search

sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
13.69k stars 1.52k forks source link

Lots of SBIE 2101 messsage when I running Overture 5 in Sandboxie #1603

Closed 0x391F closed 2 years ago

0x391F commented 2 years ago

What happened?

I running Overture 5 in Sandboxie, lots of SBIE 2101 messsage when I click the UI object has any changes (e.g when it start, open file).

To Reproduce

  1. Run Overture in Sandboxie
  2. Sandboxie-Plus pops up lots of SBIE 2101 messsage 1

Expected behavior

It shouldn't pops up lots of SBIE 2101 messsage

What is your Windows edition and version?

Windows 10 Enterprise LTSC 2021 x64 (21H2)

In which Windows account you have this problem?

User account with UAC protection set to Always notify.

Please mention any installed security software

ESET Internet Security 15.0.23.0

What version of Sandboxie are you running?

Sandboxie 5.55.10 x64 / Sandboxie-Plus v1.0.10 x64

Is it a regression?

No response

List of affected browsers

No response

In which sandbox type you have this problem?

In a Standard isolation sandbox (yellow sandbox icon).

Is the sandboxed program also installed outside the sandbox?

Yes, it is also installed outside the sandbox.

Can you reproduce this problem on an empty sandbox?

I can confirm it also on an empty sandbox.

Did you previously enable some security policy settings outside Sandboxie?

No response

Crash dump

No response

Trace log

No response

Sandboxie.ini configuration

No response

Sandboxie-Plus.ini configuration (for Plus interface issues)

No response

Dyras commented 2 years ago

I get this while running both Firefox and Brave in Sandboxie. I think it's a new bug for 1.0.10.

This is what I get in a brand new hardened sandbox: grafik

0x391F commented 2 years ago

I rollback to Sandboxie 5.55.9/Sandboxie-Plus 1.0.9, this bug doesn't reproduce.

DavidXanatos commented 2 years ago

does the issue reproduce with the Overture 5 demo version from their website? please do the following 3 tests: 1: a. stop sandboxie (using the stop all command) b. repalce the SbieDll.dll in the instalation folder and the 32 subfodler with the apropriate dll's from the previous build c. start sandboxie service and try the application

2: a. stop sandboxie (using the stop all command) b. repalce the sbiedrv.sys with the one from the previous build c. start sandboxie service and try the application

3: a. stop sandboxie (using the stop all command) b. repalce the SbieSvc.exe in the instalation folder and the 32 subfodler with the apropriate files from the previous build c. start sandboxie service and try the application

please let me know which of the 3 resolves teh issue for you.

Dyras commented 2 years ago

When I try copying SbieDll.dll into the Sandboxie-Plus folder, I get an error message saying it's used by another program.

How do I prevent this from happening?

Edit: I was using the wrong "stop all" command. Trying again now, hold on

When trying to use the old sbiedrv.sys I get this message: grafik

Dyras commented 2 years ago

Ok so I've tried all three tests now using Brave.

Number 1: Makes no difference at all. The error is still happening.

Number 2: Gives the above error about the driver not working

Number 3: Gives this error, but otherwise everything seems to work grafik

So I'd say number 3 is the one causing the issues here.

DavidXanatos commented 2 years ago

ah sorry i forgot something

when you replace SbieSvc.exe you also need to replace the SbieSvc.sig file

please re test and confirm that then everythign is back in order

Dyras commented 2 years ago

Replacing SbieSvc.exe along with SbieSvc.exe.sig seems to still cause the issue grafik Same issue if I replace Svc, Svc*sig and SbieDll.dll as well.

When I replace SbieDrv.sys after doing the above however, the message doesn't pop up. Instead brave.exe starts and then it disappears again.

Dyras commented 2 years ago

Ok so this is what I did trying to figure it out:

I replaced SbieSvc as you wrote about, including sig: Same issue

Reinstalls Sandboxie-Plus 10.10

Then I replaced SbieDll as you wrote above: Same issue

Reinstalls Sandboxie-Plus 10.10

Then I added Sbiedrv only: IT WORKS

No idea why it didn't work the first time. But the issue is definitely in SbieDrv.sys

DavidXanatos commented 2 years ago

do you have the HideOtherBoxes=y option in out sandboxie.ini?

DavidXanatos commented 2 years ago

I'm pretty sure its this will be fixed in the next build

Dyras commented 2 years ago

@DavidXanatos I sure do! And unclicking it seems to have fixed the issue. Fascinating.

0x391F commented 2 years ago

Sandboxie 5.55.11 / Sandboxie-Plus 1.0.11, this bug reproduce.

DavidXanatos commented 2 years ago

yes the fix is scheduled for 1.1.x as it contains some more fundamental changes see the next branch on the sources on github

0x391F commented 2 years ago

Not reproduce in Sandboxie 5.55.14/Sandboxie-Plus 1.0.14