with 'FakeAppContainerToken=program.exe,n'
- enabled app container compatibility in App Compartment mode
- Note: this should improve Microsoft Edge compatibility
- added web browser compatibility template wizard #2761
- added a mechanism to dynamically detect Chromium and Firefox based browsers
- Note: the new mechanism can be disabled using 'DynamicImageDetection=program.exe,n'
- renamed 'DropAppContainerTokens=program.exe,n' to 'DropAppContainerToken=program.exe,n'
- 'DropAppContainerToken=program.exe,y' can now be used in App Compartment boxes, however it is not recommended security-wise
- the desktop security workaround used for Chrome, Firefox and Acrobat is now enabled by default, you can disable it with "UseSbieDeskHack=n"
- Note: this should allow Electron apps to run without 'SpecialImage=chrome,program.exe'
- disabled old token hacks, as these seem to be no longer required with the new App Container token
- Note: in case of issues with Microsoft Edge, Chrome, Firefox or Acrobat, they can be re-enabled using 'DeprecatedTokenHacks=y'
- updated Inno Setup to version 6.2.2 which also comes with a new installer icon
- fixed issue with Global Settings ini section editing
- fixed issue with 'UseRegDeleteV2=y' #2756
- autorun path now supports any length #2769 (thanks Sapour)
- recovery window: delete confirmation dialog is no longer shown when no file/folder is selected #2771 (thanks Sapour)
- fixed WeChat crash issue #2772
- removed obsolete workaround for Maxthon 4
- added certificate protection #2722
- fixed issue with finder search in trace log
- fixed issue with NT namespace virtualization #2701
- fixed issue with "run unsandboxed" #2710
- fixed issue with new box wizard #2729
- fixed issue with breakout processes and user-restricted sandboxes #2732
- fixed a couple of UI issues #2733
- fixed useless help button #2748
- Run menu now supports folders, to be used by entering foldername1\foldername2\entryname in the name column of the UI
- added a tray indicator for pending updates
- added virtualization for CreateDirectoryObject(Ex) and OpenDirectoryObject (improves security, prevents name squatting)
- Note: this can be disabled using 'NtNamespaceIsolation=n'
- 'OpenProtectedStorage=y' has been replaced with a template
- moved all built-in access rules to a set of default templates
- moved WinInetCache control to a template OpenWinInetCache; 'CloseWinInetCache=y' is now obsolete
- added hook for CreateAppContainerToken, which should also improve compatibility with other apps #1926
- Note: Template_Edge_Fix is no longer required
- replaced a few icons
- moved the "Support" global settings page above the "Advanced Config" page and renamed it to "Support & Updates"
- when dragging and dropping a file on the SandMan UI to run it, the currently selected box will be pre-selected in the box picker dialog
- improved access rule handling #2633
- SbieCtrl now uses the new update format when checking for updates
- added prioritization of primary matches over auxiliary matches to rule specificity
- added AppContainer support for Compartment type boxes
- FIXED SECURITY ISSUE ID-22 NtCreateSectionEx was not filtered by the driver
- fixed issue starting services without a system token
- fixed issues with new file migration settings #2700
- fixed shell integration on ARM64 #2685
- fixed new issues with driver verifier #2708
- reorganized box options once more, the old box layout is default again
- SBIE2227 indicating volume without 8.3 name support is now disabled by default
- Note: you can use "EnableVerboseChecks=y" to re-enable this check
- fixed delete v1/v2 display now respecting global presets
- avoid blocking the Explorer when dragging #2660
- fixed issue with QtSingleApp #2659
- fixed updater sometimes failing to create a temporary directory #2615
- fixed issue with snapshot removal #2663
- fixed issue with symbolic links #2606
- fixed issues with AppContainer isolation, app container tokens are now dropped by default
- Note: this behaviour can be disabled with 'DropAppContainerTokens=program.exe,n'
- added option to create a new sandbox to run from the box picker dialog
- added sandbox creation wizard (not available in Vintage View mode)
- added ability to open all COM classes #2448
- Note: use OpenClsid={00000000-0000-0000-0000-000000000000} to open all
- the SandMan UI now indicates if a sandboxed process has an elevated (admin) or system token
- DropAdminRights can now be configured per process #2293
- added self-removing boxes #1936
- added Ctrl+F search filter to the box picker dialog, this allows for quickly finding a particular box
- added menu options to edit the Templates.ini and the Sandboxie-Plus.ini
- refactored network blocking code in driver
- box options now show the expanded paths where appropriate
- made new box option layout the default (can be changed in appearance settings)
- fixed BlockNetworkFiles=y not working together with RestrictDevices=y #2629
- fixed SandMan crash issue introduced in 1.7.0
- fixed trace log filter being case-sensitive
- fixed performance issues with Delete V2
- fixed issue with NtQueryDirectoryFile data alignment #2443
- fixed issue with Microsoft Edge 111 dev build #2631
- fixed issue with mio sockets #2617
- fixed issue with run menu entries created from the options/settings window #2610
- fixed issues with the start menu when using snapshots #2589
- added OnFileRecovery trigger allowing to check files before recovering them #2202
- added more presets to sandbox options
- Note: these can only be changed when the box is empty
- added new file migration option page with additional settings
- added SBIE2113/SBIE2114/SBIE2115 message to indicate when files are not migrated due to presets
- added 'NoParallelLoading=y' to disable parallel loading of dlls to debug loader issues
- moved SeparateUserFolders checkbox from global settings to per box options
- resolved SbieDll.dll incompatibility with shadow stack and enabled /CETCOMPAT for SbieDll.dll #2559
- added missing registry hooks to improve compatibility with newer applications
- fixed permission issue with registry entries in privacy mode boxes
- added option to Sandboxie Classic to apply a supporter certificate
- time-limited certificates now have 1 more month of validity to improve the renewal experience
- fixed issue with Hebrew language (Classic UI) #2608
- fixed issue with start menu integration and snapshots #2589
- reworked trace log retrieval for vastly improved performance
- improved list/tree finder
- improved trace logging
- enabled drop admin rights option for compartment boxes
- Note: programs started unsandboxed can not have rights dropped, but UAC prompts and elevation attempts from within the sandbox are blocked
- fixed potential BSOD issue in the driver
- fixed crash in the trace log #2599
- fixed tray issue #2600 (okrc)
- fixed issues with shortcuts #2601 (okrc)
- added user mode system call tracing, now syscalls can be logged in compartment boxes as well as all Win32k syscalls
- reworked trace log model, now it can load more than a million entries in less than one second
- ApiLog support is now hidden from the trace UI when the appropriate DLLs are missing
- fixed issue with Microsoft Edge in a security enhanced box #2571
- opened OpenIpcPath=\{BEC19D6F-D7B2-41A8-860C-8787BB964F2D} on ARM64 systems
- fixed incompatibility with Windows 11 21H2 ARM64 #2431
- added option to disable sandbox clean-up on startup #2553
- added contribution guidelines in the Help menu for both Plus and Classic UIs #2551
- fixed issue with auto-delete sandbox on SandMan startup #2555
- fixed issue with Windows 11 context menu when SandMan was not already running #2284
- fixed issue with the display about cmbDefault #2560 (okrc)
- fixed issue with colour inaccuracy #2570 (okrc)
- fixed issue with Templates.ini loading on first start #2574
- fixed Cyberpunk 2077 not being able to load mods when sandboxed
- fixed performance issue in games
- fixed FFS hooking issue observed in Windows 11 ARM64 Build 22621.819
- improved Network Location Awareness template
- fixed issue with update label when "Version Updates" drop-down menu was set to "Ignore"
- fixed issue with WoW64 thunking on 32-bit Windows 10 systems #2546
- fixed issue with auto delete option not working in sandboxes #2531
- Note: a clean-up is now done after each reboot
- fixed issue with Network Location Awareness under Windows 11 #2530
- fixed issues with recovery window #2458
- fixed crash issue in Vintage UI introduced in 1.6.1a
- added template for Tencent TIM #2516 (thanks TooYoungTooSimp)
- added game/presentation mode #2534
- added option to pick a custom box icon
- fixed support setting page not showing version updates properly
- added "Run Sandboxed" command to the sandbox menu
- DefaultBox can now be replaced with another sandbox #2445
- improved fix for #2495
- added global option to introduce run menu entries to all boxes
- reorganized command prompt entries #2451
- the "live" update channel is now part of the "preview" channel for which version updates can now be disabled
- fixed issue with support setting drop-down menu multiplying #2502 (okrc)
- added translations folder as deprecated, to be removed upon installation #2500 (lufog)
- fixed issue with disk usage of hidden items not counted #2503 (okrc)
- fixed issue with boolean settings which can also be set per process #2495
- fixed issue with disk usage of hidden items not counted #2503
- added ability to import/export boxes into 7z files
- added new update mechanism allowing for incremental updates
- used for nightly test builds in the "live" update channel
- used to update Templates.ini and translations after installation #1105
- restructured the box context menu a bit
- SandMan translations are now compressed and located in translations.7z
- fixed issue with recycle icon not updated in time #2457 (thanks okrc)
- fixed issue with "index out of range" #2470 (thanks okrc)
- fixed issue starting SandMan after install #2284
- fixed encoding issue with my_version.h #2475
- fixed issue with empty group blinking sequence #2486 (thanks okrc)
- boxes set to auto-delete are now marked with a small red recycle symbol
- added Vietnamese language on Plus UI #2438
- fixed issue with box options #2400
- fixed issue with Smart App Control #2341
- fixed issue with snapshots when using privacy boxes #2427
- fixed issue with m_pColorslider change not applied #2433 (thanks okrc)
- fixed issue with switching snapshots when the file panel is open
- fixed issue with file panel when an empty box is selected #2419
- fixed issue with menu icon not being disabled #2406
- fixed compatibility issue with Microsoft Edge #2312
- fixed UsePrivacyMode=y compatibility with Windows 7 #2423
- fixed minor issue during Sandboxie Plus uninstall #2421
- fixed BSOD issue when driver initialization fails (introduced in 1.5.1) #2431
- fixed fake paths being listed even if true paths do not exist #2403
- fixed issue with Firefox 106.x requesting write access to plugin executables #2391 #2411
- utility groups are now cleaned up automatically
