sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
13.78k stars 1.54k forks source link

Can't install Delphi 7 #3617

Open hhmmjjnn opened 8 months ago

hhmmjjnn commented 8 months ago

Describe what you noticed and did

image

image

image

How often did you encounter it so far?

Everytime

Expected behavior

Should've been able to install it.

Affected program

Borland Delphi 7 Enterprise Edition

Download link

Proprietary

Where is the program located?

I tried to install it only inside a sandbox, but I wasn't able to achieve it.

Did the program or any related process close unexpectedly?

No, not at all.

Crash dump

No response

What version of Sandboxie are you running now?

Sandboxie-Plus 1.11.4

Is it a new installation of Sandboxie?

I have been using the same version for some time.

Is it a regression from previous versions?

It's the only one I ever tested with

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

What is your Windows edition and version?

Windows 11 (21H2/10.0.22000.2652)

In which Windows account you have this problem?

An account with UAC protection set to Always notify.

Please mention any installed security software

Windows default antimalware

Did you previously enable some security policy settings outside Sandboxie?

I don't have the security clearence for that.

Trace log

No response

Sandboxie.ini configuration

#
# Sandboxie configuration file
#

[GlobalSettings]
Template=7zipShellEx
Template=OfficeLicensing
Template=WindowsLive
Template=WindowsRasMan

[UserSettings_4B9A0571]
SbieCtrl_AutoStartAgent=SandMan.exe -autorun
BoxGrouping=:New_Box,DefaultBox,Delphi_7

[New_Box]
Enabled=y
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#02f6f6,on,2
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10
UseFileDeleteV2=y
UseRegDeleteV2=y
AutoRecover=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
BoxNameTitle=y
FakeAdminRights=n
DropAdminRights=n

[DefaultBox]
Enabled=y
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10

[Delphi_7]
Enabled=y
BlockNetworkFiles=n
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#02f6f6,ttl
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10
UseFileDeleteV2=y
UseRegDeleteV2=y
AutoRecover=y
DropAdminRights=y
FakeAdminRights=y
hhmmjjnn commented 8 months ago

I was intrigued by that weird absolute path C:\sist\ so I digged further and found this:

image

That's a BDE installation that comes bundled with a certain proprietary legacy software that I have installed outside of Sandboxie.

So I combed the registry and found the origin of weird absolute path:

image

Then I re-opened regedit inside the sandbox, and renamed HKEY_LOCAL_MACHINE\software\WOW6432Node\Borland to something else:

image

And it works!! 🥳🥳🥳

image

I did get a whole bunch of other error messages, but the installer would let me Ignore them.

image

I don't know if this issue still stands as a bug... Uh tell me

offhub commented 8 months ago

[!NOTE]
If you trust the installer, you can try the following settings.

SETTINGS

Remove this setting from [Delphi_7]:

DropAdminRights=y

Add this setting to [Delphi_7]:

MsiInstallerExemptions=y

After installation, you can revert to the old settings.

sbie3617dlph7

hhmmjjnn commented 7 months ago

@offhub

When you say "If you trust the installer" I'm not sure what to think of...

I'm 100% sure that it will not try to launch a malicious attack against my machine so that it joins some sort of North Korean botnet.

On the other hand, I'm much less confident that it wouldn't accidentally try to do something really dumb that messes up my delicate Jenga piling of legacy systems.

(Which is the reason I'm going for Sandboxie in the first place...)

That said, should I be worried about switching DropAdminRights and MsiInstallerExemptions? I don't have a clue about their inner workings...

DavidXanatos commented 7 months ago

@hhmmjjnn as long as you run it sandboxed in any sandbox even the green with admin rights, and don't open all COM access, any non purposfully maliciouse applciation will be fully containes. A green sandbox with admin rights is only unsafe with regard to processes which have been intentionally crafted to bypass the isolation.