search

sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
13.69k stars 1.52k forks source link

Can't launch executables from volumes without a drive letter in a sandbox (regression) #3627

Closed benrg closed 7 months ago

benrg commented 7 months ago

Describe what you noticed and did

To reproduce:

  1. Unzip the attached VHD, which contains nothing but a single tiny executable file that displays a message box when it runs, or use your own VHD containing your own test executable.
  2. Mount the VHD read-only (I don't know whether that matters) on an NTFS folder using Disk Management or diskpart. Be sure it isn't also assigned a drive letter.
  3. Run SandMan. I tested this time in portable mode so I could switch versions more easily, but I don't think it matters.
  4. Right click the newly created DefaultBox and choose Run → Run Program, type the path to the test executable, and press Enter. Observe whether it works or not.
  5. Assign a drive letter to the VHD (don't remove the folder mount point).
  6. Repeat step 4 (still invoking the executable via the folder mount point, not the drive letter).

Result in 1.12.7 and later: "Access denied". In 1.12.5 it works.

How often did you encounter it so far?

No response

Expected behavior

The 1.12.5 behavior

Affected program

All, I think

Download link

N/A

Where is the program located?

The program is installed only outside the sandbox.

Did the program or any related process close unexpectedly?

No, not at all.

Crash dump

No response

What version of Sandboxie are you running now?

1.12.5 which works. I tested 1.12.7 and 1.12.9; both don't work.

Is it a new installation of Sandboxie?

I just updated Sandboxie from a previous version (I don't remember which one).

Is it a regression from previous versions?

Yes, verified by bisection

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

What is your Windows edition and version?

Windows 10 1803

In which Windows account you have this problem?

A local account (Administrator).

Please mention any installed security software

none

Did you previously enable some security policy settings outside Sandboxie?

No response

Trace log

No response

Sandboxie.ini configuration

No response

offhub commented 7 months ago

It should work if the volume is mounted to a folder. In my experiments with USB sticks and virtual hard disks, I did not encounter any problems.

What type of drive are you using? Is it a volume created by some kind of 3rd party encryption software? It would be better if you write down what you did step by step.

benrg commented 7 months ago

Here are more detailed reproduction steps.

  1. Unzip the attached VHD, which contains nothing but a single tiny executable file that displays a message box when it runs, or use your own VHD containing your own test executable.
  2. Mount the VHD read-only (I don't know whether that matters) on an NTFS folder using Disk Management or diskpart. Be sure it isn't also assigned a drive letter.
  3. Run SandMan. I tested this time in portable mode so I could switch versions more easily, but I don't think it matters.
  4. Right click the newly created DefaultBox and choose Run → Run Program, type the path to the test executable, and press Enter. Observe whether it works or not.
  5. Assign a drive letter to the VHD (don't remove the folder mount point).
  6. Repeat step 4 (still invoking the executable via the folder mount point, not the drive letter).

Result of step 4 in v1.12.5, and of step 6 in all versions: The executable runs. (This is the expected behavior.)

Result of step 4 in v1.12.6: An error message box with the caption "Sandboxie Start" saying:

Could not invoke program:

d:\mountpoint\test.exe

System Error Code:

The system cannot find the file specified.
 (2)

Result of step 4 in v1.12.7: An error message box with a different error code:

Could not invoke program:

d:\mountpoint\test.exe

System Error Code:

%1 is not a valid Win32 application.
 (193)

I previously said that the problem didn't occur in 1.12.6, but it does seem to exist in a different form.

It may be relevant that the machine I tested this on is running Windows 10 1803 64-bit. If you can't reproduce then I can try other OS versions.

testdisk.vhd.zip

offhub commented 7 months ago

I was able to reproduce the problem on Windows 10 Version 1803 (17134.1006).

SBIE/WIN WIN10-1803 WIN10-22H2 WIN11-23H2
1.2.5 OK OK OK
1.2.6 Access Denied OK OK
1.2.9 Access Denied OK OK
1.3.0 Access Denied OK OK
DavidXanatos commented 7 months ago

this is a mighty annoying bug and I assume it is also present on windows 7 I'm looking into a proper fix right now. There would be a easy fix but that would not solve the under laying issue.

DavidXanatos commented 7 months ago

fix for https://github.com/sandboxie-plus/Sandboxie/issues/3632 also fixes this issue