diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8d146a66d3..1b38fe3c1a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,22 @@ This project adheres to [Semantic Versioning](http://semver.org/).
+
+## [0.5.4c / 5.46.2] - 2021-01-10
+
+### Added
+- added "CallTrace=*" to log all system calls to the access log
+
+### Changed
+- improved ipc logging code
+- improved MSG_2101 logging
+
+### Fixed
+- fixed more issues with ipc tracing
+- fixed SBIE2101 issue with crome and derivatives
+
+
+
## [0.5.4b / 5.46.1] - 2021-01-08
### Added
diff --git a/Sandboxie/apps/control/MonitorDialog.cpp b/Sandboxie/apps/control/MonitorDialog.cpp
index 17de32ca93..455708bedc 100644
--- a/Sandboxie/apps/control/MonitorDialog.cpp
+++ b/Sandboxie/apps/control/MonitorDialog.cpp
@@ -97,6 +97,7 @@ BOOL CMonitorDialog::OnInitDialog()
void CMonitorDialog::OnIdle()
{
static const WCHAR *_Unknown = L"(Unk) ";
+ static const WCHAR *_SysCall = L"SysCall ";
static const WCHAR *_Pipe = L"Pipe ";
static const WCHAR *_Ipc = L"Ipc ";
static const WCHAR *_WinClass = L"WinCls ";
@@ -146,7 +147,9 @@ void CMonitorDialog::OnIdle()
type &= 0x0FFF;
const WCHAR *PrefixPtr = _Unknown;
- if (type == MONITOR_PIPE)
+ if (type == MONITOR_SYSCALL)
+ PrefixPtr = _SysCall;
+ else if (type == MONITOR_PIPE)
PrefixPtr = _Pipe;
else if (type == MONITOR_IPC)
PrefixPtr = _Ipc;
diff --git a/Sandboxie/common/my_version.h b/Sandboxie/common/my_version.h
index 49a4899c09..382f6e55e2 100644
--- a/Sandboxie/common/my_version.h
+++ b/Sandboxie/common/my_version.h
@@ -21,8 +21,8 @@
#ifndef _MY_VERSION_H
#define _MY_VERSION_H
-#define MY_VERSION_BINARY 5,46,1
-#define MY_VERSION_STRING "5.46.1"
+#define MY_VERSION_BINARY 5,46,2
+#define MY_VERSION_STRING "5.46.2"
#define MY_VERSION_COMPAT "5.46.0" // this refers to the driver ABI compatibility
// These #defines are used by either Resource Compiler, or by NSIC installer
diff --git a/Sandboxie/core/dll/com.c b/Sandboxie/core/dll/com.c
index 2a13037296..3a84c0d636 100644
--- a/Sandboxie/core/dll/com.c
+++ b/Sandboxie/core/dll/com.c
@@ -3314,7 +3314,7 @@ _FX void Com_Trace(
return;
text = Com_Alloc(1024 * sizeof(WCHAR));
- ptr = text + Sbie_snwprintf(text, 1024, L"SBIE %s <%08X> ", TraceType, hr);
+ ptr = text + Sbie_snwprintf(text, 1024, L"COM %s <%08X> ", TraceType, hr);
if (rclsid) {
Com_Trace_Guid(ptr, rclsid, L"CLSID");
diff --git a/Sandboxie/core/dll/rpcrt.c b/Sandboxie/core/dll/rpcrt.c
index 2df57d3452..e96983bcda 100644
--- a/Sandboxie/core/dll/rpcrt.c
+++ b/Sandboxie/core/dll/rpcrt.c
@@ -269,6 +269,19 @@ WCHAR* GetDynamicLpcPortName(ENUM_DYNAMIC_PORT_TYPE portType)
rpl = (EPMAPPER_GET_PORT_NAME_RPL*)SbieDll_CallServer(&req.h);
+ WCHAR wsTraceOptions[4];
+ if (SbieApi_QueryConf(NULL, L"IpcTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions[0] != L'\0')
+ {
+ WCHAR text[130];
+
+ if (rpl && NT_SUCCESS(rpl->h.status))
+ Sbie_snwprintf(text, 130, L"Resolved dynamic port: %d; endpoint: %s", req.portType, rpl->wszPortName);
+ else
+ Sbie_snwprintf(text, 130, L"Failed to resolve dynamic port: %d; status: %08X", req.portType, rpl ? rpl->h.status : 0);
+
+ SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, text, FALSE);
+ }
+
if (rpl && NT_SUCCESS(rpl->h.status))
{
wcsncpy(g_Ipc_DynamicPortNames[portType], rpl->wszPortName, DYNAMIC_PORT_NAME_CHARS);
@@ -377,15 +390,16 @@ _FX ULONG RpcRt_RpcBindingFromStringBindingW(
status = __sys_RpcBindingFromStringBindingW(StringBinding, OutBinding);
// If there are any IpcTrace options set, then output this debug string
WCHAR wsTraceOptions[4];
- if (SbieApi_QueryConf(NULL, L"IpcTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions != L'\0')
+ if (SbieApi_QueryConf(NULL, L"IpcTrace", 0, wsTraceOptions, sizeof(wsTraceOptions)) == STATUS_SUCCESS && wsTraceOptions[0] != L'\0')
{
WCHAR msg[512];
- Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingFromStringBindingW StringBinding = '%s', BindingHandle = 0x%X, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
- StringBinding,
- OutBinding,
- status);
+
+ //Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingFromStringBindingW StringBinding = '%s', BindingHandle = 0x%X, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
+ Sbie_snwprintf(msg, 512, L"StringBinding = '%s', BindingHandle = 0x%X, status = 0x%08X",
+ StringBinding, OutBinding, status);
+
//OutputDebugString(msg);
- SbieApi_MonitorPut(MONITOR_IPC | MONITOR_TRACE, msg);
+ SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
}
__sys_RpcMgmtSetComTimeout(*OutBinding, RPC_C_BINDING_TIMEOUT);
return status;
@@ -442,14 +456,14 @@ _FX RPC_STATUS RpcRt_RpcBindingCreateW(
RPC_CSTR StringUuid;
__sys_UuidToStringW(&Template->ObjectUuid, &StringUuid);
- Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingCreateW Endpoint = '%s', UUID = %s, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
+ //Sbie_snwprintf(msg, 512, L"SBIE p=%06d t=%06d RpcBindingCreateW Endpoint = '%s', UUID = %s, status = 0x%X\n", GetCurrentProcessId(), GetCurrentThreadId(),
+ Sbie_snwprintf(msg, 512, L"Endpoint = '%s', UUID = %s, status = 0x%08X",
Template && Template->StringEndpoint ? Template->StringEndpoint : L"null",
- StringUuid,
- status);
+ StringUuid, status);
__sys_RpcStringFreeW(&StringUuid);
//OutputDebugString(msg);
- SbieApi_MonitorPut(MONITOR_IPC | MONITOR_TRACE, msg);
+ SbieApi_MonitorPut2(MONITOR_IPC | MONITOR_TRACE, msg, FALSE);
}
__sys_RpcMgmtSetComTimeout(*Binding, RPC_C_BINDING_TIMEOUT);
return status;
diff --git a/Sandboxie/core/drv/api_flags.h b/Sandboxie/core/drv/api_flags.h
index 5e4c56b424..df5601255c 100644
--- a/Sandboxie/core/drv/api_flags.h
+++ b/Sandboxie/core/drv/api_flags.h
@@ -41,7 +41,7 @@
#define DUPLICATE_INHERIT 0x00040000
#define DUPLICATE_INTO_OTHER 0x00080000 // otherwise DUP_FROM_OTHER
-
+#define MONITOR_SYSCALL 0x000B
#define MONITOR_PIPE 0x011B
#define MONITOR_IPC 0x022B
#define MONITOR_WINCLASS 0x033B
@@ -51,6 +51,12 @@
#define MONITOR_IMAGE 0x077B
#define MONITOR_FILE_OR_KEY 0x088B
#define MONITOR_OTHER 0x099B
+//#define MONITOR_ 0x0AAB
+//#define MONITOR_ 0x0BBB
+//#define MONITOR_ 0x0CCB
+//#define MONITOR_ 0x0DDB
+//#define MONITOR_ 0x0EEB
+//#define MONITOR_ 0x0FFB
#define MONITOR_OPEN 0x1000
#define MONITOR_DENY 0x2000
#define MONITOR_TRACE 0x8000
diff --git a/Sandboxie/core/drv/ipc.c b/Sandboxie/core/drv/ipc.c
index cc0e7086f7..6618088009 100644
--- a/Sandboxie/core/drv/ipc.c
+++ b/Sandboxie/core/drv/ipc.c
@@ -210,14 +210,13 @@ _FX BOOLEAN Ipc_Init(void)
return FALSE;
}
- // Note: those don't have a special treatment
- //if (Driver_OsVersion >= DRIVER_WINDOWS_10) {
- //
- // if(!Mem_GetLockResource(&Ipc_Dynamic_Ports[WPAD_PORT].pPortLock, TRUE)
- // || !Mem_GetLockResource(&Ipc_Dynamic_Ports[GAME_CONFIG_STORE_PORT].pPortLock, TRUE)
- // || !Mem_GetLockResource(&Ipc_Dynamic_Ports[SMART_CARD_PORT].pPortLock, TRUE)
