search

sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
12.89k stars 1.44k forks source link

1.14.1: Firefox 115.11.0esr (64-Bit) on Windows 7 freezes on start with BlockInterferenceControl enabled #3975

Closed bastik-1001 closed 2 weeks ago

bastik-1001 commented 4 weeks ago

Describe what you noticed and did

With Sandboxie Plus 1.14.0, the configuration worked, with Sandboxie Plus 1.14.1, the same configuration does no longer work the same way.

My Firefox has passwords stored that are protected with a master password. Upon launch, the browser asks for the password. With 1.14.0 the window of the prompt appears, with 1.14.1 the window of the prompt does not appear, when BlockInterferenceControl is set to yes. I am not sure if that triggers it, but I wanted to mention it.

1) Have Firefox installed 2) Have BlockInterferenceControl=y 3) With 1.14.1 the browser window does not react to any input and I have to kill the processes

How often did you encounter it so far?

Start Firefox with BlockInterferenceControl enabled

Expected behavior

Firefox not freezing.

Affected program

Firefox 115.11.0esr 64bit

Download link

Firefox 64 bit ESR

Where is the program located?

The program is installed only outside the sandbox.

Did the program or any related process close unexpectedly?

No, not at all.

Crash dump

No response

What version of Sandboxie are you running now?

1.14.1 64bit

Is it a new installation of Sandboxie?

I just updated Sandboxie from a previous version (I remember which one it is).

Is it a regression from previous versions?

Yes, 1.14.0 works, while 1.14.1 does not.

In which sandbox type you have this problem?

In a hardened sandbox with data protection (red sandbox icon).

Can you reproduce this problem on a new empty sandbox?

When I clear the sandbox, the problem does not go away.

What is your Windows edition and version?

Window 7 SP1 64bit

In which Windows account you have this problem?

A local account (Standard user).

Please mention any installed security software

MSE

Did you previously enable some security policy settings outside Sandboxie?

No response

Trace log

No response

Sandboxie.ini configuration

ConfigLevel=10
AutoRecover=y
Template=FileCopy
Template=SkipHook
Template=AutoRecoverIgnore
IgnoreTemplate=Firefox_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
Template=qWave
Template=Firefox_Bookmarks_DirectAccess
Template=Firefox_Cookies_DirectAccess
Template=Firefox_Passwords_DirectAccess
Template=Firefox_Session_DirectAccess
Template=Firefox_Force
Template=Firefox_Profile_DirectAccess
RecoverFolder=%Desktop%
RecoverFolder=%Favorites%
RecoverFolder=%Personal%
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
BorderColor=#0423ee,off,3
Enabled=y
NormalFilePath=C:\Users\[username]\AppData\Roaming\Mozilla\Firefox*
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedFilePath=C:\Windows\SysWOW64
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ProcessGroup=<InternetAccess>,tor.exe,ssa6mam.exe,SandboxieCrypto.exe,pingsender.exe,net.downloadhelper.coapp-win-64.exe,<FirefoxPrograms>,dllhost.exe,default-browser-agent.exe,crashreporter.exe
ProcessGroup=<ChromePrograms>,vivaldi.exe,opera.exe,neon.exe,msedge.exe,Maxthon.exe,iron.exe,dragon.exe,chrome.exe,brave.exe
ProcessGroup=<FirefoxPrograms>,waterfox.exe,palemoon.exe,firefox.exe
ProcessGroup=<StartRunAccess>,updater.exe,update.exe,tor.exe,SysTray.exe,ssa6msm.exe,ssa6mam.exe,prevhost.exe,plugin-container.exe,pingsender.exe,notepad.exe,net.downloadhelper.coapp-win-64.exe,minidump-analyzer.exe,LUMgr.exe,IDSAlert.exe,helper.exe,<FirefoxPrograms>,ffprobe.exe,ffmpeg.exe,dllhost.exe,default-browser-agent.exe,ctfmon.exe,crashreporter.exe,cmd.exe,CDASrv.exe
LingerProcess=CDASrv.exe
LingerProcess=ssa6mam.exe
ProcessLimit=200
PinToTray=y
BlockNetworkFiles=y
NotifyProcessAccessDenied=y
BreakoutProcess=PotPlayerMini64.exe
BoxIcon=C:\Program Files\Mozilla Firefox\firefox.exe,0
UseRuleSpecificity=y
NormalFilePath=C:\Users\[username]\Desktop
UsePrivacyMode=y
UseFileDeleteV2=y
UseRegDeleteV2=y
SysCallLockDown=y
ClosedIpcPath=!<StartRunAccess>,*
NormalFilePath=\Device\Null
UseSecurityMode=y
NeverRemove=y
DisableForceRules=n
CoverBoxedWindows=y
BlockInterferenceControl=n
BlockInterferePower=y
BlockScreenCapture=y
love-code-yeyixiao commented 4 weeks ago

In 1.14.1, the only change we made to this feature is that the sandboxed process can not override the taskbar itself, so we can try adding an option to disable this part of the feature, then test again.

bastik-1001 commented 4 weeks ago

If that affects lots of people, that seems to be worth it. Otherwise, it might be the case that certain things just break and can't be used with everything.

bastik-1001 commented 2 weeks ago

Confirmed to be fixed on my end.