- improved removal of leftovers #2409
- fixed issues with SBIE2227 on virtual drives
- fixed issues on native 32-bit Windows introduced with 1.5.0 #2401
- added SBIE2227 warning when a sandbox is located on a volume without 8.3 name support
- added template for Tencent QQ #2367
- fixed issues when renaming a sandbox with a custom path #2368
- properly fixed the Firefox 106 issue 46e9979
- fixed issue with alternative UI modes #2380
- fixed command line corruption with breakout processes #2377
- fixed issues with Privacy Enhanced box types #2342
- fixed issue with boxed object directory initialization #2342
- Sandboxie no longer leaves behind permanent directory objects
- FIXED SECURITY ISSUE ID-21 AlpcConnectPortEx was not filtered by the driver #2396
- fixed issues with program control options #2395
- Added support for Windows on ARM64 #1321 #645
- ported SbieDrv for ARM64
- ported low-level injection mechanism for ARM64/ARM64EC
- ported syscall hooks for ARM64/ARM64EC
- ported SbieDll.dll to ARM64/ARM64EC
- Note: ARM32 on ARM64 is not implemented and will terminate with message SBIE2338
- Note: when Sandboxie is running, it disables the use of CHPE binaries for x86 processes globally - as required for the forced process functionality. This can be disabled by adding the global option "DisableCHPE=n" to the Sandboxie.ini, which will terminate x86 processes started outside the sandbox with message SBIE2338, instead of being forced
- fixed issue with Win32 hooks in x86 applications
- avoid window overlap when editing templates #2339 (thanks okrc)
- fixed incorrect write of OpenWinClass UI setting #2347 (thanks okrc)
- fixed issue with local template #2338 (thanks okrc)
- fixed Edge WebView2 compatibility issue #2350
- added provisional workaround for Firefox 106 content process sandbox issue
- fixed bug with renaming sandboxes #2358 (thanks okrc)
- reworked API compatibility check
- breakout process is now available for all users
- added tooltips to resource access modes #2300
- added UI option to control ApplyElevateCreateProcessFix #2302
- added message 2226 if a process needs 'ApplyElevateCreateProcessFix=y'
- moved Restrictions tab from the new Security page back to the General page
- fixed wrong button captions in the breakout process page
- fixed issue with saving box recovery options
- fixed the display problem of SandMan #2306 (thanks okrc)
- fixed theme not auto-changing #2307
- fixed issue with saving SandMan window state on Windows shutdown
- fixed miscellaneous minor issues #2301
- fixed issue with Microsoft Edge introduced in 106.x #2325
- fixed Vivaldi hooking issue, UseVivaldiWorkaround is no longer needed #1783
- fixed issues with miscellaneous tab on the advanced options page #2315
- added dark title bar support for Windows 11 #2299
- in Sbie 5.28 and later WinInetCache is open, which breaks IE's source view, therefore it can now be disabled with 'CloseWinInetCache=y'
- fixed WarnProcess and WarnFolder not working with certain configurations
- added integrated run from start menu #1836
- added start menu enumeration #1570
- added UI for breakout processes #1904
- added option to customize double-click action per sandbox
- added new miscellaneous tab in the advanced options tab allowing to configure specific processes and other advanced options
- added "SeparateUserFolders=y" and "SandboxieLogon=y" to the sandbox options dialog
- added icons to the section labels on the option pages
- prepared for Qt 6.3.1
- restructured the general settings page
- restructured the sandbox options page, added a new tab and moved some of the advanced options there
- fixed menu bar issue in Plus UI #2280 (thanks okrc)
- added localization to Windows 11 shell menu #2229
- improved recovery window behaviour in Plus UI #2266
- fixed issues with stale data in Sandboxie-Plus.ini #2248 (thanks okrc)
- fixed issue with dummy manifests #2252
- fixed issue with XYplorer #2230
- fixed crash in Plus UI e9e21c2
- fixed m_pCleanUpButton is displayed empty when NoIcons=1 #2273 (thanks okrc)
- Added NoRenameWinClass to the Plus UI
- Added Windows.UI.* to the list of hardcoded well-known classes to resolve issues with WinUI apps #2109
- NoRenameWinClass now supports wildcards
- fixed issue with default box not being detected on start #2195
- fixed move sandbox menu issue #2225 (thanks okrc)
- fixed issues with stale data in Sandboxie-Plus.ini #2234 (thanks okrc)
- fixed autostart issue #2219
- fixed firewall UI issue, all programs entries were missing *, prefix #2247
- fixed BlockPorts template with a missing *, prefix 4420ba4
- fixed issues with various Electron apps #2217 #2235 #2201 #2166
- now the default behaviour is UseElectronWorkaround=n
- removed obsolete VPNTunnel template
- added domain\user notation when the LogFile registry setting is applied as workaround for #2207
- usage: in "HKLM\SYSTEM\CurrentControlSet\Services\SbieSvc" add REG_SZ "LogFile" with "3;[path]\Sandboxie.log"
- added option to block host processes from accessing sandboxed ones #2132
- usage: DenyHostAccess=Program.exe,y
- Note: by default, this protection only applies for write access, that is, unsandboxed processes will still be able to obtain read-only access
- to prevent host processes from obtaining read access, ConfidentialBox=y must also be set, which requires a supporter certificate
- added compatibility template for ReHIPS
- added creation of all default folders in privacy box type #2218
- improved SandMan settings behaviour for non admin users #2123
- fixed issues with group moving via drag and drop
- approved more required syscalls #2190
- fixed issues when deleting box content and the file panel view is open
- fixed issue with config protection #2206
- fixed issue with default box #2195
- fixed issue with keyboard delete shortcut for process termination
- removed obsolete Online Armor template
- added icons to sub tabs in the box options dialog
- recovery and message pop-up menu options are not persisting across UI restarts any more
- added new box colour, a white box indicates that it's not really a sandbox and is displayed when the user specified OpenFilePath=* or alike
- Sandboxie no longer issues message 1301 when forced processes are temporarily disabled
- the message can be re-enabled with "NotifyForceProcessDisabled=y"
- reworked the "Open COM" checkbox mechanism in the plus UI
- Now it uses a template and it can also keep COM closed while OpenIpcPath=* is set
- fixed compatibility issue with Proxifier #2163
- fixed encoding issue with Korean translation #2173
- fixed issues with update available message
- added ability to switch the fusion theme independently from the dark theme
- added ability to download updates from the support page
- added missing system calls to the hardened box type 88bc06a b775264 04b2377 (thanks Mr.X)
- added search box to the Plus UI Settings and box options dialog #2134
- added Korean translation to the Plus UI #2133 (thanks VenusGirl)
- added grouping to SandMan tray menu #2148
- improved info label
- the vintage mode look is even more vintage now
- reloading the configuration with the SandMan command "Options -> Reload ini file" now updates the list of approved syscalls
- made rule specificity more specific, now a rule with less wildcards overrules a rule with more wildcards
- Note: trailing wildcards are evaluated separately
- fixed issue with displaying sandbox configuration #2111
- fixed flashing issue when switching views #2050
- fixed inconsistencies with various checkboxes in the Plus UI ef4ac1b 06c89e3
- fixed a certificate validation issue 238cb44
- fixed issue with "UseRuleSpecificity" setting #2124 file.c#L965-L966
- added hook configuration for ntoskrnl/ntdll
- individual ntdll hooks can be disabled using "DisableWinNtHook=..."
- added new Super Extra Security Enhanced Box Mode; add "UseSecurityMode=y" to enable
- when this setting is enabled, it combines "SysCallLockDown=y" which limits the use of NT system calls with "DropAdminRights=y" and "RestrictDevices=y"
- only calls configured in the global section as "ApproveWinNtSysCall=..."/"ApproveWin32SysCall=..." will be executed with the original token
- all non-approved NT syscalls will be executed with the sandboxed token, this may break compatibility in certain scenarios
- additional syscalls may need to be allowed, this has to be done in the [GlobalSettings] and the driver must be restarted
- Note: boxes created as Security Enhanced with prior builds will be displayed as normal in the UI from now on
- the Security Enhanced icons are now repurposed for the new Super Extra Security Enhanced Box Mode
- Note: the new enhanced security features require a supporter certificate
- added browse option to the "force process" tab
- replaced the "DeviceSecurity" template with a dedicated setting "RestrictDevices=y"
- Note: when needed, more "NormalFilePath=..." entries can be added to open specific devices
- rule specificity is now even more specific, an exact rule now overrules those ending with a wildcard
- fixed issue with context menu setup on Windows 11
- fixed column issue in vintage mode #2103
- fixed missing uninstall routine in SandMan
- added option for alternating row colours in all lists #2073
- SandboxieLogon is now disabled by default as it wasn't compatible with third-party malware tools #2025
- the access view list now adds the trailing "*" to file and key paths the same way the driver does 2039
- setup of shell integration is now done by SandMan, not the installer
- uninstaller can now remove the sandbox folders #1235
- reworked saving of global options
- fixed issue with the Delete Content option #2043
- fixed issue with box preferences #2046
- fixed issue with the Delete V2 registry
- improved a few icons
- fixed a certificate validation issue
- added a delete button to the recovery window #2024
- improved the tree selection display
- fixed issues with the file panel
- fixed issue with some key bindings #2030
- fixed issue with RemoveSidName when terminating SbieSvc
- fixed issue with the new hooking mechanism
- fixed BSOD issue with Win32k hooks introduced in 1.2.0 #2035
- fixed issue with Element 1.11 and Electron workaround #2023
- fixed issues with the new menu code
- reworked frame drawing
- fixed issues with frame drawing
- fixed issues with the tray and box menu introduced in the last build
- removed focus rectangle from the tree list
- refactored menu creation code
- added Swedish translation to the Plus UI (thanks pb1)
- added Vintage View mode to make SandMan UI look like SbieCtrl
- added alternative tray menu mechanics
- added ability to auto-generate sandbox icons based on the border colour
- changed box group icon to a dedicated one
- "browse content" is now available as a side panel in the main window
- animated hourglass icon overlay
- fixed DPI issue on Windows 7
- fixed issue with Software Compatibility tab
- fixed issue with OpenKeyPath introduced in build 1.1.1 #2006
- re-engineered "SandboxieLogon=y"; it's on by default, as every sandbox gets its own SID now
- Note: this enforces strict isolation of sandboxes from each other.
