-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[1.0.22] OpenClipboard=n does not block clipboard if the program is "Forced Running" #1919
Comments
While working on this, I think it is good to include issue #1367 |
The option never worked for me , maybe it wasn't supposed to |
I have investigated this issue and it seams when a process is started on windows 10 using force process, the process gets associated with a job object of windows, this prevents sandboxie from using its own job object to restrict the program, you can use ForceRestartAll=y to workaround this issue. |
So here is my analysis of the issue, it seams that on modern windows 10 the PcaSvc service when attaching a job to a process does that asynchronously such that we fail to notice this during process creation and this results in our own sandboxing job when being attached, being so only in a limited way, what breaks the clipboard isolation. |
I have fixed the PCA job detection it now re tests that after the process was started, |
What happened?
Title says, here are the scenarios that were tested.
❌ A program executed from
ForceFolder
can still access the clipboard.❌ A program executed via
ForceProcess
can still access the clipboard.✔ Manually running the program via context menu and selecting the sandbox with OpenClipboard=n set works properly, it cannot access the clipboard.
I will be using
DefaultBox (Hardened)
withOpenClipboard=n
andForceFolder=D:\Downloads
for testing.See the following images for the scenarios
[SCENARIO 1 - Forced Running]
Copy a random text.
Directly execute the program on the forced location "D:\Downloads"
Verify if the status if Forced Running
Paste the copied text from step 1.
[SCENARIO 2 - Running]
Copy a random text.
Execute the program via the Sandboxie Context Menu
Verify if the status if Running
Paste the copied text from step 1.
Download link
N/A
To Reproduce
No response
Expected behavior
Clipboard access must be blockd
What is your Windows edition and version?
Windows 10 Pro Education 21H2 x64 (19044.1706)
In which Windows account you have this problem?
A local or Microsoft account without special changes.
Please mention any installed security software
Symantec Endpoint Protection 14.3
What version of Sandboxie are you running?
1.0.22
Is it a regression?
No response
List of affected browsers
No response
In which sandbox type you have this problem?
Not relevant to my request.
Where is the program located?
Not relevant to my request.
Can you reproduce this problem on an empty sandbox?
Not relevant to my request.
Did you previously enable some security policy settings outside Sandboxie?
No response
Crash dump
No response
Trace log
No response
Sandboxie.ini configuration
No response
The text was updated successfully, but these errors were encountered: