search

ModOrganizer2 / modorganizer

Mod manager for various PC games. Discord Server: https://discord.gg/ewUVAqyrQX if you would like to be more involved
http://www.nexusmods.com/skyrimspecialedition/mods/6194
GNU General Public License v3.0
2.18k stars 163 forks source link

Make it work with Sandboxie #588

Open nedsociety opened 5 years ago

nedsociety commented 5 years ago

The problem

MO2 does not work with Sandboxie well. Running MO2 within Sandboxie and then trying to run a usvfs'd application from it will immediately crash the process on startup.

Using both at the same time is probably never required for strict modsets built upon well-known repositories such as Nexus, but still could prove to be useful with following justifications:

  1. Useful to have a security layer if one tries to build a modset from somewhat less reliable sources, or to use one built upon it.
  2. Provides a system-wide reliable versioning while setting up mods that is completely free of subtle side-effects where MO's virtualization does not care.

For that reason I'd love to see if running MO2 on top of Sandboxie could be supported.

Environment

Details

As I've said before, running an application within MO contained in SBIE would immediately crashes ANY application on their startup. I tried to look upon the source of the crash problem.

While I had some problem in getting online debugger running inside SBIE, the dump file still lingers within %LOCALAPPDATA%\CrashDumps (in SBIE filesystem) which provides enough information.

The reason seems that both usvfs and Sandboxie tries to hook the same Win32 proc addresses (in my environment the problematic one had always been CreateProcessInternalW()). While target process inits, SBIE surely takes a first hand to hook those API addresses, where usvfs' hooklib take a second chance like following:

  1. usvfs detects jmp rewrite hook done by Sandboxie. (DeterminePreamble())
  2. MO tries to chain-hook it into its own version. (HookChainHook())
  3. It tries to read the jmp target where SBIE installed for hooking API (HookLib::UDis86Wrapper::jumpTarget(), the reinterpret_cast read part)
  4. But since SBIE protects the page where its hook address lies (even for read access), so process segfaults.

So in this case, usvfs should NOT try to overwrite hooks over SBIE; instead, it should work on top of it.

Fortunately Sandboxie seems to provide APIs for that ("Hook a User-Mode Entrypoint"). Could it be incorporated into current hooklib mechanisms?

Al12rs commented 5 years ago

Currently there are no developers with particular expertise on uvsfs except for the original creator Tannin which is no longer working on it, but might in the future want to use it for Vortex. So if you are interested in improving it you would be very welcome.

For the development environment there is an Umbrella script that will set it up and build for you (a VS solution is generated) here: https://github.com/ModOrganizer2/modorganizer-umbrella If you are interested, here is the discord server where we coordinate and discuss: https://discord.gg/zQaaSTf . Feel free to drop there and ask us more questions.

I don't think any of the currently active developers would have the time/be able to implement your suggestion.