- reworked hook management, unloaded DLLs are properly unhooked now #1243
- the box order is now stored in Sandboxie-Plus.ini
- improved DPI scaling behaviour
- added group-first sorting #1922
- updated Classic UI Swedish translation (thanks pb1)
- restored Plus UI Turkish translation #1419 (thanks fmbxnary)
- fixed issue with recovery window on delete #1948
- fixed double-click issue on path column #1951
- "AllowBoxedJobs=n" is back to the default behaviour as issues were reported #1954
- fixed issue with internet block #1955
- fixed grouping issue in the Plus UI #1950
- fixed issue with CredentialUIBroker.exe on Windows 11 with Win32k hooks #1839
- fixed issue with Delete V2 #1939
- added missing file recovery log to SandMan #425
- the immediate recovery window will now auto-close when all files have been recovered #1498
- the immediate recovery window of SandMan is always on top by default like in SbieCtrl; this can be disabled with "Options/RecoveryOnTop=n" #1465
- added option to toggle immediate recovery from the presets submenu #1653
- added option to disable file recovery and message pop-up globally
- added per box refresh option #1945
- the desktop security workaround used for Chrome, Firefox and Acrobat can now be enabled for all processes using "UseSbieDeskHack=y"
- improved double-click behaviour #1935
- box size info is refreshed on file recovery
- fixed issue with unnecessary Sandboxie config reloads introduced in 1.1.1 #1938
- fixed issue with recovery window focus #1374
- fixed issues with desktop objects introduced in 1.1.1 #1934
- fixed issues with Edge startup boost using a GPO preset #1913
- compatibility templates can now be viewed from the settings window #1891
- the refresh command is now bound to F5 #1885
- added more first start wizard options
- added option to permanently disable immediate recovery for any given box when it opens #1478
- double-click on the path column now opens the box root in explorer #1924
- changed Move Box behaviour #1879
- improved implementation of the PreferExternalManifest option
- Win32k hooks are now by default only used for Edge and Chromium apps as they cause issues with other software #1902 #1912 #1897
- "AllowBoxedJobs=y" is now the default behaviour
- fixed Edge issue with Windows 11 after KB5014019
- fixed issues with the new Delete V2 mechanism when using "SeparateUserFolders=y" #1885
- fixed credential issue #1770
- fixed force process priorities #1883
- fixed issues with the new Delete V2 mechanism
- fixed issue with the Windows 11 menu on older Windows builds 1877
- refresh now works without WatchBoxSize option #1885
- fixed crash issue with WatchBoxSize=true #1885
- fixed issue with recovery folder paths #1840
- fixed issues with Sbie desktop and wndStation affecting Acrobat Reader #1863
- fixed issues with box grouping #1921 #1920
- fixed issues when changing language #1914
- fixed issue with BreakoutFolder #1908
- fixed issue with SbieDll.dll for x86 exception handling
- fixed issues with application-specific hives (RegLoadAppKey) affecting Visual Studio #1576 #1452
- reworked the mechanism Sandboxie uses to mark host files as deleted
- under the new behaviour a data file (FilePaths.dat) is created in the box root instead of dummy files
- it can be enabled with UseFileDeleteV2=y and also for the registry with UseRegDeleteV2=y which creates a reg file (RegPaths.dat)
- reworked the TlsNameBuffer mechanism to be more versatile and less error-prone
- significantly reduced the CPU usage of SandMan.exe
- fixed folder rename issues (this requires UseFileDeleteV2=y) #71
- fixed issue with process access #1603
- fixed translation issue #1864
- fixed UI issue with the box selection window #1867
- fixed UI issue when switching languages #1871
- added auto-update download and silent install option to SandMan.exe #917
- trace monitor mode can save to file now #1851
- trace log now shows IPC object type information
- added support for Windows 11 context menus
- fixed SandMan crash issue #1846
- fixed issue with Windows Server 2022 build 20348
- fixed translation switching issues #1852
- added "FuncSkipHook=FunctionName" option to selectively disable certain function hooks
- improved the support certificate entry box
- changing the language no longer requires a restart on Plus UI
- fixed issue with high CPU load when using SbieCtrl to change settings
- fixed issue with Firefox/Chromium browsers that have been compiled with the MinGW toolchain #538
- fixed issues with folder recovery on Plus UI #1840 #1380
- fixed issue with Firefox video playback introduced in the previous build #1831
- fixed driver-related BSOD #1811
- fixed issue with editing start restriction entries
- fixed issue with the network options tab #1825
- fixed portable mode issue if SandMan is run as admin #1764
- added drag and drop support for groups #1775
- added Del key support to the box view for all entry types #1779
- added warning when trying to run explorer.exe in a box with COM open #1716
- fixed crash issue in the SandMan UI #1772
- fixed issue with some installers when EnableObjectFiltering is enabled #1795
- fixed allowing NtCreateSymbolicLinkObject to be safely used in the sandbox
- added workaround for a Vivaldi hooking issue #1783
- Note: this fix is provisional, it can be disabled with UseVivaldiWorkaround=n
- fixed registry issue with snapshots #1782
- fixed issue with box grouping #1778 #1777 #1776
- fixed further issues with box grouping #1698 #1697
- fixed issues with snapshot UI #1696 #1695
- fixed issue with recovery dialog focus #1374
- added minor browsers to the BlockSoftwareUpdaters template (by APMichael) #1784
- failed memory read attempts to unboxed processes will no longer cause message 2111 by default
- Note: the message can still be enabled in the settings with "NotifyProcessAccessDenied=y"
- reordered the BlockSoftwareUpdaters template (by APMichael) #1785
- fixed pipe impersonation in compartment mode
- fixed issue with box clean-up introduced in a recent build
- fixed missing trace log clean-up command #1773
- fixed inability to unpin programs that have been pinned to the run menu #1694
- added checkbox for easy read access to memory of unsandboxed processes (old Sbie behaviour, not recommended)
- improved OpenProcess/OpenThread logging
- fixed crash issue with the new monitor mode
- fixed issue with resource access entry parsing
- FIXED SECURITY ISSUE ID-20: memory of unsandboxed processes can no longer be read, exceptions are possible
- you can use ReadIpcPath=$:program.exe to allow read access to unsandboxed processes or processes in other boxes
- added "Monitor Mode" to the resource access trace, similar to the old monitor view of SbieCtrl.exe
- EnableObjectFiltering is now set enabled by default, and replaces Sbie's old process/thread handle filter
- the
$:
syntax now accepts a wildcard$:*
no more specialized wildcards though
- fixed NtGetNextProcess being fully disabled instead of properly filtered
- fixed reworked image name resolution when creating new processes in a sandbox
- fixed regression with HideOtherBoxes=y #1743 #1666
- fixed memory corruption introduced in the last build causing Chrome to crash sometimes
- FIXED SECURITY ISSUE ID-18: NtCreateSymbolicLinkObject was not filtered (thanks Diversenok)
- added notification to warn that the default update checker is lagging behind the newest release on GitHub, to ensure that only bug-free builds are offered as updates #1682
- added main browsers to BlockSoftwareUpdaters template (by Dyras) #1630
- added a warning when Sandboxie-Plus.ini is not writeable #1681
- added clean-up for critical sections (by chunyou128) #1686
- improved command line handling for breakout processes #1655
- disabled SBIE2193 notification (by isaak654) #1690
- improved error message 6004 #1719
- fixed dark mode issue with the new tray list
- fixed not showing a warning when Sandboxie-Plus.ini is not writeable #1681
- fixed issue with software compatibility checkbox (thanks MitchCapper) #1678
- fixed issue with events on box closure not always being executed #1658
- fixed memory leaks in key_merge.c
- fixed issue enumerating registry keys in privacy mode
- fixed settings issue introduced in 1.0.13 #1684
- fixed crash issue when parsing firewall port options
- FIXED SECURITY ISSUE ID-19: in certain cases a sandboxed process could obtain a handle on an unsandboxed thread with write privileges #1714
- FIXED SECURITY ISSUE ID-17: Hard link creation was not properly filtered (thanks Diversenok)
- fixed issue with checking the certificate entry.
- added mini dump creation to SandMan.exe in case it crashes
- disabled Chrome and Firefox phishing entries in new sandboxes (by isaak654) #1616
- updated Mozilla paths for the BlockSoftwareUpdaters template (by isaak654) #1623
- renamed "Pause Forced Programs Rules" command to "Pause Forcing Programs" (Plus only)
- reworked tray icon generation now using overlays, added busy overlay
- fixed issue with accessing network drives in privacy mode #1617
- fixed issue with ping in compartment mode #1608
- fixed SandMan UI freezing when a lot of processes are created and closed in a box #1607
- fixed Editing existing 'Run Menu' Command Line entry not being recognized #1648
- fixed blue screen issue in driver (thanks Diversenok)
- fixed incompatibility with Windows 11 Insider Build 22563.1 #1654
- added optional tray notification when box content gets auto-deleted
- added FreeDownloadManager template
- added warning when opening unsandboxed regedit #1606
- added languages files that were missing in official Qt 5.15.2 (by DevSplash) #1605
- the asynchronous box operations introduced in the last build are now disabled by default
- moved sys tray options from general to shell integration tab
- removed "AlwaysUseWin32kHooks", now these Win32 hooks are always enabled
- Note: you can use "UseWin32kHooks=program.exe,n" to disable them for selected programs
- updated Listary template to v6 (by isaak654) #1610
- fixed compatibility issue with SECUROM #1597
- fixed modality issue #1615
- fixed special form of OpenWinClass in Templates.ini d6d9588
- added option to show only boxes in tray with running processes #1186
- additional option shows only pinned boxes, in box options a box can be set to be always shown in tray list (Pinned)
- added Options menu command to reset the GUI #1589
- added "Run Un-Sandboxed" context menu option
- added new trigger "OnBoxDelete" that allows to specify a command that is run UNBOXED just before the box content gets deleted
- Note: this can be used as a replacement to "DeleteCommand" #591
- selected box operations (deletion) no longer show the progress dialog #1061
- if a box with a running operation shows a blinking hour glass icon, the context menu can be used to cancel the operation
- "HideHostProcess=program.exe" can now be used to hide Sandboxie services #1336
- updater blocking is now done using a template called BlockSoftwareUpdaters
- enhanced "StartProgram=..." makes "StartCommand=..." obsolete
- for same functionality as "StartCommand=...", use "StartProgram=%SbieHome%\Start.exe ..."
- merged "Auto Start" General tab with the "Auto Exec" Advanced tab into a universal "Triggers" Advanced tab
- fixed a couple issues with the new breakout process feature and improved security (thanks Diversenok)
- fixed issues with re-opening windows already open #1584
- fixed issue with desktop access #1588
- fixed issue about command line invocation handling #1133
- fixed UI issue with main window state when switching always on top attribute #1169
- fixed issue with box context menu in tray list 1106
- fixed issue with "AutoExec=..."
- fixed issues where cancelling box deletion operations didn't work #1061
- fixed issue with DPI scaling and colour picker dialog #803
- removed "UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y" used for Free Download Manager as it broke other things
- only if you use Free Download Manager together with the setting "RpcMgmtSetComTimeout=n" in a sandbox, you have to add the line manually to your Sandboxie.ini
- SandMan now causes all boxed processes to update their path settings in real time when access options were modified
- added new maintenance menu option "Uninstall All" to quickly remove all components when running in portable mode
- added version number to the title bar of Sandboxie Classic
- added option to return not to a snapshot but to an empty box state while keeping all snapshots
- Sandboxie-Plus.ini can now be placed in C:\ProgramData\Sandboxie-Plus\ folder and takes precedence (for business use)
- added support for AF_UNIX on Windows to resolve issues with OpenJDK17 and later #1009 #1520 #1521
- reworked breakout mechanism to be service based and not allowing the parent process to access the broken out child process
- enabled creation of directory junctions for sandboxed processes #1375
- restored back "AutoRecover=y" on box creation #1554
- improved snapshot support #1220
- renamed "Disable Forced Programs" command to "Pause Forced Programs Rules" (Plus only)
- fixed BreakoutProcess not working with "EnableObjectFiltering=y"
- FIXED SECURITY ISSUE ID-16: when starting COMSRV unboxed, the returned process handle had full access
- fixed issue with progress dialog #1562
- fixed issue with handling directory junctions in Sandboxie #1396
- fixed a handle leak in File_NtCloseImpl
- fixed border issues on maximized windows introduced in the last build #1561
- fixed a couple of index overruns (thanks 7eRoM) #1571
- fixed issues with sysnative directory #1403
- fixed issue with starting SandMan when running sandboxed from context menu #1579
- fixed dark mode flash issue with main window creation #1231
- fixed issues with snapshot error handling #350
- fixed issues with the always on top option (Plus only)
- added Portuguese of Portugal on Plus UI (by JNylson, isaak654, mpheath) #1497
- added "BreakoutProcess=program.exe", with this option selected applications can be started unboxed from within a box #1500
- the program image must be located outside the sandbox for this to work
- if another sandbox has "ForceProcess=program.exe" configured, it will capture the process
- use case: set up a box with a Web browser forced, when another box opens a website, this will happen in the dedicated browser box
- Note: "BreakoutFolder=some\path" is also available
- added silent uninstall switch
/remove /S
for Classic installer (by sredna) #1532
- The filename "sandman_pt" was changed to "sandman_pt_BR" (Brazilian Portuguese) #1497
- The filename "sandman_ua" was changed to "sandman_uk" (Ukrainian) #1527
- Note: translators are encouraged to follow the Localization notes and tips before creating a new pull request
- updated Firefox update blocker (discovered by isaak654) #1545
- fixed issue with opening all file access OpenFilePath=* #971
- fixed issue with opening network shares #1529
- fixed possible upgrade issue with Classic installer (by isaak654) 130c43a
- fixed minor issues with Classic installer (by sredna) #1533
- fixed issue with Ldr_FixImagePath_2 #1507
- when using "Run Sandboxed" with SandMan UI and the UI is off, it will stay off.
- fixed issue with Util_GetProcessPidByName that should resolve the driver sometimes failing to start at boot #1451
- SandMan will now run in background like SbieCtrl when starting a boxed process post506
- fixed taskbar not showing with persistent box border in full screen post474
- fixed box border not spanning across multiple monitors #1512
- fixed issues with border when using DPI scaling #1506
- fixed DPI issues with Qt #1368
- fixed issue with bright flashing on window creation when in dark mode #1231
- fixed issues with the PortableRootDir setting #1509
- fixed issue with the settings window crashing when the driver was not connected
- fixed DPI issues with Finder Tool #912
- fixed another issue with reused process IDs #1547
- fixed issue introduced in 1.0.6 related to SeAccessCheckByType #1548
- added experimental option "CreateToken=y" to create a new token instead of repurposing an existing one
- added option "DisableRTBlacklist=y" allowing to disable the hardcoded runtime class blacklist
- added new template "DeviceSecurity" to lock down access to device drivers on the system
- Note: this template requires RuleSpecificity being available to work properly
- added option to set a custom ini editor in the Plus UI #1475
- added option "LingerLeniency=n" to solve issue #997
- reworked syscall invocation code in the driver
- Win32k hooking is now compatible with HVCI #1483
- fixed memory leak in driver (conf_user.c)
- fixed issue with file renaming in open paths introduced in 1.0.6
- fixed issue causing Chromium browsers not closing properly #1496
- fixed issue with start.exe #1517 #1516
- fixed SandMan issue with reused process IDs
- fixed KmdUtil sometimes not properly terminating the driver #1493
- removed OpenToken as it is only a shorthand for UnrestrictedToken=y and UnfilteredToken=y set together
- replaced "Open with" with a Sandboxie dialog to work on Windows 10 #1138
- added ability to run Win32 store apps in app compartment mode (requires COM to be open in Windows 11)
- Note: this does not mean UWP store apps, just regular Win32 apps packaged to be deployed via the store
- added new debug options "UnstrippedToken=y" and "KeepUserGroup=y"
- added double-click to recover files and folders in recovery window #1466
- added Ukrainian language on Plus UI (by SuperMaxusa) #1488
- "UseSbieWndStation=y" is now the default behaviour #1442
- disabled Win32k hooking when HVCI is enabled due to an incompatibility (BSOD) #1483
- fixed box initialization issue in Privacy mode #1469
- fixed issue with shortcuts creation introduced in a recent build #1471
- fixed various issues in Privacy Enhanced boxes and rule specificity
- fixed issue with SeAccessCheckByType and alike
- fixed issues with Win32k hooking on 32-bit Windows #1479
- removed obsolete SkyNet rootkit detection from 32-bit build
- sandbox top level exception handler to create crash dumps
- it can be enabled per process or globally using "EnableMiniDump=process.exe,y" or "EnableMiniDump=y" respectively
- the dump flags can be set as hex with "MiniDumpFlags=0xAABBCCDD"
- a preselected flag set for a verbose dump can be set with "MiniDumpFlags=Extended"
- Note: dump files created with the EnableMiniDump option are located at:
C:\Sandbox\%USER%\%SANDBOX%
- added template support for Osiris and Slimjet browsers (by Dyras) #1454
- improved SbieDll initialization
- doubled size of Name_Buffer_Depth #1342
- improved text filter in the templates view #1456
- fixed issue with forced process display #1447
- fixed crash issue with GetClassName #1448
- fixed minor UI issue #1382
- fixed UI language preset issue #1348
- fixed grouping issues in SandMan UI #1358
- fixed issue with EnableWin32kHooks #1458
- fixed regression when launching Office apps #1468
- mechanism to hook Win32 system calls now also works for 32-bit applications running under WoW64
- added customization to Win32k hooking mechanism, as by default only GdiDdDDI* hooks are installed
- You can force the installation of other hooks by specifying them with "EnableWin32Hook=..."
- or disable the installation of the default hooks with "DisableWin32Hook=..."
- Please note that some Win32k hooks may cause BSODs or undefined behaviour. (!)
- The most obviously problematic Win32k hooks are blacklisted, this can be bypassed with "IgnoreWin32HookBlacklist=y"
- added debug option "AdjustBoxedSystem=n" to disable the adjustment of service ACLs running with a system token
- added "NoUACProxy=y" option together with the accompanying template, in order to disable UAC proxy
- Note: boxes configured in compartment mode activate this template by default
- added UI option to change default RpcMgmtSetComTimeout preset
- added Plus installer option to start the default browser under Sandboxie through a desktop shortcut
- added more entries to the Plus installer (current translations on Languages.iss file need to be updated)
- "EnableWin32kHooks=y" is now enabled by default, as no issues were reported in 1.0.3
- Note: currently only the GdiDdDDI* hooks are applied, required for Chromium HW acceleration
- cleaned up low-level hooking code
- "RunRpcssAsSystem=y" is now auto applied for boxes in app compartment mode when "RunServicesAsSystem=y" or "MsiInstallerExemptions=y" are present
- fixed RPC handling in case a requested open service is not running #1443
- fixed a hooking issue with NdrClientCall2 in 32-bit applications
- fixed issue with start directory to run sandboxed when using SandMan #1436
- fixed issue with recovering from network share locations #1435
- added mechanism to hook Win32k system calls on Windows 10 and later, this should resolve the issue with Chromium HW acceleration
- Note: this mechanism does not, yet, work for 32-bit applications running under WoW64
- to enable it, add "EnableWin32kHooks=y" to the global ini section, this feature is highly experimental (!)
- the hooks will be automatically applied to Chromium GPU processes
- to force Win32k hooks for all processes in a selected box, add "AlwaysUseWin32kHooks=program.exe,y" #1261 #1395
- fixed bug in GetVersionExW making "OverrideOsBuild=..." not working #605 #1426
- fixed issue with some UTF-8 characters when used in the ini file
- fixed isolation issue with Virtual Network Editor #1102
- fixed recovery window not refreshing count on reload #1402
- fixed printing issue introduced in 1.0.0 #1397
- fixed issues with CreateProcess function #1408
- added checkboxes to most major box options lists
- added SumatraPDF templates (by Dyras) #1391
- rolled back change to "OpenClsid=..." handling
- made all major lists in the box options editable
- fixed issue with read only paths introduced in 1.0.0
- fixed BSOD issue introduced in the 1.0.0 build #1389
- fixed multiple BITS notifications while running sandboxed Chromium browsers (by isaak654) ca320ec #1081
- fixed executables selection for "Run Menu" entries (by isaak654) #1379
- fixed SetCursorPos and ClipCursor ignoring DPI awareness (by alvinhochun) #1394
-
added Privacy enhanced mode, sandboxes with "UsePrivacyMode=y" will not allow read access to locations containing user data
- all locations except generic Windows system paths will need to be opened explicitly for read and/or write access
- using "NormalFilePath=...", "NormalKeyPath=...", "NormalIpcPath=..." allows to open locations to be readable and sandboxed
-
added new app compartment mode of operation, it is enabled by adding "NoSecurityIsolation=y" to the box config
- in this mode, security is traded in for compatibility, it should not be used for untrusted applications
- Note: in this mode, file and registry filtering are still in place, hence processes run without administrative privileges
- it is reasonably safe, all filtering can be disabled with "NoSecurityFiltering=y"
-
added experimental use of ObRegisterCallbacks to filter object creation and duplication
- this filtering is independent from the regular SbieDrv's syscall-based filtering, hence it also applies to app compartments
- with it enabled, an application running in a compartment will not be able to manipulate processes running outside the sandbox
- Note: this feature improves the security of non-isolated app compartment boxes
- to enable this feature, set "EnableObjectFiltering=y" in the global section and reload the driver
- when globally activated, the filtering can be disabled for individual boxes with "DisableObjectFilter=y"
-
added "DontOpenForBoxed=n", this option disables the discrimination of boxed processes for open file and open key directives
- this behaviour does not really improve security anyway, but may be annoying, also app compartments always disable this
-
added setting to entirely open access to the COM infrastructure
- reworked the resource access path matching mechanism to optionally apply more specific rules over less specific ones
- for example "OpenFilePath=C:\User\Me\AppData\Firefox takes precedence over "WriteFilePath=C:\User\Me"
- to enable this new behaviour, add "UseRuleSpecificity=y" to your Sandboxie.ini, this behaviour is always enabled in Privacy enhanced mode
- added "NormalFilePath=..." to restore default Sandboxie behaviour on a given path
- added "OpenConfPath=...", which similarly to "OpenPipePath=..." is a "OpenKeyPath=..." variant which applies to executables located in the sandbox
- removed option to copy a box during creation, instead the box context menu offers a duplication option
- reworked the box creation dialog to offer new box types
- fixed SBIE1401 notification during Sandboxie Plus uninstall (by mpheath) 68fa37d
- fixed memory leak in driver handling FLT_FILE_NAME_INFORMATION (by Therzok) #1371
- added checkbox if the user wants SandMan.exe to be started after installation #1318
- added template for Windows 10 virtual desktop manager #1326
- "OpenClsid=..." is no longer restricted to CLSCTX_LOCAL_SERVER execution contexts only
- this allows to run objects with the CLSCTX_INPROC_SERVER flag in the COM helper service
- in the trace view, now multiple types can be selected at once
- a few Plus UI entries were made translatable (by gexgd0419) #1320
- changed default "terminate all boxed processes" key to Shift+Pause (by isaak654) #1337
- fixed ini writing issue with SbieCtrl and the new ini handling mechanism #1331
- fixed issue with trace log filtering
- fixed space issue about German language on Plus installer (by mpheath) #1333
- restored Waterfox phishing template entries with a proper fix (by APMichael) #1334
- added explicit lines on Plus installer to delete empty shell registry keys at uninstall time (by mpheath) 3f661a8
- fixed template sections not showing in editor #1287
- fixed autodelete box content broken in the previous build #1296 #1324
- fixed crash in "Browse Content" window #1313
- fixed issue with icon resolution #1310
- fixed invalid "No Inet" status in the status column #1312
- fixed Windows Explorer search box not working (by isaak654) #1002
- fixed Waterfox phishing template (by Dyras) #1309
- fixed issue with Chinese translation files on Plus installer (by mpheath) #1317
- fixed autorun registry key path on Plus installer (by mpheath) abd2d44
- fixed memory corruption in SbieSvc.exe