- // ) return FALSE;
- //}
+ if (Driver_OsVersion >= DRIVER_WINDOWS_10) {
+
+ if(!Mem_GetLockResource(&Ipc_Dynamic_Ports[WPAD_PORT].pPortLock, TRUE)
+ || !Mem_GetLockResource(&Ipc_Dynamic_Ports[GAME_CONFIG_STORE_PORT].pPortLock, TRUE)
+ || !Mem_GetLockResource(&Ipc_Dynamic_Ports[SMART_CARD_PORT].pPortLock, TRUE)
+ ) return FALSE;
+ }
//
// finish
@@ -872,34 +871,34 @@ _FX NTSTATUS Ipc_CheckGenericObject(
status = STATUS_ACCESS_DENIED;
}
- // Note: since version 5.46 these are open only per process
- //else if (!is_open && !is_closed)
- //{
- // int i;
- // for (i = 0; i < NUM_DYNAMIC_PORTS; i++)
- // {
- // if (Ipc_Dynamic_Ports[i].pPortLock)
- // {
- // KeEnterCriticalRegion();
- // ExAcquireResourceSharedLite(Ipc_Dynamic_Ports[i].pPortLock, TRUE);
- //
- // if (*Ipc_Dynamic_Ports[i].wstrPortName
- // && (Name->Length >= 32 * sizeof(WCHAR))
- // && _wcsicmp(Name->Buffer, Ipc_Dynamic_Ports[i].wstrPortName) == 0)
- // {
- // // dynamic version of RPC ports, see also ipc_spl.c
- // // and RpcBindingFromStringBindingW in core/dll/rpcrt.c
- // is_open = TRUE;
- // }
- //
- // ExReleaseResourceLite(Ipc_Dynamic_Ports[i].pPortLock);
- // KeLeaveCriticalRegion();
- //
- // if (is_open)
- // break;
- // }
- // }
- //}
+
+ else if (!is_open && !is_closed)
+ {
+ int i;
+ for (i = 0; i < NUM_DYNAMIC_PORTS; i++)
+ {
+ if (Ipc_Dynamic_Ports[i].pPortLock)
+ {
+ KeEnterCriticalRegion();
+ ExAcquireResourceSharedLite(Ipc_Dynamic_Ports[i].pPortLock, TRUE);
+
+ if (*Ipc_Dynamic_Ports[i].wstrPortName
+ && (Name->Length >= 32 * sizeof(WCHAR))
+ && _wcsicmp(Name->Buffer, Ipc_Dynamic_Ports[i].wstrPortName) == 0)
+ {
+ // dynamic version of RPC ports, see also ipc_spl.c
+ // and RpcBindingFromStringBindingW in core/dll/rpcrt.c
+ is_open = TRUE;
+ }
+
+ ExReleaseResourceLite(Ipc_Dynamic_Ports[i].pPortLock);
+ KeLeaveCriticalRegion();
+
+ if (is_open)
+ break;
+ }
+ }
+ }
if (is_closed || (! is_open))
status = STATUS_ACCESS_DENIED;
diff --git a/Sandboxie/core/drv/ipc_lsa.c b/Sandboxie/core/drv/ipc_lsa.c
index 2aa543184a..674e3e7a86 100644
--- a/Sandboxie/core/drv/ipc_lsa.c
+++ b/Sandboxie/core/drv/ipc_lsa.c
@@ -125,7 +125,7 @@ _FX BOOLEAN Ipc_Filter_Lsa_Ep_Msg(UCHAR uMsg)
WCHAR access_str[24];
swprintf(access_str, L" Msg: %02X", (ULONG)uMsg);
const WCHAR* strings[3] = { L"\\RPC Control\\LSARPC_ENDPOINT", access_str, NULL };
- Session_MonitorPutEx(MONITOR_IPC | (filter ? MONITOR_DENY : MONITOR_OPEN), strings, PsGetCurrentProcessId());
+ Session_MonitorPutEx(MONITOR_IPC | (filter ? MONITOR_DENY : MONITOR_OPEN), strings, NULL, PsGetCurrentProcessId());
}
return filter;
diff --git a/Sandboxie/core/drv/ipc_spl.c b/Sandboxie/core/drv/ipc_spl.c
index 7b6b416fe1..cd5e367d60 100644
--- a/Sandboxie/core/drv/ipc_spl.c
+++ b/Sandboxie/core/drv/ipc_spl.c
@@ -71,7 +71,7 @@ static const WCHAR *_rpc_control = L"\\RPC Control";
//---------------------------------------------------------------------------
// Param 1 is dynamic port name (e.g. "\RPC Control\LRPC-f760d5b40689a98168"), WCHAR[DYNAMIC_PORT_NAME_CHARS]
-// Param 2 is the process PID for which to open the port
+// Param 2 is the process PID for which to open the port, can be 0 when port is special
// Param 3 is the port type/identifier, can be -1 indicating non special port
_FX NTSTATUS Ipc_Api_OpenDynamicPort(PROCESS* proc, ULONG64* parms)
@@ -109,43 +109,46 @@ _FX NTSTATUS Ipc_Api_OpenDynamicPort(PROCESS* proc, ULONG64* parms)
if (!NT_SUCCESS(status))
return status;
- //proc = Process_Find(pArgs->process_id.val, &irql);
- proc = Process_Find(pArgs->process_id.val, NULL);
- if (proc && (proc != PROCESS_TERMINATED))
- {
- //
- // When this is a special port save it our global Ipc_Dynamic_Ports structure
- //
+ //
+ // When this is a special port save it our global Ipc_Dynamic_Ports structure
+ //
- if (ePortType != NUM_DYNAMIC_PORTS && Ipc_Dynamic_Ports[ePortType].pPortLock)
- {
- KeEnterCriticalRegion();
- ExAcquireResourceExclusiveLite(Ipc_Dynamic_Ports[ePortType].pPortLock, TRUE);
+ if (ePortType != NUM_DYNAMIC_PORTS && Ipc_Dynamic_Ports[ePortType].pPortLock)
+ {
+ KeEnterCriticalRegion();
+ ExAcquireResourceExclusiveLite(Ipc_Dynamic_Ports[ePortType].pPortLock, TRUE);
- wmemcpy(Ipc_Dynamic_Ports[ePortType].wstrPortName, portName, DYNAMIC_PORT_NAME_CHARS);
+ wmemcpy(Ipc_Dynamic_Ports[ePortType].wstrPortName, portName, DYNAMIC_PORT_NAME_CHARS);
- ExReleaseResourceLite(Ipc_Dynamic_Ports[ePortType].pPortLock);
- KeLeaveCriticalRegion();
- }
+ ExReleaseResourceLite(Ipc_Dynamic_Ports[ePortType].pPortLock);
+ KeLeaveCriticalRegion();
+ }
- //
- // Open the port for the selected process
- //
+ //
+ // Open the port for the selected process
+ //
- KIRQL irql2;
+ if (pArgs->process_id.val != 0)
+ {
+ //proc = Process_Find(pArgs->process_id.val, &irql);
+ proc = Process_Find(pArgs->process_id.val, NULL);
+ if (proc && (proc != PROCESS_TERMINATED))
+ {
+ KIRQL irql2;
- KeRaiseIrql(APC_LEVEL, &irql2);
- ExAcquireResourceExclusiveLite(proc->ipc_lock, TRUE);
+ KeRaiseIrql(APC_LEVEL, &irql2);
+ ExAcquireResourceExclusiveLite(proc->ipc_lock, TRUE);
- Process_AddPath(proc, &proc->open_ipc_paths, NULL, FALSE, portName, FALSE);
+ Process_AddPath(proc, &proc->open_ipc_paths, NULL, FALSE, portName, FALSE);
- ExReleaseResourceLite(proc->ipc_lock);
- KeLowerIrql(irql2);
+ ExReleaseResourceLite(proc->ipc_lock);
+ KeLowerIrql(irql2);
+ }
+ else
+ status = STATUS_NOT_FOUND;
+ //ExReleaseResourceLite(Process_ListLock);
+ //KeLowerIrql(irql);
}
- else
- status = STATUS_NOT_FOUND;
- //ExReleaseResourceLite(Process_ListLock);
- //KeLowerIrql(irql);
return status;
}
@@ -476,7 +479,7 @@ _FX BOOLEAN Ipc_Filter_Spooler_Msg(UCHAR uMsg)
WCHAR access_str[24];
swprintf(access_str, L" Msg: %02X", (ULONG)uMsg);
const WCHAR* strings[3] = { L"\\RPC Control\\spoolss", access_str, NULL };
- Session_MonitorPutEx(MONITOR_IPC | (filter ? MONITOR_DENY : MONITOR_OPEN), strings, PsGetCurrentProcessId());
+ Session_MonitorPutEx(MONITOR_IPC | (filter ? MONITOR_DENY : MONITOR_OPEN), strings, NULL, PsGetCurrentProcessId());
}
return filter;
diff --git a/Sandboxie/core/drv/log.c b/Sandboxie/core/drv/log.c
index 62083f5844..5cd8c51c8e 100644
--- a/Sandboxie/core/drv/log.c
+++ b/Sandboxie/core/drv/log.c
@@ -337,6 +337,6 @@ _FX void Log_Debug_Msg(USHORT type, const WCHAR *string1, const WCHAR *string2)
if (Session_MonitorCount) {
const WCHAR* strings[4] = { string1, L" ", string2, NULL };
- Session_MonitorPutEx(type | MONITOR_TRACE, strings, PsGetCurrentProcessId());
+ Session_MonitorPutEx(type | MONITOR_TRACE, strings, NULL, PsGetCurrentProcessId());
}
}
diff --git a/Sandboxie/core/drv/process.c b/Sandboxie/core/drv/process.c
index 781ab36c55..06b4a33e5c 100644
--- a/Sandboxie/core/drv/process.c
+++ b/Sandboxie/core/drv/process.c
@@ -695,6 +695,7 @@ _FX PROCESS *Process_Create(
// initialize trace flags
//
+ proc->call_trace = Process_GetTraceFlag(proc, L"CallTrace");
proc->file_trace = Process_GetTraceFlag(proc, L"FileTrace");
proc->pipe_trace = Process_GetTraceFlag(proc, L"PipeTrace");
proc->key_trace = Process_GetTraceFlag(proc, L"KeyTrace");
diff --git a/Sandboxie/core/drv/process.h b/Sandboxie/core/drv/process.h
index f4b6ef7035..5502ffb791 100644
--- a/Sandboxie/core/drv/process.h
+++ b/Sandboxie/core/drv/process.h
@@ -121,6 +121,8 @@ struct _PROCESS {
UCHAR create_console_flag;
+ ULONG call_trace;
+
// file-related
PERESOURCE file_lock;
diff --git a/Sandboxie/core/drv/session.c b/Sandboxie/core/drv/session.c
index 4f1eafb05f..981ce0775d 100644
--- a/Sandboxie/core/drv/session.c
+++ b/Sandboxie/core/drv/session.c
@@ -579,7 +579,7 @@ _FX BOOLEAN Session_IsForceDisabled(ULONG SessionId)
_FX void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid)
{
const WCHAR* strings[2] = { name, NULL };
- Session_MonitorPutEx(type, strings, pid);
+ Session_MonitorPutEx(type, strings, NULL, pid);
}
@@ -588,7 +588,7 @@ _FX void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid)
//---------------------------------------------------------------------------
-_FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, HANDLE pid)
+_FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid)
{
SESSION *session;
KIRQL irql;
@@ -601,8 +601,8 @@ _FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, HANDLE pid)
ULONG64 pid64 = (ULONG64)pid;
SIZE_T data_len = 0;
- for(const WCHAR** string = strings; *string != NULL; string++)
- data_len += wcslen(*string) * sizeof(WCHAR);
+ for(int i=0; strings[i] != NULL; i++)
+ data_len += (lengths ? lengths [i] : wcslen(strings[i])) * sizeof(WCHAR);
//[Type 2][PID 8][Data n*2]
SIZE_T entry_size = 2 + 8 + data_len;
@@ -613,8 +613,8 @@ _FX void Session_MonitorPutEx(USHORT type, const WCHAR** strings, HANDLE pid)
log_buffer_push_bytes((CHAR*)&pid64, 8, &write_ptr, session->monitor_log);
// join strings seamlessly
- for (const WCHAR** string = strings; *string != NULL; string++)
- log_buffer_push_bytes((CHAR*)*string, wcslen(*string) * sizeof(WCHAR), &write_ptr, session->monitor_log);
+ for (int i = 0; strings[i] != NULL; i++)
+ log_buffer_push_bytes((CHAR*)strings[i], (lengths ? lengths[i] : wcslen(strings[i])) * sizeof(WCHAR), &write_ptr, session->monitor_log);
}
else // this can only happen when the entire buffer is to small to hold this one entry
Log_Msg0(MSG_MONITOR_OVERFLOW);
@@ -721,8 +721,6 @@ _FX NTSTATUS Session_Api_MonitorPut(PROCESS *proc, ULONG64 *parms)
_FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
{
API_MONITOR_PUT2_ARGS *args = (API_MONITOR_PUT2_ARGS *)parms;
- UNICODE_STRING objname;
- void *object;
USHORT *log_type;
WCHAR *log_data;
WCHAR *name;
@@ -745,12 +743,12 @@ _FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
log_len = args->log_len.val / sizeof(WCHAR);
if (!log_len)
return STATUS_INVALID_PARAMETER;
- if (log_len > 256) // truncate as we only have 260 in buffer
- log_len = 256;
+ if (log_len > 1024) // truncate as we only have 1028 in buffer
+ log_len = 1024;
log_data = args->log_ptr.val;
ProbeForRead(log_data, log_len * sizeof(WCHAR), sizeof(WCHAR));
- name = Mem_Alloc(proc->pool, 260 * sizeof(WCHAR)); // todo: should we increase this ?
+ name = Mem_Alloc(proc->pool, 1028 * sizeof(WCHAR)); // todo: should we increase this ?
if (! name)
return STATUS_INSUFFICIENT_RESOURCES;
@@ -765,46 +763,48 @@ _FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
name[log_len] = L'\0';
status = STATUS_SUCCESS;
- object = NULL;
- //
- // if type is MONITOR_IPC we try to open the object
- // to get the name assigned to it at time of creation
- //
+ if (args->check_object_exists.val64 && ((type & MONITOR_TRACE) == 0)) { // do not check objects if this is a trace entry
- if ((type & 0xFFF) == MONITOR_IPC) {
+ UNICODE_STRING objname;
+ void* object = NULL;
- ULONG i;
+ //
+ // if type is MONITOR_IPC we try to open the object
+ // to get the name assigned to it at time of creation
+ //
- RtlInitUnicodeString(&objname, name);
+ if ((type & 0xFFF) == MONITOR_IPC) {
- for (i = 0; Session_ObjectTypes[i]; ++i) {
+ ULONG i;
- // ObReferenceObjectByName needs a non-zero ObjectType
- // so we have to keep going through all possible object
- // types as long as we get STATUS_OBJECT_TYPE_MISMATCH
+ RtlInitUnicodeString(&objname, name);
- status = ObReferenceObjectByName(
- &objname, OBJ_CASE_INSENSITIVE, NULL, 0,
- Session_ObjectTypes[i], KernelMode, NULL,
- &object);
+ for (i = 0; Session_ObjectTypes[i]; ++i) {
- if (status != STATUS_OBJECT_TYPE_MISMATCH)
- break;
- }
+ // ObReferenceObjectByName needs a non-zero ObjectType
+ // so we have to keep going through all possible object
+ // types as long as we get STATUS_OBJECT_TYPE_MISMATCH
- // DbgPrint("IPC Status = %08X Object = %08X for Open <%S>\n", status, object, name);
- }
+ status = ObReferenceObjectByName(
+ &objname, OBJ_CASE_INSENSITIVE, NULL, 0,
+ Session_ObjectTypes[i], KernelMode, NULL,
+ &object);
- //
- // if type is MONITOR_PIPE we try to open the pipe
- // to get the name assigned to it at time of creation
- //
+ if (status != STATUS_OBJECT_TYPE_MISMATCH)
+ break;
+ }
+
+ // DbgPrint("IPC Status = %08X Object = %08X for Open <%S>\n", status, object, name);
+ }
- if ((type & 0xFFF) == MONITOR_PIPE) {
+ //
+ // if type is MONITOR_PIPE we try to open the pipe
+ // to get the name assigned to it at time of creation
+ //
+
+ if ((type & 0xFFF) == MONITOR_PIPE) {
- if (args->check_object_exists.val64)
- {
OBJECT_ATTRIBUTES objattrs;
IO_STATUS_BLOCK IoStatusBlock;
HANDLE handle;
@@ -844,35 +844,36 @@ _FX NTSTATUS Session_Api_MonitorPut2(PROCESS *proc, ULONG64 *parms)
//DbgPrint("PIPE Status3 = %08X Object = %08X for Open <%S>\n", status, object, name);
}
- }
- //
- // if we have an object, get its name from the kernel object
- //
+ //
+ // if we have an object, get its name from the kernel object
+ //
- if (NT_SUCCESS(status) && object) {
+ if (NT_SUCCESS(status) && object) {
- OBJECT_NAME_INFORMATION *Name;
- ULONG NameLength;
+ OBJECT_NAME_INFORMATION *Name;
+ ULONG NameLength;
- status = Obj_GetNameOrFileName(
- proc->pool, object, &Name, &NameLength);
+ status = Obj_GetNameOrFileName(
+ proc->pool, object, &Name, &NameLength);
- if (NT_SUCCESS(status)) {
+ if (NT_SUCCESS(status)) {
+
+ log_len = Name->Name.Length / sizeof(WCHAR);
+ if (log_len > 1024) // truncate as we only have 1028 in buffer
+ log_len = 1024;
+ wmemcpy(name, Name->Name.Buffer, log_len);
+ name[log_len] = L'\0';
- log_len = Name->Name.Length / sizeof(WCHAR);
- if (log_len > 256) // truncate as we only have 260 in buffer
- log_len = 256;
- wmemcpy(name, Name->Name.Buffer, log_len);
- name[log_len] = L'\0';
+ if (Name != &Obj_Unnamed)
+ Mem_Free(Name, NameLength);
- if (Name != &Obj_Unnamed)
- Mem_Free(Name, NameLength);
+ // DbgPrint("Determined Object Name <%S>\n", name);
+ }
- // DbgPrint("Determined Object Name <%S>\n", name);
+ ObDereferenceObject(object);
}
- ObDereferenceObject(object);
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
diff --git a/Sandboxie/core/drv/session.h b/Sandboxie/core/drv/session.h
index e2cb53c9db..c4e893d84b 100644
--- a/Sandboxie/core/drv/session.h
+++ b/Sandboxie/core/drv/session.h
@@ -44,7 +44,7 @@ BOOLEAN Session_IsForceDisabled(ULONG SessionId);
void Session_MonitorPut(USHORT type, const WCHAR *name, HANDLE pid);
-void Session_MonitorPutEx(USHORT type, const WCHAR** strings, HANDLE pid);
+void Session_MonitorPutEx(USHORT type, const WCHAR** strings, ULONG* lengths, HANDLE pid);
//---------------------------------------------------------------------------
diff --git a/Sandboxie/core/drv/syscall.c b/Sandboxie/core/drv/syscall.c
index 3e49e92cb5..c9a5f2b4b4 100644
--- a/Sandboxie/core/drv/syscall.c
+++ b/Sandboxie/core/drv/syscall.c
@@ -27,6 +27,7 @@
#include "obj.h"
#include "api.h"
#include "util.h"
+#include "session.h"
@@ -741,6 +742,7 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
__try {
+ BOOLEAN traced = FALSE;
const ULONG args_len = entry->param_count * sizeof(ULONG_PTR);
#ifdef _WIN64
ProbeForRead(user_args, args_len, sizeof(ULONG_PTR));
@@ -774,20 +776,20 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
ProbeForRead(user_args, args_len, sizeof(UCHAR));
#endif _WIN64
- /*
- if (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY))
- {
- if (strcmp(entry->name, "AlpcSendWaitReceivePort") == 0)
- {
- HANDLE hConnection;
- hConnection = (HANDLE*)user_args[0];
- DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_ERROR_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, handle = %X >>>>>>\n",
- PsGetCurrentProcessId(), PsGetCurrentThreadId(),
- entry->name,
- hConnection);
- }
- }
- */
+
+ //if (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY))
+ //{
+ // if (strcmp(entry->name, "AlpcSendWaitReceivePort") == 0)
+ // {
+ // HANDLE hConnection;
+ // hConnection = (HANDLE*)user_args[0];
+ // DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_ERROR_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, handle = %X >>>>>>\n",
+ // PsGetCurrentProcessId(), PsGetCurrentThreadId(),
+ // entry->name,
+ // hConnection);
+ // }
+ //}
+
if (entry->handler1_func) {
@@ -802,17 +804,20 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
if (proc->ipc_trace & (TRACE_ALLOW | TRACE_DENY))
{
+ HANDLE hConnection = NULL;
+ UNICODE_STRING* puStr = NULL;
+
if ((strcmp(entry->name, "ConnectPort") == 0) ||
(strcmp(entry->name, "AlpcConnectPort") == 0) )
{
- HANDLE hConnection = *(HANDLE*)user_args[0];
- UNICODE_STRING *puStr = (UNICODE_STRING*)user_args[1];
-
- DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, '%.*S', status = 0x%X, handle = %X\n",
- PsGetCurrentProcessId(), PsGetCurrentThreadId(),
- entry->name,
- (puStr->Length / 2), puStr->Buffer,
- status, hConnection);
+ hConnection = *(HANDLE*)user_args[0];
+ puStr = (UNICODE_STRING*)user_args[1];
+
+ //DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, '%.*S', status = 0x%X, handle = %X\n",
+ // PsGetCurrentProcessId(), PsGetCurrentThreadId(),
+ // entry->name,
+ // (puStr->Length / 2), puStr->Buffer,
+ // status, hConnection);
//if (puStr && puStr->Buffer && wcsstr(puStr->Buffer, L"\\RPC Control\\LRPC-"))
//{
//int i = 0; // place breakpoint here if you want to debug a particular port
@@ -821,17 +826,16 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
else if ( (strcmp(entry->name, "AlpcCreatePort") == 0) ||
(strcmp(entry->name, "AlpcConnectPortEx") == 0) )
{
- HANDLE hConnection = *(HANDLE*)user_args[0];
+ hConnection = *(HANDLE*)user_args[0];
POBJECT_ATTRIBUTES pObjectAttributes = (POBJECT_ATTRIBUTES)user_args[1];
- UNICODE_STRING *puStr = NULL;
if (pObjectAttributes)
puStr = (UNICODE_STRING*)pObjectAttributes->ObjectName;
- DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, '%.*S', status = 0x%X, handle = %X\n",
- PsGetCurrentProcessId(), PsGetCurrentThreadId(),
- entry->name,
- (puStr->Length / 2), puStr->Buffer,
- status, hConnection);
+ //DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, '%.*S', status = 0x%X, handle = %X\n",
+ // PsGetCurrentProcessId(), PsGetCurrentThreadId(),
+ // entry->name,
+ // (puStr->Length / 2), puStr->Buffer,
+ // status, hConnection);
}
else if ((strcmp(entry->name, "ReplyWaitReceivePort") == 0) ||
(strcmp(entry->name, "ReceiveMessagePort") == 0) ||
@@ -841,14 +845,39 @@ _FX NTSTATUS Syscall_Api_Invoke(PROCESS *proc, ULONG64 *parms)
// these 2 APIs will generate a lot of output if we don't check status
((status != STATUS_SUCCESS) && ((strcmp(entry->name, "AlpcSendWaitReceivePort") == 0) || (strcmp(entry->name, "RequestWaitReplyPort") == 0))) )
{
- HANDLE hConnection = (HANDLE*)user_args[0];
- DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, status = 0x%X, handle = %X\n",
- PsGetCurrentProcessId(), PsGetCurrentThreadId(),
- entry->name,
+ hConnection = (HANDLE*)user_args[0];
+
+ //DbgPrintEx(DPFLTR_DEFAULT_ID, DPFLTR_INFO_LEVEL, "SBIE [syscall] p=%06d t=%06d - %s, status = 0x%X, handle = %X\n",
+ // PsGetCurrentProcessId(), PsGetCurrentThreadId(),
+ // entry->name,
+ // status, hConnection);
+ }
+
+ if (hConnection)
+ {
+ WCHAR trace_str[128];
+ swprintf(trace_str, L"[syscall] t=%06d - %.*S, status = 0x%X, handle = %X; ", //59 chars + entry->name
+ PsGetCurrentThreadId(),
+ max(strlen(entry->name), 64), entry->name,
status, hConnection);
+ const WCHAR* strings[3] = { trace_str, puStr ? puStr->Buffer : NULL, NULL };
+ ULONG lengths[3] = { wcslen(trace_str), puStr ? puStr->Length / 2 : 0, 0 };
+ Session_MonitorPutEx(MONITOR_IPC | MONITOR_TRACE, strings, lengths, PsGetCurrentProcessId());
+ traced = TRUE;
}
}
+ if (!traced && ((proc->call_trace & TRACE_ALLOW) || ((status != STATUS_SUCCESS) && (proc->call_trace & TRACE_DENY))))
+ {
+ WCHAR trace_str[128];
+ swprintf(trace_str, L"[syscall] t=%06d - %.*S, status = 0x%X", //59 chars + entry->name
+ PsGetCurrentThreadId(),
+ max(strlen(entry->name), 64), entry->name,
+ status);
+ const WCHAR* strings[2] = { trace_str, NULL };
+ Session_MonitorPutEx(MONITOR_SYSCALL | MONITOR_TRACE, strings, NULL, PsGetCurrentProcessId());
+ }
+
#ifdef _WIN64
if (g_TrapFrameOffset) {
if (pTrapFrame) {
diff --git a/Sandboxie/core/drv/syscall_open.c b/Sandboxie/core/drv/syscall_open.c
index 68c9580299..af5953e2ed 100644
--- a/Sandboxie/core/drv/syscall_open.c
+++ b/Sandboxie/core/drv/syscall_open.c
@@ -37,7 +37,7 @@ static HANDLE Syscall_RestoreTargetHandle(
static NTSTATUS Syscall_CheckObject(
PROCESS *proc, SYSCALL_ENTRY *syscall_entry,
- void *OpenedObject, OBJECT_HANDLE_INFORMATION *HandleInfo);
+ void *OpenedObject, OBJECT_HANDLE_INFORMATION *HandleInfo, PUNICODE_STRING puName);
static NTSTATUS Syscall_DuplicateHandle_2(
HANDLE TargetProcessHandle, HANDLE TargetHandle,
@@ -178,7 +178,7 @@ _FX HANDLE Syscall_RestoreTargetHandle(
_FX NTSTATUS Syscall_CheckObject(
PROCESS *proc, SYSCALL_ENTRY *syscall_entry,
- void *OpenedObject, OBJECT_HANDLE_INFORMATION *HandleInfo)
+ void *OpenedObject, OBJECT_HANDLE_INFORMATION *HandleInfo, PUNICODE_STRING puName)
{
OBJECT_NAME_INFORMATION *Name;
ULONG NameLength;
@@ -194,9 +194,12 @@ _FX NTSTATUS Syscall_CheckObject(
if ((status != STATUS_SUCCESS)
&& (status != STATUS_BAD_INITIAL_PC)) {
+ if (puName == NULL && Name != NULL && Name->Name.Length != 0)
+ puName = &Name->Name;
+
WCHAR msg[256];
swprintf(msg, L"%S (%08X) access=%08X initialized=%d", syscall_entry->name, status, HandleInfo->GrantedAccess, proc->initialized);
- Log_Msg_Process(MSG_2101, msg, Name != NULL ? Name->Name.Buffer : L"Unnamed object", -1, proc->pid);
+ Log_Msg_Process(MSG_2101, msg, puName != NULL ? puName->Buffer : L"Unnamed object", -1, proc->pid);
}
if (Name != &Obj_Unnamed)
@@ -289,12 +292,20 @@ _FX NTSTATUS Syscall_OpenHandle(
if (NT_SUCCESS(status)) {
+ PUNICODE_STRING puName = NULL;
+
+ if ((strcmp(syscall_entry->name, "ConnectPort") == 0) ||
+ (strcmp(syscall_entry->name, "AlpcConnectPort") == 0))
+ {
+ puName = (UNICODE_STRING*)user_args[1];
+ }
+
//
// check the access that was granted to the object
//
status = Syscall_CheckObject(
- proc, syscall_entry, OpenedObject, &HandleInfo);
+ proc, syscall_entry, OpenedObject, &HandleInfo, puName);
ObDereferenceObject(OpenedObject);
@@ -633,7 +644,7 @@ _FX NTSTATUS Syscall_DuplicateHandle_2(
//
status = Syscall_CheckObject(
- proc, syscall_entry, OpenedObject, &HandleInfo);
+ proc, syscall_entry, OpenedObject, &HandleInfo, NULL);
} else if ( TypeLength == 5 * sizeof(WCHAR)
&& wmemcmp(TypeBuffer, L"Token", 5) == 0) {
diff --git a/Sandboxie/core/svc/EpMapperServer.cpp b/Sandboxie/core/svc/EpMapperServer.cpp
index 8c3f3caa44..0f877cc1ab 100644
--- a/Sandboxie/core/svc/EpMapperServer.cpp
+++ b/Sandboxie/core/svc/EpMapperServer.cpp
@@ -93,6 +93,7 @@ MSG_HEADER *EpMapperServer::EpmapperGetPortNameHandler(MSG_HEADER *msg)
return SHORT_REPLY(E_OUTOFMEMORY);
rpl->h.status = STATUS_NOT_FOUND;
+ rpl->wszPortName[0] = L'\0';
if (pwszServiceName != NULL) {
@@ -170,12 +171,18 @@ MSG_HEADER *EpMapperServer::EpmapperGetPortNameHandler(MSG_HEADER *msg)
if (rpl->h.status == STATUS_SUCCESS)
{
+ //
+ // Note: it seams that chrome.exe resolves GAME_CONFIG_STORE_PORT in one process and accesses from an other
+ // so since here we onlyonly a fre non critical ports we will use PID 0 to open it gloally
+ // instead of only for the one process. Todo: make it per sandbox instead
+ //
+
// Param 1 is dynamic port name (e.g. "LRPC-f760d5b40689a98168"), WCHAR[DYNAMIC_PORT_NAME_CHARS]
- // Param 2 is the process PID for which to open the port
+ // Param 2 is the process PID for which to open the port, can be 0 when port is special
// Param 3 is the port type/identifier, can be -1 indicating non special port
rpl->h.status = SbieApi_CallThree(API_OPEN_DYNAMIC_PORT,
(ULONG_PTR)rpl->wszPortName,
- (ULONG_PTR)idProcess,
+ (ULONG_PTR)0,
(ULONG_PTR)req->portType);
}
diff --git a/SandboxiePlus/QSbieAPI/SbieAPI.cpp b/SandboxiePlus/QSbieAPI/SbieAPI.cpp
index 01f224b01b..f4e553973a 100644
--- a/SandboxiePlus/QSbieAPI/SbieAPI.cpp
+++ b/SandboxiePlus/QSbieAPI/SbieAPI.cpp
@@ -1853,7 +1853,7 @@ bool CSbieAPI::IsMonitoring()
bool CSbieAPI::GetMonitor()
{
- const int max_len = 256; // versions prioir to 5.44.1 check for max_len <= 256 increase this later
+ const int max_len = 1024;
USHORT type;
ULONG64 pid;
@@ -1943,6 +1943,7 @@ QString CResLogEntry::GetTypeStr() const
{
switch (m_Type.Type)
{
+ case MONITOR_SYSCALL: return "SysCall";
case MONITOR_PIPE: return "Pipe";
case MONITOR_IPC: return "Ipc";
case MONITOR_WINCLASS: return "WinClass";
diff --git a/SandboxiePlus/SandMan/SandMan.h b/SandboxiePlus/SandMan/SandMan.h
index 6cc7c19806..0e1cbe257d 100644
--- a/SandboxiePlus/SandMan/SandMan.h
+++ b/SandboxiePlus/SandMan/SandMan.h
@@ -15,7 +15,7 @@
#define VERSION_MJR 0
#define VERSION_MIN 5
#define VERSION_REV 4
-#define VERSION_UPD 2
+#define VERSION_UPD 3
//#include "../QSbieAPI/SbieAPI.h"
diff --git a/SandboxiePlus/SandMan/sandman_de.ts b/SandboxiePlus/SandMan/sandman_de.ts
index 6f20160c91..fa790b7df5 100644
--- a/SandboxiePlus/SandMan/sandman_de.ts
+++ b/SandboxiePlus/SandMan/sandman_de.ts
@@ -202,15 +202,15 @@
Please enter an auto exec command
- Bitte geben Sie einen Autoausführen-Kommando ein
+ Bitte geben Sie einen Autoausführen-Kommndo einThis template is enabled globally. To configure it, use the global options.
- Diese Vorlage ist global aktiv, um sie zu konfigurieren müssen die globalen Optionen genutzt werden.
+ Diese Vorlage ist global aktiv, um sie zu konfigueren müssen die globalen Optionen genutzt werden.
- Please select group first.
+ Please sellect group first.Bitte zuvor eine Gruppe auswählen.
@@ -291,7 +291,7 @@
This template is enabled globally to configure it use the global options.
- Diese Vorlage ist global aktiv, um sie zu konfigurieren müssen die globalen Optionen genutzt werden.
+ Diese Vorlage ist global aktiv, um sie zu konfigueren müssen die globalen Optionen genutzt werden.
@@ -305,7 +305,7 @@
Visit %1 for a detailed explanation.Visit %1 for a detailes explenation.
- %1 besuchen für eine detaillierte Erklärung.
+ %1 besuchen für eine detailierte Erklärung.
@@ -458,7 +458,7 @@
Do you want to allow the print spooler to write outside the sandbox for %1 (%2)?Kept 'print spooler' in breakets to allow easier online lookup
- Möchten Sie der Druckerwarteschlange (print spooler) erlauben außerhalb der Sandbox für %1 (%2) zu schreiben?
+ Möchten Sie der Druckewarteschlange (print spooler) erlauben außerhalb der Sandbox für %1 (%2) zu schreiben?
@@ -611,7 +611,7 @@ Vollständiger Pfad: %4
Net ShareKept original for lack of good German wording
- Netzwerkfreigabe (Net share)
+ Netzwerfreigabe (Net share)
@@ -677,7 +677,7 @@ Vollständiger Pfad: %4
Disable Forced Programs
- Deaktiviere erzwungene Programme
+ Deaktivere erzwungene Programme
@@ -827,17 +827,18 @@ Vollständiger Pfad: %4
Edit ini file
- .ini-Datei bearbeiten
+ Freedom to ini being all caps
+ INI-Datei bearbeitenReload ini file
- .ini-Datei neu laden
+ INI-Datei neuladenResource Logging
- Ressourcenprotokollierung
+ Resourcenprotokollierung
@@ -893,7 +894,7 @@ Vollständiger Pfad: %4
Sandboxie-Plus was running in portable mode, now it has to clean up the created services. This will prompt for administrative privileges.
- Sandboxie-Plus wurde im portablen Modus betrieben, nun müssen die erzeugten Dienste bereinigt werden, was Adminrechte benötigt.
+ Sandboxie-Plus wurde im portablen Modus betrieben, nun müssen die erzeugten Dienste bereinigt werden, was administrative Rechte benötigt.
@@ -940,7 +941,7 @@ Vollständiger Pfad: %4
Sandboxie-Plus was started in portable mode and it needs to create necessary services. This will prompt for administrative privileges.
- Sandboxie-Plus wurde im portablen Modus gestartet, nun müssen die benötigten Dienste erzeugt werden, was Adminrechte benötigt.
+ Sandboxie-Plus wurde im portablen Modus getartet, nun müssen die benötigten Dienste erzeugt werden, was administrative Rechte benötigt.
@@ -961,8 +962,8 @@ Vollständiger Pfad: %4
To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.
- Um die API Protokollierung zu nutzen, muss die LogApiDll von https://github.com/sandboxie-plus/LogApiDll mit einer oder mehrerer Box(en) eingerichtet werden.
-Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der README.md des Projekts in der Sandboxie.ini einrichten.
+ Um die API Protokollierung zu nutzen, muss die LogApiDll von https://github.com/sandboxie-plus/LogApiDll mit einer oder mehrerer Box(en) eingereichten werden.
+Bitte die neute Version herunterladen und entsprechend der Anweisungen in der README.md des Projekts einrichten.
@@ -972,11 +973,11 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
<p>Sandboxie-Plus is an open source continuation of Sandboxie.</p><p></p><p>Visit <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> for more information.</p><p></p><p></p><p></p><p>Icons from <a href="https://icons8.com">icons8.com</a></p><p></p>
- <p>Sandboxie-Plus ist eine OpenSource-Fortsetzung von Sandboxie.</p><p></p><p>Besuche <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> für weitere Informationen.</p><p></p><p></p><p></p><p>Icons von <a href="https://icons8.com">icons8.com</a></p><p></p>
+ p>Sandboxie-Plus ist eine OpenSource-Fortsetzung von Sandboxie.</p><p></p><p>Besuche <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> für weitere Informationen.</p><p></p><p></p><p></p><p>Icons von <a href="https://icons8.com">icons8.com</a></p><p></p>Admin rights required.
- Adminrechte benötigt.
+ Administrativerechte benötigt.
@@ -1003,7 +1004,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Failed to copy configuration from sandbox %1: %2
- Fehler beim Kopieren der Konfiguration von Sandbox %1: %2
+ Fehler beim Kopieren der Konfiguartion von Sandbox %1: %2
@@ -1016,7 +1017,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Fehler beim Löschen der Sandbox %1: %2
- The sandbox name can not be longer than 32 characters.
+ The sandbox name can not be longer than 32 charakters.Der Name der Sandbox darf nicht länger als 32 Zeichen sein.
@@ -1062,7 +1063,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
This Snapshot operation can not be performed while processes are still running in the box.
- Der Schnappschuss kann nicht erstellt werden, während Prozesse in dieser Box laufen.
+ Dieser Schnappschussvorgang kann nicht durchgeführt werden, während Prozesse in dieser Box laufen.
@@ -1116,7 +1117,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Don't show this announcement in the future.
- Diese Ankündigung zukünftig nicht mehr zeigen.
+ Diese Ankündigung zukünfitg nicht mehr zeigen.
@@ -1131,11 +1132,11 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
<p>New Sandboxie-Plus has been downloaded to the following location:</p><p><a href="%2">%1</a></p><p>Do you want to begin the installation? If any programs are running sandboxed, they will be terminated.</p>
- <p>Neue Version von Sandboxie-Plus wurde heruntergeladen zu:</p><p><a href="%2">%1</a></p><p>Möchten Sie mit der Installation beginnen? Falls Programme in einer Sandbox laufen, werden diese beendet.</p>
+ <p>Neue Verion von Sandboxie-Plus wurde heruntergeladen zu:</p><p><a href="%2">%1</a></p><p>Möchten Sie mit der Installation beginnen? Falls Programme in einer Sandbox laufen, werden diese beendet.</p>Sandboxie-Plus was running in portable mode, now it has to clean up the created services, this will prompt for administrative privileges.
- Sandboxie-Plus wurde im portablen Modus betrieben, nun müssen die erzeugten Dienste bereinigt werden, was Adminrechte benötigt.
+ Sandboxie-Plus wurde im portablen Modus betrieben, nun müssen die erzeugten Dienste bereinigt werden, was administrative Rechte benötigt.
@@ -1160,7 +1161,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Failed to start required sandboxie components
- Fehlschlag beim Starten der benötigten Sandboxiekomponenten
+ Fehlschalg beim Starten der benötigten Sandboxiekomponenten
@@ -1195,7 +1196,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Loaded Config: %1
- Geladene Konfiguration: %1
+ Geladene Kofiguration: %1 - Driver NOT connected
@@ -1225,7 +1226,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Only Administrators can change the config.
- Nur Administratoren können Änderungen an der Konfiguration vornehmen.
+ Nur Administratoren können Änderungen n der Kofiguration vornehmen.
@@ -1242,8 +1243,8 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Bitte Dauer eingeben, in der erzwungene Programme deaktiviert sind.
- Sandboxie-Plus was started in portable mode and it needs to create necessary services, this will prompt for administrative privileges.
- Sandboxie-Plus wurde im portablen Modus gestartet, nun müssen die benötigten Dienste erzeugt werden, was Adminrechte benötigt.
+ Sandboxie-Plus was started in portable mode and it needs to create nececery services, this will prompt for administrative privileges.
+ Sandboxie-Plus wurde im portablen Modus getartet, nun müssen die benötigten Dienste erzeugt werden, was administrative Rechte benötigt.
@@ -1256,7 +1257,7 @@ Bitte die neuste Version herunterladen und entsprechend der Anweisungen in der R
Führe Wartungsvorgang aus, bitte warten...
- The changes will be applied automatically as soon as the editor is closed.
+ The changes will be applyed automatically as soon as the editor is closed.Die Änderungen werden automatisch angewendet, sobald der Editor geschlossen wird.
@@ -1268,7 +1269,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Administrator rights are required for this operation.
- Für diesen Vorgang werden Adminrechte benötigt.
+ Für dieen Vorgang werden administrative Rechte benötigt.
@@ -1328,7 +1329,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Don't show this announcement in future.
- Diese Ankündigung zukünftig nicht mehr zeigen.
+ Diese Ankündigung zukünfitg nicht mehr zeigen.
@@ -1346,7 +1347,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
<p>Möchten Sie die <a href="%1">Downloadseite</a> besuchen?</p>
- Ignore this update, notify me about the next one.
+ Ignore this update, notify me anout the next one.Dieses Update ignorieren, über das nächste Update benachrichtigen.
@@ -1365,7 +1366,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
<p>New Sandboxie-Plus has been downloaded to the following location:</p><p><a href="%2">%1</a></p><p>Do you want to begin the installation. If any programs are running sandboxed, they will be terminated.</p>
- <p>Neue Version von Sandboxie-Plus wurde heruntergeladen zu:</p><p><a href="%2">%1</a></p><p>Möchten Sie mit der Installation beginnen? Falls Programme in einer Sandbox laufen, werden diese beendet.</p>
+ <p>Neue Verion von Sandboxie-Plus wurde heruntergeladen zu:</p><p><a href="%2">%1</a></p><p>Möchten Sie mit der Installation beginnen? Falls Programme in einer Sandbox laufen, werden diese beendet.</p>
@@ -1374,14 +1375,14 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
<p>Sandboxie-Plus is an open source continuation of the well known Sandboxie.</p><p></p><p>Visit <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> for more information.</p><p></p><p></p><p></p><p>Icons from <a href="https://icons8.com">icons8.com</a></p><p></p>
- p>Sandboxie-Plus ist eine OpenSource-Fortsetzung von Sandboxie.</p><p></p><p>Visit <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> für weitere Informationen.</p><p></p><p></p><p></p><p>Icons von <a href="https://icons8.com">icons8.com</a></p><p></p>
+ p>Sandboxie-Plus ist eine OpenSource-Fortsetzungde sehr bekannten Sandboxie.</p><p></p><p>Visit <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> für weitere Informationen.</p><p></p><p></p><p></p><p>Icons von <a href="https://icons8.com">icons8.com</a></p><p></p>CSbieAPIFailed to copy configuration from sandbox %1
- Fehler beim Kopieren der Konfiguration von Sandbox %1
+ Fehler beim Kopieren der Konfiguartion von Sandbox %1
@@ -1414,7 +1415,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Path / Command Line
- Pfad / Kommandozeile
+ KommandozeilePath
@@ -1610,7 +1611,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
This box does not have Internet restrictions in place, do you want to enable them?
- Diese Sandbox hat keine Internetbeschränkungen, möchten Sie diese aktivieren?
+ Diese Sandbox hat keine Internetschränkungen, möchten Sie diese aktivieren?Suspend
@@ -1631,7 +1632,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Registry root: %1
- Registry-Quelle: %1
+ Registryquelle: %1
@@ -1718,13 +1719,13 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Please enter the new configuration password.
- Bitte ein Passwort für die neue Konfiguration eingeben.
+ Bitte ein Passwort für die neue Konfguration eingeben.Please re-enter the new configuration password.Please re enter the new configuration password.
- Bitte das neue Konfigurationspasswort wiederholen.
+ Bitte das neue Konfiguartionspasswort wiederholen.
@@ -1806,7 +1807,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Select restriction/isolation template:
- Restriktions- oder Isolationsvorlage auswählen:
+ Restriktions-/Isolationsvorlage auswählen:
@@ -1876,12 +1877,12 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Drop rights from Administrators and Power Users groups
- Die Rechte der Administratoren und Hauptbenutzergruppe einschränken
+ Die Rechte der Administratoren und Hauptbenuztergruppe einschränkenPrevent change to network and firewall parameters
- Verhindere Änderungen an den Netzwerk- und Firewall-Einstellungen
+ Verhindere Änderungen an den Netzwerk- und Firewalleinstellungen
@@ -2023,13 +2024,13 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
- Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless they are explicitly started in another sandbox.
+ Programs entered here, or programs started from entered locations, will be put in this sandbox automatically, unless thay are explicitly started in another sandbox.Programme die hier gelistet sind oder von den angegeben Ordnern gestartet werden, werden automatisch in dieser Sandbox ausgeführt, solange sie nicht explizit in einer anderen Sandbox gestartet werden.Stop Behaviour
- Stopverhalten
+ Stopp Verhalten
@@ -2090,7 +2091,7 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Here you can specify programs and/or services that are to be started automatically in the sandbox when it is activated
- Hier können Sie Programme und/oder Dienste angeben, welche automatisch in der Sandbox gestartet werden, wenn diese aktiviert wird
+ Hier können Sie Programme und/oder Dienste angeben, welche automatisch in der Sandbox gestarted werden, wenn diese aktiviert wird
@@ -2102,9 +2103,9 @@ Bitte die neute Version herunterladen und entsprechend der Anweisungen in der RE
Lingering programs will be automatically terminated if they are still running after all other processes have been terminated.
If leader processes are defined, all others are treated as lingering processes.
- Verweilende Programme werden automatisch beendet, wenn diese noch laufen, nachdem alle anderen Prozesse bereits beendet wurden.
+ Verbelibende Programme werden automatisch beendet, wenn diese noch laufen, nachdem alle anderen Prozesse bereits beendet wurden.
-Falls primäre Programme/Prozesse definiert wurden, werden alle anderen als verweilende Prozesse behandelt.
+Falls primäre Programme/Prozessse definiert wurden, werden alle anderen als verweilende Prozesse behandelt.
@@ -2164,7 +2165,7 @@ Falls primäre Programme/Prozesse definiert wurden, werden alle anderen als verw
Resource Access
- Ressourcenzugriff
+ Resourcenzugriff
@@ -2218,7 +2219,7 @@ Falls primäre Programme/Prozesse definiert wurden, werden alle anderen als verw
Note that all Close...=!<program>,... exclusions have the same limitations.
For files access you can use 'Direct All' instead to make it apply to all programs.
Translated close to what is written in the source
- Konfigurieren, welche Prozesse auf welche Ressourcen zugreifen können. Doppelklick um einen Eintrag zu bearbeiten.
+ Konfigurieren, welche Prozesse auf welche Resourcen zugreifen können. Doppelklick um einen Eintrag zu bearbeiten.
'Direkter' Datei und Schlüsselzugriff trifft nur auf Programmdateien zu, die sich außerhalb der Sandbox befinden.
Beachte, dass alle Programme schließen...=!<Programm>,... Ausnahmen die gleichen Beschränkungen haben.
Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Programme zu zu treffen.
@@ -2245,8 +2246,8 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
- Enable Immediate Recovery prompt to be able to recover files as soon as they are created.
- Aktivere Sofortwiederherstellungsabfrage, um alle Dateien sofort wiederherstellen zu können sobald diese erzeugt werden.
+ Enable Immediate Recovery prompt to be able to recover files as soon as thay are created.
+ Aktivere Sofortwiederhertellungsabfrage, um alle Dateien sofort wiederherstellen zu können sobald diese erzeugt werden.
@@ -2286,7 +2287,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Start the sandboxed RpcSs as a SYSTEM process (breaks some compatibility)
- Starte den sandgeboxten RpcSs als DIENST-Prozess (beeinträchtigt die Kompatibilität)
+ Starte den sandgeboxted RpcSs als DIENST-Prozess (beinträchtigt etwas Kompatibilität)
@@ -2296,7 +2297,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Limit access to the emulated service control manager to privileged processes
- Beschränke Zugriff auf emulierte Dienstkontrollmanager auf privilegierte Prozesse
+ Beschränke Zugriff zu emulierten Dientkontrollmanagern auf priviligierte Prozesse
@@ -2321,7 +2322,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Protect the sandbox integrity itself
- Die Sandboxintegrität selbst schützen
+ Die Sandboxintegrität sebst schützen
@@ -2336,7 +2337,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Protect sandboxed SYSTEM processes from unprivileged unsandboxed processes
- Schütze sandgeboxte SYSTEM-Prozesse vor unprivilegierten nicht sandgeboxten Prozessen
+ Schütze sandgeboxte SYSTEM-Prozesse von unpriviligierten nicht sandgeboxten ProzessenSandbox Isolation
@@ -2355,7 +2356,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Hide host processes from processes running in the sandbox.
- Verstecke Host-Prozesse vor Prozessen in der Sandbox.
+ Verstecke Hostprozesse vor Prozessen in der Sandbox.Remove Process
@@ -2374,7 +2375,7 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Restrict Resource Access monitor to administrators only
- Beschränke den Ressourcenzugriffsmonitor auf Administratoren
+ Beschränke den Resourcenzugriffsmonitor auf Administratoren
@@ -2391,9 +2392,9 @@ Zum Dateizugriff können Sie 'Direkt Alle' verwenden um für alle Prog
Add user accounts and user groups to the list below to limit use of the sandbox to only those accounts. If the list is empty, the sandbox can be used by all user accounts.
Note: Forced Programs and Force Folders settings for a sandbox do not apply to user accounts which cannot use the sandbox.
- Füge Nutzerkonten und -gruppen der Liste hinzu, um die Benutzung der Sandbox auf diese Konten zu beschränken.Falls die Liste leer ist, kann die Sandbox von allen Konten genutzt werden.
+ Füge Nutzerkonten und Nuztergruppenzu der Liste hinzu, um die Benuztzung der Sandbox auf diese Konten zu beschränken.Falls die Liste leer ist, kann die Sandbox von allen Konten genutzt werden.
-Notiz: Erzwungene Programme und Ordner für eine Sandbox finden keine Anwendung auf Konten, die diese Sandbox nicht nutzen können.
+Notiz: Erzwungene Programme und Ordnerfür eine Sandbox finden keine Anwendung auf Konten, die diese Sandbox nicht nuten können.
@@ -2415,7 +2416,7 @@ You can customize the logging using the ini by specifying
"D" - Denied accesses
"I" - Ignore access requests
instead of "*".
- Protokolliere jeden Zugriffsevent, wie er durch den Treiber gesehen wird, im Ressourcenzugriffsprotokoll.
+ Protokolliere jednen Zugriffsevent, wie er durhc den Treiber gesehen wird, im Resourcenzugriffsprotokoll.
Diese Optionen setzen die Eventmaske auf "*" - Alle Zugriffsevents
Sie können die Protokollierung in der INI anpassen in den Sie wie folgt wählen
@@ -2482,7 +2483,7 @@ an Stelle von "*".<- for this one the above does not apply
- <- für dieses findet das Obige keine Anwendung
+ <- für dieses findet das Obrige keine Anwendung
@@ -2492,7 +2493,7 @@ an Stelle von "*".WARNING, these options can disable core security guarantees and break sandbox security!!!
- WARNUNG, diese Optionen können Kernsicherheitsgarantien deaktivieren und die Sandboxsicherheit zerstören!!!
+ WARNUNG, diese Optionen können Kernsicherheitsgarantien deaktivieren und die Sandboxsichheit zerstören!!!
@@ -2522,7 +2523,7 @@ an Stelle von "*".
This list contains a large amount of sandbox compatibility enhancing templates
- Diese Liste enthält eine große Menge an Vorlange, welche die Kompalität der Sandbox verbessern
+ Diese Liste enthält eine große Menge an Sandboxkompatibilitätsverbesserungsvorlagen
@@ -2576,7 +2577,7 @@ an Stelle von "*".
Refresh
- Aktualisieren
+ Aktualsieren
@@ -2664,7 +2665,7 @@ an Stelle von "*".
Open urls from this ui sandboxed
- Öffne URLs aus diesem Fenster in einer Sandbox
+ Öffne URLs aus diesem Fenter in einer Sandbox
@@ -2711,7 +2712,7 @@ an Stelle von "*".
