Open RisingYoung-Learn opened 1 year ago
Hello! I have read #2373 and I understand the registry isolation feature. Now the problem is after registry isolation, the path in RegHive file is wrong.
Wrong path:
HKEY_USERS\Sandbox_Administrator_DefaultBox\user\.DEFAULT\Software\ABC\Test1
HKEY_USERS\Sandbox_Administrator_DefaultBox\machine\software\ABC\Test2
Right path:
HKEY_USERS\Sandbox_Administrator_DefaultBox\user\current\Software\ABC\Test1
HKEY_USERS\Sandbox_Administrator_DefaultBox\machine\software\ABC\Test2
I suspect this is an error when the msi installs the app in the sandboxie.
Well HKEY_USERS\.DEFAULT
corresponds to \REGISTRY\USER\.DEFAULT
its a reg hive of its own and not related to HKEY_CURRENT_USER so putting .DEFAULT stuff to HKEY_USERS\Sandbox_Administrator_DefaultBox\user\current\
would be wrong as well.
Sandboxie maps the .DEFAULT path under its user path, as long as the mapping works its not relevant where the key physically resides.
Or am I missing some faulty edge case?
Sorry, I didn't express clearly.
Run TestService.msi outside Sandboxie (PS: not run in Sandboxie, run directly on the operating system), the registry path written is: HKEY_CURRENT_USER\Software\ABC\Test1 HKEY_LOCAL_MACHINE\Software\ABC\Test2
According to the Sandboxie registry isolation function, when running TestService.msi in Sandboxie, the registry path written should be: HKEY_USERS\Sandbox_Administrator_DefaultBox\user\current\Software\ABC\Test1 HKEY_USERS\Sandbox_Administrator_DefaultBox\machine\software\ABC\Test2
However, running TestService.msi in Sandboxie 1.8.2, the registry path actually written is: HKEY_USERS\Sandbox_Administrator_DefaultBox\user\.DEFAULT\Software\ABC\Test1 HKEY_USERS\Sandbox_Administrator_DefaultBox\machine\software\ABC\Test2
So, I don't think there should be a .DEFAULT item.
I see Will check this out, asap, this indeed does not look right on a first glace
Sorry for taking so long to check this out, when testing with 1.10.x and your msi file i get the result as expected HKEY_USERS\Sandbox_DefaultBox\user\current\Software\ABC\Test1 HKEY_USERS\Sandbox_DefaultBox\machine\software\ABC\Test2
could you please re test if the issue is still present.
Describe what you noticed and did
I made a TestService.msi installer (download address: https://github.com/RisingYoung-Learn/TestShare/blob/main/TestService.msi) writing items to registry with path as below:
(1) When I ran TestService.msi out of sandboxie, items were written in the registry as follow:
(2) Ran TestService.msi in the sandboxie, items were written in the registry is as follows:
According to the conversion rules, right items paths should be as follows:
Advanced Installer msi code: https://github.com/RisingYoung-Learn/TestShare/blob/main/TestService.aip
How often did you encounter it so far?
Appears every time you use.
Affected program
Not relevant
Download link
https://github.com/RisingYoung-Learn/TestShare/blob/main/TestService.msi
Where is the program located?
The program is installed only inside a sandbox (NOT in the real system anyway).
Expected behavior
According to the conversion rules, right items paths should be as follows:
What is your Windows edition and version?
Windows Server 2016 Standard [Version 1607 (OS Build 14393.5006)]
In which Windows account you have this problem?
A local or Microsoft account without special changes.
Please mention any installed security software
Windows Defender
What version of Sandboxie are you running?
Sandboxie plus 1.8.3 64
Is it a new installation of Sandboxie?
I recently did a new clean installation.
Is it a regression?
No response
In which sandbox type you have this problem?
In an Application Compartment sandbox with no isolation (green sandbox icon).
Can you reproduce this problem on a new empty sandbox?
I can confirm it also on a new empty sandbox.
Did you previously enable some security policy settings outside Sandboxie?
No response
Crash dump
No response
Trace log
No response
Sandboxie.ini configuration