- added ability to save trace log to file on Plus UI
- added French language on Plus UI (by clexanis) #1155
- network traffic trace is now properly logged to the driver log instead of to the kernel debug log
- Plus installer will autostart SandMan.exe after install to fix a taskbar icon issue #3040211
- Classic installer will show the license agreement when updating #1187
- fixed template sections not showing in editor #1287
- fixed issue with app ID resulting in some apps showing two button groups in the taskbar #1101
- fixed issue with maximum ini value length on Plus UI #1293
- fixed issue handling an empty Sandboxie.ini that got introduced recently #1292
- fixed issue with "SpecialImages" template (by Coverlin) #1288 #1289
- fixed issue with box emptying #1296
- fixed issues with some languages #1304
- fixed issue with mounted directories #1302
- added missing translation for Qt libraries #1305
- fixed issue with Windows compatibility assistant #1265
- fixed issue with specific process image settings #1307
- added debug switch to disable Sbie console redirection "NoSandboxieConsole=y"
- Note: this was previously part of "NoSandboxieDesktop=y"
- added Sbie+ version to the log #1277
- added uninstall clean-up of extra files for the Plus installer (by mpheath) #1235
- added set language for Sandman for the Plus installer (by mpheath) #1241
- added EventLog messages with SbieMsg.dll for the Plus installer (by mpheath)
- group expansion state is now saved
- added additional filters to the trace tab
- added a new section [DefaultTemplates] in Templates.ini which contains mandatory templates that are always applied 0c9ecb0
- reworked and extended RPC logging
- reintroduced the "UseRpcMgmtSetComTimeout=some.dll,n" setting to be used when no "RpcPortBinding" entry is specified
- this allows to enable/disable out of box RPC binding independently from the timeout setting
- the "BoxNameTitle" value can now be set explicitly on a per image name basis #1190
- fixed inability to delete read-only files from the sandboxed explorer #1237
- fixed wrong recovery target in Plus UI #1274
- fixed SBIE2101 issue introduced with 0.9.7a #1279
- fixed sorting in the box picker window #1269
- fixed tray refresh issue #1250
- fixed tray activity display #1221
- fixed recovery window not displaying in taskbar #1195
- fixed dark theme preset not updating in real time #1270
- fixed Microsoft Edge complaining about "FakeAdminRights=y" #1271
- fixed issue with using local template in the global section #1212
- fixed issue with git.exe from MinGW freezing #1238
- fixed issue with search highlighting in dark mode
- removed the ability to sort the trace log as it took too much CPU
- reworked the settings handling once again, now the driver maintains the order when enumerating, but for good performance there is a Hash Map held in parallel for quick exact lookups
- fixed yet another ini issue with the SbieCtrl
- fixed yet another handling bug with SbieApi_EnumBoxesEx
- fixed issue about loading a non-Unicode Sandboxie.ini that was introduced in the previous build
- added forced process indicator to process status column #1174
- added "SbieTrace=y" option to trace the interaction between Sandboxie processes and Sandboxie core components
- when initializing an empty sandbox, MSI debug keys are set to generate the debug output of MSI installer service
- added "DisableComProxy=y" allowing to disable COM proxying through the service
- added "ProcessLimit=..." which allows limiting the maximum number of processes in a sandbox #1230
- added missing IPC logging
- reworked SbieSvc ini server to allow settings caching and greatly improve performance
- Now comments in the Sandboxie.ini are being preserved as well as the order of all entries
- enabled configuration section list replacement with a hash map to improve configuration performance
- improved progress and status messages for the Plus installer (by mpheath) #1168
- reworked RpcSs start mechanics, sandboxed RpcSs and DcomLaunch can now be run as system, use "RunRpcssAsSystem=y"
- Note: this is generally not recommended for security reasons but may be needed for compatibility in some scenarios
- reworked WTSQueryUserToken handling to work properly in all scenarios
- reworked configuration value list to use a hash table for better performance
- fixed Plus upgrade install in Windows 7 (by mpheath) #1194
- fixed custom autoexec commands being executed on each box start instead of only during the initialization
- fixed a design issue limiting the maximum amount of processes per sandbox to 511
- fixed handle leaks in the lingering process monitor mechanism
- fixed issue with opening device paths like "\??\FltMgr"
- fixed build issue with an explicit FileDigestAlgorithm option for driver sign (by isaak654) #1210
- fixed issue with resource access log sometimes getting corrupted
- fixed issue with Microsoft Office Click-to-Run #428 #882
- removed support for Microsoft EMET (Enhanced Mitigation Experience Toolkit), as it was EOL in 2018
- removed support for Messenger Plus! Live, as MSN Messenger is EOL since 2013
- disabled Turkish language on Plus UI for inactivity (by isaak654) #1215
- added ability to rename groups #1152
- added ability to define a custom order for the sandboxes, they can be moved by using the move context menu, or holding Alt + Arrow Key
- added recovery to list to the recovery window: #988
- added finder to the recovery window
- updated the BlockPort rule inside Template_BlockPorts to the new NetworkAccess format (by isaak654) #1162
- default for immediate recovery behaviour is now to show the recovery window instead of using the notifications window #988
- the new run dialog now requires a double-click #1171
- reworked the recovery window
- fixed issue with create group menu #1151
- fixed issue that caused a box to lose its group association when renaming
- fixed issue with Thunderbird 91+ #1156
- fixed an issue with file disposition handling #1161
- fixed issue with Windows 11 22449.1000 #1164
- fixed SRWare Iron template (by Dyras) #1146
- fixed label positioning in Classic UI (by isaak654) #1088
- fixed an old issue that occurred when only an asterisk was set as path #971
- added option to run a sandbox in session 0
- Note: the processes then have a system token, hence it's recommended to enable "DropAdminRights=y"
- if the UI is run with admin privileges, it can terminate sandboxed processes in other sessions now
- added "StartSystemBox=" option to auto-run a box on Sbie start/system boot in session 0
- Note: box start is done by issuing Start.exe /box:[name] auto_run
- add Start.exe auto_run command to start all sandboxed auto-start locations
- add Start.exe /keep_alive command line switch which keeps a process running in the box until it gracefully terminates
- added "StartCommand=" which starts a complex command through Start.exe on box startup
- added menu option to start regedit and load the box's registry key
- added system tray option in the Plus UI to show Classic icon #963
- changed command prompt icon and string from "Terminal" to "Command Prompt" #1135
- reworked box menu layout
- fixed driver compatibility with Windows Server 2022 (build 20348) #1143
- fixed issue with creating shortcuts #1134
- added clear commands to log submenus #391
- added option to disable process termination prompt #514
- added "Options/InstantRecovery" setting to Sandboxie-Plus.ini to use the recovery window instead of the notification pop-up #988
- added ability to rename a non-empty sandbox #1100
- added ability to remove a non-empty sandbox
- added file browser window to SandMan UI to cover the file-view functionality of SbieCtrl #578
- generic errors in Sbie UI now show the status code as hex and provide a string description when available
- fixed "del" shortcut to terminate a process not always working
- fixed group display issue #1094
- fixed issue when using "Run Sandboxed" on a file that is already located in a sandbox #1099
Read the developer's notes about the new WFP functionality.
- ability to use the "run unsandboxed" option with Sandboxie links #614
- fixed "run outside sandbox" issue on Classic build #614
- fixed open template does not load the edit tab #1054
- fixed issue with "explore sandboxed" #972
- fixed start directory for sandboxed processes #1071
- fixed issue with language auto-detection #1018
- fixed issue with multiple files with the same name, by always showing the extension #1041
- fixed multiple program grouping issues with the SandMan UI #1054
- fixed "no disk" error #966
- fixed issue with 32-bit build using qMake, the -O2 option resulted in a crash in the QSbieAPI.dll #995
- fixed issue with UserSettings introduced in a recent build #1054
- added ability to reconfigure the driver, which allows enabling/disabling WFP and other features without a reload/reboot
- reorganised and improved the settings window
- improved the tray icon, the sand colour is more yellow now
- fixed issue with process start handling introduced in 5.51.0 #1063
- fixed issue with quick recovery introduced in 5.51.0
- fixed incompatibility with CET Hardware-enforced Stack Protection on Intel 11th gen and AMD Ryzen 5XXX CPUs #1067 #1012
- commented out all Windows XP-specific support code from the driver
- added tray icon indicating broken connection to the driver if it happens
- added option to customize the tray icon
- added "DllSkipHook=some.dll" option to disable installation of hooks into selected DLLs
- added localization support for Plus installer (by yfdyh000 and mpheath) #923
- reworked NtClose handling for better performance and extendibility
- improved tray box menu and list
- fixed issue with fake admin and some NSIS installers #1052
- fixed more issued with FileDispositionInformation behaviour, which resulted in bogus file deletion handling
- fixed issue with checking WFP status
- fixed issue WFP failing to initialize at boot
- fixed issue with tray sandbox options not being available just after boot
- fixed issue access changed flag not being properly set in box options #1065
- added support for Windows Filtering Platform (WFP) to be used instead of the device-based network blocking scheme
- to enable this support, add 'NetworkEnableWFP=y' to the global section and reboot or reload the driver
- to use WFP for a specific sandbox, add 'AllowNetworkAccess=n'
- you can allow certain processes by using 'AllowNetworkAccess=program.exe,y'
- you can also enable this policy globally by adding 'AllowNetworkAccess=n' to the global section
- in this case you can exempt entire sandboxes by adding 'AllowNetworkAccess=y' to specific boxes
- you can block certain processes by using 'AllowNetworkAccess=program.exe,n'
- Note: WFP is less absolute than the old approach, using WFP will filter only TCP/UDP communication
- restricted boxed processes will still be able to resolve domain names using the system service
- however, they will not be able to send or receive data packets directly
- the advantages of WFP is that filter rules can be implemented by restricting communication only to specified addresses or selected ports using "NetworkAccess=..."
- added fully functional rule-based packet filter in user mode for the case when "NetworkEnableWFP=y" is not set
- the mechanism replaces the old "BlockPort=..." functionality
- Note: this filter applies only to outgoing connections/traffic, for incoming traffic either the WFP mode or a third-party firewall is needed
- like the old user mode based mechanism, malicious applications can bypass it by unhooking certain functions
- hence it's recommended to use the kernel mode WFP-based mechanism when reliable isolation is required
- added new trace option "NetFwTrace=*" to trace the actions of the firewall components
- please note that the driver only trace logs the kernel debug output, use DbgView.exe to log
- API_QUERY_PROCESS_INFO can now be used to get the impersonation token of a sandboxed thread
- Note: this capability is used by TaskExplorer to allow inspecting sandbox-internal tokens
- Note: a process must have administrative privileges to be able to use this API
- added a UI option to switch "MsiInstallerExemptions=y" on and off
- just in case a future Windows build breaks something in the systemless mode
- added sample code for ObRegisterCallbacks to the driver
- added new debug options "DisableFileFilter=y" and "DisableKeyFilter=y" that allow to disable file and registry filtering
- Note: these options are for testing only and disable core parts of the sandbox isolation
- added a few command line options to SandMan.exe
- greatly improved the performance of the trace log, but it's no longer possible to log to both SandMan and SbieCtrl at the same time
- reworked process creation code to use PsSetCreateProcessNotifyRoutineEx and improved process termination
- added missing hook for ConnectEx function
Fixed issue with registering session leader
Fixed issue with Windows 7
- updated a few icons
- updated GitHub build action to use Qt 5.15.2
- improved the "full" tray icon to be more distinguishable from the "empty" one
- changed code integrity verification policies #1003
- code signature is no longer required to change config, to protect presets use the existing "EditAdminOnly=y"
- fixed issue with systemless MSI mode introduced in the last build
- fixed MSI installer not being able to create the action server mechanism on Windows 11
- fixed MSI installer not working in systemless mode on Windows 11
- fixed Inno Setup script not being able to remove shell integration keys during Sandboxie Plus uninstall (by mpheath) #1037
- MSIServer no longer requires being run as system; this completes the move to not use system tokens in a sandbox by default
- the security-enhanced option "MsiInstallerExemptions=n" is now the default behaviour
- fixed issue with the "explore sandboxed" command #972
- rolled back the switch from using NtQueryKey to NtQueryObject as it seems to break some older Windows 10 versions like 1803 #984
- this change was introduced to fix #951
- to use NtQueryObject the option "UseObjectNameForKeys=y" can be added to Sandboxie.ini
- fixed issue with boxes that had auto-delete activated introduced in the previous build #986
- added option to always auto-pick the DefaultBox #959
- when this option is enabled, the normal behaviour with a box selection dialog can be brought up by holding down CTRL
- added option to hide a sandbox from the "run in box" dialog
- useful to avoid listing insecure compatibility test boxes for example
- added box options to system tray #439 #272
- changed default "terminate all boxed processes" key from Ctrl+Pause to Ctrl+Alt+Pause #974
- Start.exe no longer links in unused MFC code, which reduced its file size from over 2.5 MB to below 250 KB
- updated the main SandMan and tray icon #963
- improved the box tree-style view
- added additional delay and retries to KmdUtil.exe to mitigate issues when unloading the driver #968
- fixed issue with SbieCtrl not being properly started after setup #969
- fixed issue with "explore sandboxed" shell option #972
- fixed issue when running SandMan elevated #932
- fixed new box selection dialog showing disabled boxes
- fixed issue updating box active status
- removed Online Armor support as this product is deprecated since 2016
- added LibreWolf template (by Dyras) #929
- fixed performance bug introduced in 0.8.5
- added global hotkey to terminate all sandboxed processes (default: Ctrl+Pause)
- the "Run Sandboxed" dialog can now be handled by the SandMan UI
- added "AllowBoxedJobs=y" allowing boxed processes to use nested jobs on Windows 8 and later
- Note: this allows Chrome and other programs to use the job system for additional isolation
- added Librewolf.exe to the list of Firefox derivatives #927
- added run regedit sandboxed menu command
- added new support settings tab to SandMan UI for updates and news
- added code integrity verification to Sbie service and UI
- added template for Vivaldi Notes (by isaak654) #948
- replaced the Process List used by the driver with a much faster Hash Map implementation
- Note: this change provides an almost static system call speed of 1.2µs regardless of the running process count
- The old list, with 100 programs running required 4.5µs; with 200: 12µs; and with 300: 18µs per syscall
- Note: some of the slowdown was also affecting non-sandboxed applications due to how the driver handles certain callbacks
- replaced the per-process Thread List used by the driver with a much faster Hash Map implementation
- replaced configuration section list with a hash map to improve configuration performance, and increased line limit to 100000
- not yet enabled in production build
- the presence of the default box is only checked on connect
- the portable directory dialog now shows the directory #924
- when terminated, boxed processes now try terminating the job object first
- the driver now can terminate problematic processes by default without the help of the service
- the box delete routine now retries up to 10 times, see #954
- replaced the Process List used by the service with a much faster Hash Map implementation
- replaced the per-process Thread List used by the service with a much faster Hash Map implementation
- fixed faulty initialization in SetServiceStatus (by flamencist) #921
- fixed buttons position in Classic UI settings (by isaak654) #914
- fixed missing password length check in the SandMan UI #925
- fixed issues opening job objects by name
- fixed missing permission check when reopening job object handles (thanks Diversenok)
- fixed issue with some Chromium 90+ hooks affecting the display of PDFs in derived browsers #930 #817
- fixed issues with reconnecting broken LPC ports used for communication with SbieSvc
- fixed minor setting issue #957
- fixed minor UI issue with resource access COM settings #958
- fixed an issue with NtQueryKey using NtQueryObject instead #951
- fixed crash in key.c when failing to resolve key paths
- added workaround for topmost modality issue #873
- the notification window is not only topmost for 5 seconds
- fixed an issue deleting directories introduced in 5.49.5
- fixed an issue when creating box copies
- removed switch for "BlockPassword=n" as it does not seem to be working #938
- it's recommended to use "OpenSamEndpoint=y" to allow password changes in Windows 10
- split anti-phishing rules per browser (by isaak654) #910
- properly fixed an issue with Driver Verifier and user handles #906
- fixed an issue with CreateWindow function introduced with 0.8.0
- fixed issue with outdated BoxDisplayOrder entries being retained #900
- fixed an issue with Driver Verifier and user handles
- fixed driver memory leak of FLT_FILE_NAME_INFORMATION objects
- fixed broken clipboard introduced in 5.50.0 #899
- fixed DcomLaunch issue on Windows 7 32-bit introduced in 5.50.0 #898
- Normally Sandboxie applies "Close...=!,..." directives to non-excluded images if they are located in a sandbox
- added 'AlwaysCloseForBoxed=n' to disable this behaviour as it may not be always desired, and it doesn't provide extra security
- added process image information to SandMan UI
- localized template categories in the Plus UI #727
- added "DisableResourceMonitor=y" to disable resource access monitor for selected boxes #886
- added option to show trace entries only for the selected sandbox #886
- added "UseVolumeSerialNumbers=y" that allows drive letters to be suffixed with the volume SN in the \drive\ sandbox location
- it helps to avoid files mixed together on multiple pendrives using the same letter
- Note: this option is not compatible with the recovery function of the Classic UI, only SandMan UI is fully compatible
- added "ForceRestart=PicoTorrent.exe" to the PicoTorrent template in order to fix a compatibility issue #720
- added localization support for RPC templates (by isaak654) #736
- portable clean-up message now has yes/no/cancel options #874
- consolidated Proc_CreateProcessInternalW and Proc_CreateProcessInternalW_RS5 to remove duplicate code
- the ElevateCreateProcess fix, as sometimes applied by the Program Compatibility Assistant, will no longer be emulated by default #858
- use 'ApplyElevateCreateProcessFix=y' or 'ApplyElevateCreateProcessFix=program.exe,y' to enable it
- trace log gets disabled only when it has no entries and the logging is stopped
- fixed APC issue with the new global hook emulation mechanism and WoW64 processes #780 #779
- fixed IPv6 issues with BlockPort options
- fixed an issue with CheatEngine when "OpenWinClass=*" was specified #786
- fixed memory corruption in SbieDrv #838
- fixed crash issue with process elevation on CreateProcess calls #858
- fixed process elevation when running in the built-in administrator account #3
- fixed template preview resetting unsaved entries in box options window #621
- clipboard access for a sandbox can now be disabled with "OpenClipboard=n" #794
- now the OpenBluetooth template is enabled by default for compatibility with Unity games #799
- "PreferExternalManifest=program.exe,y" can now be set on a per-process basis
- fixed compiler issues with the most recent VS2019 update
- fixed issue with Vivaldi browser #821
- fixed some issues with box options in the Plus UI #879
- fixed some issues with hardware acceleration in Chromium based browsers #795
- the "Stop All" command now issues "KmdUtil scandll" first to solve issues when the SbieDll.dll is in use
- workaround for Electron apps, by forcing an additional command line argument on the GPU renderer process #547 #310 #215
- fixed issue with Software Compatibility tab that doesn't always show template names correctly #774
- added option to disable file migration prompt in the Plus UI with PromptForFileMigration=n #643
- added UI options for various security isolation features
- added missing functionality to set template values in the Plus UI
- added templates for Popcorn-Time, Clementine Music Player, Strawberry Music Player, 32-bit MPC-HC (by Dyras) #726 #737
- align default settings of AutoRecover and Favourites to the Plus version (thanks isaak654) #747
- list of email clients and browsers is now centralized in Dll_GetImageType
- localstore.rdf reference in Templates.ini was replaced with xulstore.json (by isaak654) #751
- fixed minor issue with logging internet blocks
- fixed issue with file recovery when located on a network share #711
- fixed UI issue with CallTrace #769
- fixed sandbox shortcuts receiving double extension upon creation #770
- fixed misplaced labels in the Classic UI (thanks isaak654) #759
- fixed separator line in SbieCtrl (thanks isaak654) #761
- fixed broken paths in The Bat! template (by isaak654) #756
- fixed issue about media players that attempt to write unneeded media files inside the box (by Dyras) #743 #536
- added "UseSbieWndStation=y" to emulate CreateDesktop for selected processes, not only Firefox and Chrome #635
- added option to drop the console host process integrity, now you can use "DropConHostIntegrity=y" #678
- added option to easily add local templates
- added new torrent clients and media players templates (by Dyras) #719
- reworked window hooking mechanism to improve performance #697 #519 #662 #69 #109 #193
- resolves issues with file save dialogs taking 30+ seconds to open
- this fix greatly improves the Win32 GUI performance of sandboxed processes
- reworked RPC resolver to be ini-configurable
- the following options are now deprecated:
- "UseRpcMgmtSetComTimeout=some.dll,n", so use "RpcPortBinding=some.dll,*,TimeOut=y"
- "OpenUPnP=y", "OpenBluetooth=y", "OpenSmartCard=n", so use the new RPC templates instead
- See Templates.ini for usage examples
- the following options are now deprecated:
- fixed process-specific hooks being applied to all processes in a given sandbox
- fixed issue with messages and templates sometimes not being properly displayed in the SandMan UI
- fixed issue with compatibility settings not being applied properly
- fixed auto delete issue that got introduced with 0.7.1 #637
- fixed issue with NtSetInformationFile, FileDispositionInformation resulting in Opera installer failing
- fixed issue with MacType introduced in the 0.7.2 build #676
- fixed global sandboxed windows hooks not working when window rename option is disabled
- fixed issue with saving local templates
- fixed issue when using runas to start a process that was created outside of the Sandboxie supervision #688
- since the runas facility is not accessible by default, this did not constitute a security issue
- to enable runas functionality, add "OpenIpcPath=\RPC Control\SECLOGON" to your Sandboxie.ini
- please take note that doing so may open other yet unknown issues
- fixed a driver compatibility issue with Windows 10 32-bit Insider Preview Build 21337
- fixed issues with driver signature for Windows 7
- added option to alter reported Windows version "OverrideOsBuild=7601" for Windows 7 SP1 #605
- the trace log can now be structured like a tree with processes as root items and threads as branches
- SandboxieCrypto now always migrates the CatRoot2 files in order to prevent locking of real files
- greatly improved trace log performance
- MSI Server can now run with the "FakeAdminRights=y" and "DropAdminRights=y" options #600
- special service allowance for the MSI Server can be disabled with "MsiInstallerExemptions=n"
- changed SCM access check behaviour; non elevated users can now start services with a user token
- elevation is now only required to start services with a system token
- reworked the trace log mechanism to be more verbose
- reworked RPC mechanism to be more flexible
- fixed issues with some installers introduced in 5.48.0 #595
- fixed "add user to sandbox" in the Plus UI #597
- FIXED SECURITY ISSUE ID-15: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421)
- Classic UI no longer allows to create a sandbox with an invalid or reserved device name #649
- enhanced RpcMgmtSetComTimeout handling with "UseRpcMgmtSetComTimeout=some.dll,n"
- this option allows to specify if RpcMgmtSetComTimeout should be used or not for each individual dll
- this setting takes precedence over hard-coded and per-process presets
- "UseRpcMgmtSetComTimeout=some.dll" and "UseRpcMgmtSetComTimeout=some.dll,y" are equivalent
- added "FakeAdminRights=y" option that makes processes think they have admin permissions in a given box
- this option is recommended to be used in combination with "DropAdminRights=y" to improve security
- with "FakeAdminRights=y" and "DropAdminRights=y" installers should still work
- added RPC support for SSDP API (the Simple Service Discovery Protocol), you can enable it with "OpenUPnP=y"
- SbieCrypto no longer triggers message 1313
- changed enum process API; now more than 511 processes per box can be enumerated (no limit)
- reorganised box settings
- made COM tracing more verbose
- "RpcMgmtSetComTimeout=y" is now again the default behaviour, it seems to cause less issues overall
- fixed issues with webcam access when the DevCMApi filtering is in place
- fixed issue with free download manager for 'AppXDeploymentClient.dll', so RpcMgmtSetComTimeout=y will be used by default for this one #573
- fixed not all WinRM files were blocked by the driver, with "BlockWinRM=n" this file block can be disabled
- fixed Sandboxie Classic crash when saving any option in Sandbox Settings -> Appearance (by typpos) #586
- sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
- the trace log buffer can now be adjusted with "TraceBufferPages=2560"
- the value denotes the count of 4K large pages to be used; here for a total of 10 MB
- new functionality for the list finder
- improved RPC debugging
- improved IPC handling around RpcMgmtSetComTimeout; "RpcMgmtSetComTimeout=n" is now the default behaviour
- required exceptions have been hard-coded for specific calling DLLs
- the LogApi dll is now using Sbie's tracing facility to log events instead of its own pipe server
- FIXED SECURITY ISSUE ID-11: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
- this protection option can be disabled by using "AllowRawDiskRead=y"
- fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
- fixed issue with Resource Monitor sort by timestamp
- fixed invalid Opera bookmarks path (by isaak654) #542
- FIXED SECURITY ISSUE ID-12: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos) #549
- FIXED SECURITY ISSUE ID-13: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421) #553
- this allowed elevated processes to change passwords, delete users and alike; to disable filtering use "OpenSamEndpoint=y"
- FIXED SECURITY ISSUE ID-14: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421) #552
- this allowed elevated processes to change hardware configuration; to disable filtering use "OpenDevCMApi=y"
- added UI language auto-detection
- fixed Brave.exe now being properly recognized as Chrome-, not Firefox-based
- fixed issue introduced in 0.6.5 with recent Edge builds
- the 0.6.5 behaviour can be set on a per-process basis using "RpcMgmtSetComTimeout=POPPeeper.exe,n"
- fixed grouping issues #445
- fixed main window restore state from tray #288
- added detection for Waterfox.exe, Palemoon.exe and Basilisk.exe Firefox forks as well as Brave.exe #468
- added Bluetooth API support, IPC port can be opened with "OpenBluetooth=y" #319
- this should resolve issues with many Unity games hanging on startup for a long time
- added enhanced RPC/IPC interface tracing
- when DefaultBox is not found by the SandMan UI, it will be recreated
- "Disable Forced Programs" time is now saved and reloaded
- reduced SandMan CPU usage
- Sandboxie.ini and Templates.ini can now be UTF-8 encoded #461 #197
- this feature is experimental, files without a UTF-8 Signature should be recognized also
- "ByteOrderMark=yes" is obsolete, Sandboxie.ini is now always saved with a BOM/Signature
- legacy language files can now be UTF-8 encoded
- reworked file migration behaviour, removed hardcoded lists in favour of templates #441
- you can now use "CopyAlways=", "DontCopy=" and "CopyEmpty=" that support the same syntax as "OpenFilePath="
- "CopyBlockDenyWrite=program.exe,y" makes a write open call to a file that won't be copied fail instead of turning it read-only
- removed hardcoded SkipHook list in favour of templates
- fixed old memory pool leak in the Sbie driver #444
- fixed issue with item selection in the access restrictions UI
- fixed updater crash in SbieCtrl.exe #450
- fixed issues with RPC calls introduced in Sbie 5.33.1
- fixed recently broken 'terminate all' command
- fixed a couple minor UI issues with SandMan UI
- fixed IPC issue with Windows 7 and 8 resulting in process termination
- fixed "recover to" functionality
- added confirmation prompts to terminate all commands
- added window title to boxed process info #360
- added WinSpy based sandboxed window finder #351
- added option to view disabled boxes and double-click on box to enable it
- "Reset Columns" now resizes them to fit the content, and it can now be localized #426
- modal windows are now centered to the parent #417
- improved new box window #417
- fixed issues with window modality #409
- fixed issues when main window was set to be always on top #417
- fixed a driver issue with Windows 10 insider build 21286
- fixed issues with snapshot dialog #416
- fixed an issue when writing to a path that already exists in the snapshot but not outside #415
- added "SandboxService=..." to force selected services to be started in the sandbox
- added template clean-up functionality to Plus UI
- added internet prompt to now also allow internet access permanently
- added browse button for box root folder in the SandMan UI #382
- added explorer info message #352
- added option to keep the SandMan UI always on top
- allow drag and drop file onto SandMan.exe to run it sandboxed #355
- added start SandMan UI when a sandboxed application starts #367
- recovery window can now list all files
- added file counter to recovery window
- when "NoAddProcessToJob=y" is specified, Chrome and related browsers now can fully use the job system
- Note: "NoAddProcessToJob=y" reduces the box isolation, but the affected functions are mostly covered by UIPI anyway
- added optimized default column widths to Sbie view
- added template support for Yandex and Ungoogled Chromium browsers (by isaak654)
- updated templates with multiple browsers fixes (thanks isaak654)
- when trying to take a snapshot of an empty sandbox a proper error message is displayed #381
- new layout for the recovery window
- Sbie view sorting is now case insensitive
- fixed issue child window closing terminating application when main was hidden #349
- fixed issues with non modal windows #349
- fixed issues connecting to driver in portable mode
- fixed minor issues with snapshot window
- fixed missing error message when attempting to create an already existing sandbox #359
- fixed issue allowing to save setting when a sandbox was already deleted #359
- fixed issues with disabled items in dark mode #359
- fixed some dialogs not closing when pressing Esc #359
- fixed tab stops on many windows
- improved access tracing, removed redundant entries
- OpenIpcPath=\BaseNamedObjects[CoreUI]-* is now hardcoded in the driver no need for the template entry
- WindowsFontCache is now open by default
- refactored some IPC code in the driver
- FIXED SECURITY ISSUE ID-10: the registry isolation could be bypassed, present since Windows 10 Creators Update
- fixed creation time not always being properly updated in the SandMan UI
- added "CallTrace=*" to log all system calls to the access log
- improved IPC logging code
- improved MSG_2101 logging
- fixed more issues with IPC tracing
- fixed SBIE2101 issue with Chrome and derivatives
- added "RunServiceAsSystem=..." allows specific named services to be run as system
- refactored some code around SCM access
- fixed a crash issue in SbieSvc.exe introduced with the last build
- fixed issue with SandMan UI update check
- FIXED SECURITY ISSUE ID-9: a Sandboxed process could start sandboxed as system even with DropAdminRights in place
- removed "ProtectRpcSs=y" due to incompatibility with new isolation defaults
- FIXED SECURITY ISSUE ID-4: Sandboxie now strips particularly problematic privileges from sandboxed system tokens
- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok)
- old legacy behaviour can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended)
- added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n"
- those resources are open by default, but for a hardened box it is desired to close them
- FIXED SECURITY ISSUE ID-5: added print spooler filter to prevent printers from being set up outside the sandbox
- the filter can be disabled with "OpenPrintSpooler=y"
- added overwrite prompt when recovering an already existing file
- added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI
- added more compatibility templates (thanks isaak654) #294
- Changed Emulated SCM behaviour, boxed services are no longer by default started as boxed system
- use "RunServicesAsSystem=y" to enable the old legacy behaviour
- Note: sandboxed services with a system token are still sandboxed and restricted
- However not granting them a system token in the first place removes possible exploit vectors
- Note: this option is not compatible with "ProtectRpcSs=y" and takes precedence!
- reworked dynamic IPC port handling
- improved Resource Monitor status strings
- FIXED SECURITY ISSUE ID-6: processes could spawn processes outside the sandbox (thanks Diversenok)
- FIXED SECURITY ISSUE ID-7: bug in the dynamic IPC port handling allowed to bypass IPC isolation
- fixed issue with IPC tracing
- FIXED SECURITY ISSUE ID-8: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok)
- this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y"
- fixed hooking issues SBIE2303 with Chrome, Edge and possibly others #68 #166
- fixed failed check for running processes when performing snapshot operations
- fixed some box options checkboxes were not properly initialized
- fixed unavailable options are not properly disabled when SandMan is not connected to the driver
- fixed MSI installer issue, not being able to create "C:\Config.msi" folder on Windows 20H2 #219
- added missing localization to generic list commands
- fixed issue with "iconcache_*" when running sandboxed explorer
- fixed more issues with groups
- added settings for the portable boxed root folder option
- added process name to resource log
- added command line column to the process view in the SandMan UI
- fixed a few issues with group handling #262
- fixed issue with GetRawInputDeviceInfo when running a 32-bit program on a 64-bit system
- fixed issue when pressing apply in the "Resource Access" tab; the last edited value was not always applied
- fixed issue merging entries in Resource Access Monitor
- added prompt to choose if links in the SandMan UI should be opened in a sandboxed or unsandboxed browser #273
- added more recovery options
- added "ClosedClsid=" to block COM objects from being used when they cause compatibility issues
- added "ClsidTrace=*" option to trace COM usage
- added "ClosedRT=" option to block access to problematic Windows RT interfaces
- added option to make a link for any selected process to SandMan UI
- added option to reset all hidden messages
- added more process presets "force program" and "allow internet access"
- added "SpecialImage=chrome,some_electron_app.exe" option to Sandboxie.ini, valid image types "chrome", "firefox"
- with this option you can enable special hardcoded workarounds to new obscure forks of those browsers
- added German translation (thanks bastik-1001) to the SandMan UI
- added Russian translation (thanks lufog) to the SandMan UI
- added Portuguese translation (thanks JNylson ) to the SandMan UI
- changed docs and update URLs to the new sandboxie-plus.com domain
- greatly improved the setup script (thanks mpheath)
- "OpenClsid=" and "ClosedClsid=" now support specifying a program or group name
- by default, when started in portable mode, the sandbox folder will be located in the parent directory of the Sandboxie instance
- grouping menu not fully working in the new SandMan UI #277
- fixed not being able to set quick recovery in SandMan UI
- fixed resource leak when loading process icons in SandMan UI
- fixed issue with OpenToken debug options
- fixed Chrome crashing on websites that cause the invocation of "FindAppUriHandlersAsync" #198
- fixed issue connecting to the driver when starting in portable mode
- fixed missing template setup when creating new boxes
- removed obsolete "OpenDefaultClsid=n" use "ClosedClsid=" with the appropriate values instead
- removed suspend/resume menu entry, pooling that state wastes substantial CPU cycles; use task explorer for that functionality
- fixed translation support in the SandMan UI
- fixed sandboxed explorer issue #289
- fixed simplified Chinese localization
- added advanced new box creation dialog to SandMan UI
- added show/hide tray context menu entry
- added refresh button to file recovery dialog
- added mechanism to load icons from {install-dir}/Icons/{icon}.png for UI customization
- added tray indicator to show disabled forced program status in the SandMan UI
- added program name suggestions to box options in SandMan UI
- added saving of column sizes in the options window
- reorganised the advanced box options
- changed icons (thanks Valinwolf for picking the new ones) #235
- updated Templates.ini (thanks isaak654) #256 #258
- increased max value for disable forced process time in SandMan UI
- fixed BSOD introduced in 5.45.0 when using Windows 10 "core isolation" #221
- fixed minor issue with lingering/leader processes
- fixed menu issue in SandMan UI
- fixed issue with stop behaviour page in SandMan UI
- fixed issue with Plus installer not displaying KmdUtil window
- fixed SandMan UI saving UI settings on Windows shutdown
- fixed issue with Plus installer autorun #247
- fixed issue with legacy installer not removing all files
- fixed a driver compatibility issue with Windows 20H1 and later #228
- this solves "stop pending", LINE messenger hanging and other issues...
- fixed quick recovery issue in SbieCtrl.exe introduced in 5.45.0 #224
- fixed issue advanced hide process settings not saving
- fixed some typos in the UI (thanks isaak654) #252 #253 #254
- fixed issue with GetRawInputDeviceInfo failing when boxed processes are put in a job object #176 #233
- this fix resolves issues with CP2077 and other games not getting keyboard input (thanks Rostok)
- fixed failing ClipCursor won't longer span the message log
- fixed issue with adding recovery folders in SandMan UI
- fixed issue with Office 2019 template when using a non-default Sbie install location
- fixed issue setting last access attribute on sandboxed folders #218
- fixed issue with process start signal
- added simple view mode
- updated SandMan UI to use Qt 5.15.1
- fixed crash issue with progress dialog
- fixed progress dialog cancel button not working for update checker
- fixed issue around NtQueryDirectoryFile when deleting sandbox content
- fixed dark theme in the notification window
- fixed issue with disable force programs tray menu
- added new notification window
- added user interactive control mechanism when using the new SandMan UI
- when a file exceeds the copy limit instead of failing, the user is prompted if the file should be copied or not
- when internet access is blocked it now can be exempted in real time by the user
- added missing file recovery and auto/quick recovery functionality #188 #178
- added silent MSG_1399 boxed process start notification to keep track of short lived boxed processes
- added ability to prevent system wide process starts, Sandboxie can now instead of just alerting also block processed on the alert list
- set "StartRunAlertDenied=y" to enable process blocking
- the process start alert/block mechanism can now also handle folders use "AlertFolder=..."
- added ability to merge snapshots #151
- added icons to the sandbox context menu in the new UI
- added more advanced options to the sandbox options window
- added file migration progress indicator
- added more run commands and custom run commands per sandbox
- the box settings users can now specify programs to be available from the box run menu
- also processes can be pinned to that list from the presets menu
- added more Windows 10 specific template presets
- added ability to create desktop shortcuts to sandboxed items
- added icons to box option tabs
- added box grouping
- added new debug option "DebugTrace=y" to log debug output to the trace log
- added check for updates to the new SandMan UI
- added check for updates to the legacy SbieCtrl UI
- File migration limit can now be disabled by specifying "CopyLimitKb=-1" #526
- improved and refactored message logging mechanism, reducing memory usage by factor of 2
- terminated boxed processes are now kept listed for a couple of seconds
- reworked sandbox deletion mechanism of the new UI
- restructured sandbox options window
- SbieDLL.dll can now be compiled with an up to date ntdll.lib (Thanks to TechLord from Team-IRA for help)
- improved automated driver self repair
- fixed issues migrating files > 4GB
- fixed an issue that would allow a malicious application to bypass the internet blockade
- fixed issue when logging messages from a non-sandboxed process, added process_id parameter to API_LOG_MESSAGE_ARGS
- fixed issues with localization
- fixed issue using file recovery in legacy UI SbieCtrl.exe when "SeparateUserFolders=n" is set
- when a program is blocked from starting due to restrictions no redundant messages are issued any more
- fixed UI not properly displaying async errors
- fixed issues when a snapshot operation failed
- fixed some special cases of IpcPath and WinClass in the new UI
- fixed driver issues with WHQL passing compatibility testing
- fixed issues with Classic installer
- added "Terminate all processes" and "disable forced programs" commands to tray menu in SandMan UI
- program start restrictions settings now can be switched between a white list and a black list
- programs can be terminated and blacklisted from the context menu
- added additional process context menu options, lingering and leader process can be now set from menu
- added option to view template presets for any given box
- added text filter to templates view
- added new compatibility templates:
- added experimental debug option "OriginalToken=y" which lets sandboxed processes retain their original unrestricted token
- This option is comparable with "OpenToken=y" and is intended only for testing and debugging, as it breaks most security measures (!)
- added debug option "NoSandboxieDesktop=y" it disables the desktop proxy mechanism
- Note: without an unrestricted token with this option applications won't be able to start
- added debug option "NoSysCallHooks=y" it disables the sys call processing by the driver
- Note: without an unrestricted token with this option applications won't be able to start
- added ability to record verbose access traces to the Resource Monitor
- use ini options "FileTrace=", "PipeTrace=", "KeyTrace=", "IpcTrace=", "GuiTrace=*" to record all events
- replace "*" to log only: "A" - allowed, "D" - denied, or "I" - ignore events
- added ability to record debug output strings to the Resource Monitor
- use ini option DebugTrace=y to enable
- AppUserModelID string no longer contains Sandboxie version string
- now by default Sbie's application manifest hack is disabled, as it causes problems with version checking on Windows 10
- to enable old behaviour add "PreferExternalManifest=y" to the global or the box specific ini section
- the resource log mechanism can now handle multiple strings to reduce on string copy operations
- fixed issue with disabling some restriction settings failed
- fixed disabling of internet block from the presets menu sometimes failed
- the software compatibility list in the SandMan UI now shows the proper template names
- fixed use of freed memory in the driver
- replaced swprintf with snwprintf to prevent potential buffer overflow in SbieDll.dll
- fixed bad list performance with resource log and API log in SandMan UI
- added SbieLdr (experimental)
- moved code injection mechanism from SbieSvc to SbieDll
- moved function hooking mechanism from SbieDrv to SbieDll
- introduced a new driverless method to resolve wow64 ntdll base address
- removed support for Windows Vista x64
- added disable forced programs menu command to the SandMan UI
- fixed file rename bug introduced with an earlier Driver Verifier fix #174 #153
- fixed issue saving access lists
- fixed issue with program groups parsing in the SandMan UI
- fixed issue with internet access restriction options #177 #185
- fixed issue deleting sandbox when located on a drive directly #139
- added "explore box" content menu option
- fixed thread handle leak in SbieSvc and other components #144
- msedge.exe is now categorized as a Chromium derivate
- fixed Chrome 86+ compatibility bug with Chrome's own sandbox #149
- added core version compatibility check to SandMan UI
- added shell integration options to SbiePlus
- SbieCtrl no longer auto-shows the tutorial on first start
- when hooking to the trampoline, the migrated section of the original function is no longer noped out
- it caused issues with Unity games
- fixed colour issue with vertical tabs in dark mode
- fixed wrong path separators when adding new forced folders
- fixed directory listing bug introduced in 5.43
- fixed issues with settings window when not being connected to driver
- fixed issue when starting SandMan UI as admin
- fixed auto-content-delete not working with SandMan UI
- added a proper custom installer to the Plus release
- added sandbox snapshot functionality to Sbie core
- filesystem is saved incrementally, the snapshots built upon each other
- each snapshot gets a full copy of the box registry for now
- each snapshot can have multiple children snapshots
- added access status to Resource Monitor
- added setting to change border width #113
- added snapshot manager UI to SandMan
- added template to enable authentication with an Yubikey or comparable 2FA device
- added UI for program alert
- added software compatibility options to the UI
- SandMan UI now handles deletion of sandbox content on its own
- no longer adding redundant resource accesses as new events
- fixed issues when hooking functions from delay loaded libraries
- fixed issues when hooking an already hooked function
- fixed issues with the new box settings editor
- removes deprecated workaround in the hooking mechanism for an obsolete anti-malware product
- added settings window
- added translation support
- added dark theme
- added auto start option
- added sandbox options
- added debug option "NoAddProcessToJob=y"
- improved empty sandbox tray icon
- improved message parsing
- updated homepage links
- fixed ini issue with SandMan.exe when renaming sandboxes
- fixed ini auto reload bug introduced in the last build
- fixed issue when hooking delayed loaded libraries
- API_QUERY_PROCESS_INFO can be now used to get the original process token of sandboxed processes
- Note: this capability is used by TaskExplorer to allow inspecting sandbox internal tokens
- added option "KeepTokenIntegrity=y" to make the Sbie token keep its initial integrity level (debug option)
- Note: do not use Debug Options if you don't know their security implications (!)
- added process id to log messages very useful for debugging
- added finder to resource log
- added option "HideHostProcess=program.exe" to hide unsandboxed host processes
- Note: Sbie hides by default processes from other boxes, this behaviour can now be controlled with "HideOtherBoxes=n"
- Sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" however this breaks the sandboxed explorer and others
- Built-in Clsid whitelist can now be disabled with "OpenDefaultClsid=n"
- Processes can be now terminated with the del key, and require a confirmation
- added sandboxed window border display to SandMan.exe
- added notification for Sbie log messages
- added Sandbox Presets submenu to quickly change some settings
- Enable/Disable API logging; logapi_dlls are now distributed with SbiePlus
- Drop admin rights
- Block/Allow internet access
- Block/Allow access to files on the network
- added more info to the sandbox status column
- added path column to SbieModel
- added info tooltips in SbieView
- reworked ApiLog, added PID and PID filter
- auto config reload on change is now delayed by 500ms to prevent reloading multiple times on incremental changes
- Sandbox names now replace "_" with " " thus enabling names that consist of separate words
- added missing PreferExternalManifest initialization to portable mode
- FIXED SECURITY ISSUE ID-2: fixed permission issues with sandboxed system processes
- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option)
- FIXED SECURITY ISSUE ID-3: fixed missing SCM access check for sandboxed services (thanks Diversenok)
- Note: to disable the access check use "UnrestrictedSCM=y" (debug option)
- fixed missing initialization in service server that caused sandboxed programs to crash when querying service status
- fixed many bugs that caused the SbieDrv.sys to BSOD when running with Driver Verifier enabled #57
- 0xF6 in GetThreadTokenOwnerPid and File_Api_Rename
- missing non optional parameter for FltGetFileNameInformation in File_PreOperation
- 0xE3 in Key_StoreValue and Key_PreDataInject
- added option "SeparateUserFolders=n" to no longer have the user profile files stored separately in the sandbox
- added "SandboxieLogon=y" - it makes processes run under the SID of the "Sandboxie" user instead of the Anonymous user
- Note: the global option "AllowSandboxieLogon=y" must be enabled, the "Sandboxie" user account must be manually created first and the driver reloaded, else process start will fail
- improved debugging around process creation errors in the driver
- fixed some log messages going lost after driver reload
- found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5
- added different sandbox icons for different types
- Red LogAPI/BSA enabled
- more to come :D
- added progress window for async operations that take time
- added DPI awareness #56
- the driver file is now obfuscated to avoid false positives
- additional debug options to Sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y
- Note: using these options weakens the sandboxing, they are intended for debugging and may be used for better application virtualization later
- SbieDll.dll when processing InjectDll now looks in the SbieHome folder for the DLLs if the entered path starts with a backslash
- i.e. "InjectDll=\LogAPI\i386\logapi32v.dll" or "InjectDll64=\LogAPI\amd64\logapi64v.dll"
- IniWatcher did not work in portable mode
- service path fix broke other services, now properly fixed, maybe
- found workaround for the MSI installer issue
- IniWatcher, the .ini is now reloaded automatically every time it changes
- added Maintenance menu to the Sandbox menu, allowing to install/uninstall and start/stop Sandboxie driver, service
- SandMan.exe now is packed with Sbie files and when no Sbie is installed acts as a portable installation
- added option to clean-up logs
- Sbie driver now first checks the home path for the configuration file Sandboxie.ini before checking SystemRoot
- FIXED SECURITY ISSUE ID-1: sandboxed processes could obtain a write handle on non sandboxed processes (thanks Diversenok)
- this allowed to inject code in non sandboxed processes
- fixed issue boxed services not starting when the path contained a space
- NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes
- created a new Qt based UI names SandMan (Sandboxie Manager)
- Resource Monitor now shows the PID
- added basic API call log using updated BSA LogApiDll
- reworked Resource Monitor to work with multiple event consumers
- reworked log to work with multiple event consumers
- "Other" type for the Resource Access Monitor
- added call to StartService to the logged Resources
- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903