Sandbox registry root:
- Sandbox Registry-Quelle:
+ Sandbox Registy-Quelle:
@@ -2772,7 +2773,7 @@ an Stelle von "*".
When any of the following programs is launched outside any sandbox, Sandboxie will issue message SBIE1301.
- Wenn eines der folgenden Programme außerhalb einer Sandbox gestartet wird, wird Sandboxie die Meldung SBIE1301 ausgeben.
+ Wenn eines der folgenden Programme außerhalb einer Sandbox gestarten wird,wird Sandboxie die Meldung SBIE1301 ausgeben.
@@ -2797,7 +2798,7 @@ an Stelle von "*".
In the future, don't check software compatibility
- Zukünftig nicht auf Softwarekompatibilität prüfen
+ Zukünfig nicht auf Softwarekompatibilität prüfen
@@ -2807,12 +2808,12 @@ an Stelle von "*".
Disable
- Deaktivieren
+ DeaktiverenSandboxie has detected the following software applications in your system. Click OK to apply configuration settings, which will improve compatibility with these applications. These configuration settings will have effect in all existing sandboxes and in any new sandboxes.
- Sandboxie hat die folgenden Anwendungen auf dem System gefunden. OK klicken zur Anwendung der Konfigurationseinstellungen, welche die Softwarekompatibilität mit diesen Anwendungen verbessert. Diese Konfigurationseinstellungen haben Auswirkungen auf alle existierenden und neuen Sandboxen.
+ Sandboxie hat die folgenden Anwendungen auf dem System gefunden. OK klicken zur Anwendung der Konfigurationseinstellungen, welche die Softwarekompatibilität mit diesen Anwendungen verbessert. Diese Konfigurationseinstellungen haben Auswirkungen auf alle exisitierenden und neuen Sandboxen.
diff --git a/SandboxiePlus/SandMan/sandman_pt.ts b/SandboxiePlus/SandMan/sandman_pt.ts
index e09a380208..4c58593ab1 100644
--- a/SandboxiePlus/SandMan/sandman_pt.ts
+++ b/SandboxiePlus/SandMan/sandman_pt.ts
@@ -105,7 +105,7 @@
Browse for Program
- Procurar pelo programa
+
@@ -126,7 +126,7 @@
Please enter a program path
- Insira um caminho do programa
+
@@ -143,17 +143,17 @@
Please enter a service identifier
- Por favor, insira um identificador de serviço
+ Service
- Serviço
+ Program
- Programa
+ Programa
@@ -192,17 +192,17 @@
COM objects must be specified by their GUID, like: {00000000-0000-0000-0000-000000000000}
- Os objetos COM devem ser especificados pelo seu GUID, como: {00000000-0000-0000-0000-000000000000}
+ RT interfaces must be specified by their name.
- As interfaces RT devem ser especificadas pelo nome.
+ Please enter an auto exec command
- Por favor, insira um comando auto exec
+
@@ -394,27 +394,27 @@
Recover to:
- Recuperar para:
+ Browse
- Procurar
+ ProcurarClear folder list
- Limpar lista de pastas
+ Recover && Explore
- Recuperar && Explorar
+ Recover && Open/Run
- Recuperar && Abrir/Executar
+
@@ -444,7 +444,7 @@
Select Directory
- Selecione Diretório
+
@@ -462,29 +462,29 @@
- Do you want to allow %4 (%5) to copy a %1 large file into sandbox: %2?
+ Do you want to allow %4 (%5) to copy a %1 large file into sandbox: %2?
File name: %3Do you want to allow %4 (%5) to copy a %1 large file into sandbox: %2?
File name: %3
- Deseja permitir que %4 (%5) copie um arquivo grande %1 para o sandboxie: %2?
+ Deseja permitir que %4 (%5) copie um arquivo grande %1 para o sandboxie: %2?
Nome do arquivo: %3
- Do you want to allow %1 (%2) access to the internet?
+ Do you want to allow %1 (%2) access to the internet?
Full path: %3Do you want to allow %1 (%2) access to the internet?
Full path: %3
- Deseja permitir o acesso de %1 (%2) à Internet?
+ Deseja permitir o acesso de %1 (%2) à Internet?
Caminho completo: %3
- %1 is eligible for quick recovery from %2.
+ %1 is eligible for quick recovery from %2.
The file was written by: %3%1 is eligible for quick recovery from %2.
The file was written by: %3
- O arquivo %1 está qualificado para recuperação rápida de %2.
+ O arquivo %1 está qualificado para recuperação rápida de %2.
Gravado por: %3
@@ -500,11 +500,11 @@ Gravado por: %3
- Migrating a large file %1 into the sandbox %2, %3 left.
+ Migrating a large file %1 into the sandbox %2, %3 left.
Full path: %4Migrating a large file %1 into the sandbox %2, %3 left.
Full path: %4
- Migrando um arquivo grande %1 para o sandboxie %2, %3 restante.
+ Migrando um arquivo grande %1 para o sandboxie %2, %3 restante.
Caminho completo: %4
@@ -552,7 +552,7 @@ Caminho completo: %4
Unknown
- Desconhecido
+
@@ -635,17 +635,17 @@ Caminho completo: %4
Copy Cell
- Copiar Célula
+ Copy Row
- Copiar Linha
+ Copy Panel
- Copiar Painel
+
@@ -822,7 +822,7 @@ Caminho completo: %4
Reset all hidden messages
- Redefinir todas as mensagens ocultas
+
@@ -838,12 +838,12 @@ Caminho completo: %4
Resource Logging
- Log de Recursos
+ Registro de RecursosAPI Call Logging
- Log de Chamada de API
+ Registrando Chamada API
@@ -899,32 +899,32 @@ Caminho completo: %4
Failed to stop all Sandboxie components
- Falha ao parar todos os componentes do Sandboxie
+ Failed to start required Sandboxie components
- Falha ao iniciar os componentes exigidos do Sandboxie
+ Sandboxie-Plus was started in portable mode, do you want to put the SandBox folder into its parent directory?
- Sandboxie-Plus foi iniciado no modo portátil, você deseja colocar a pasta SandBox em seu diretório pai?
+ - NOT connected
- - NÃO conectado
+ The file %1 already exists, do you want to overwrite it?
- O arquivo %1 já existe, deseja sobrescrevê-lo?
+ Do this for all files!
- Fazer isso para todos os arquivos!
+
@@ -946,12 +946,12 @@ Caminho completo: %4
Do you also want to reset hidden message boxes (yes), or only all log messages (no)?
- Você também deseja redefinir as caixas de mensagens ocultas (sim) ou apenas todas as mensagens de log (não)?
+ The changes will be applied automatically whenever the file gets saved.
- As alterações serão aplicadas automaticamente sempre que o arquivo for salvo.
+
@@ -962,8 +962,7 @@ Caminho completo: %4
To use API logging you must first set up the LogApiDll from https://github.com/sandboxie-plus/LogApiDll with one or more sandboxes.
Please download the latest release and set it up with the Sandboxie.ini as instructed in the README.md of the project.
- Para usar o log de API, você deve primeiro configurar o LogApiDll em https://github.com/sandboxie-plus/LogApiDll com um ou mais caixas de areia.
-Faça o download da versão mais recente e configure-o com o Sandboxie.ini conforme instruído no README.md do projeto.
+
@@ -973,7 +972,7 @@ Faça o download da versão mais recente e configure-o com o Sandboxie.ini confo
<p>Sandboxie-Plus is an open source continuation of Sandboxie.</p><p></p><p>Visit <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> for more information.</p><p></p><p></p><p></p><p>Icons from <a href="https://icons8.com">icons8.com</a></p><p></p>
- <p>Sandboxie-Plus é uma continuação de código aberto do Sandboxie.</p><p></p><p>Visite <a href="https://sandboxie-plus.com">sandboxie-plus.com</a> para maiores informações.</p><p></p><p></p><p></p><p>Ícones de <a href="https://icons8.com">icons8.com</a></p><p></p>
+ Admin rights required.
@@ -991,7 +990,7 @@ Faça o download da versão mais recente e configure-o com o Sandboxie.ini confo
Failed to communicate with Sandboxie Service: %1
- Falha ao se comunicar com o serviço Sandboxie: %1
+ Falha ao comunicar com o serviço Sandboxie: %1Can't find Sandboxie instal path.
@@ -1127,7 +1126,7 @@ Faça o download da versão mais recente e configure-o com o Sandboxie.ini confo
No new updates found, your Sandboxie-Plus is up-to-date.
- Nenhuma nova atualização encontrada, seu Sandboxie-Plus está atualizado.
+
@@ -1269,32 +1268,32 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Administrator rights are required for this operation.
- Direitos de administrador são necessários para esta operação.
+ Failed to connect to the driver
- Falha ao se conectar com o driver
+ An incompatible Sandboxie %1 was found. Compatible versions: %2
- Um Sandboxie %1 incompatível foi encontrado. Versões compatíveis: %2
+ Can't find Sandboxie installation path.
- Não é possível encontrar o caminho de instalação do Sandboxie.
+ The sandbox name can not be longer than 32 characters.
- O nome da caixa de área não pode ter mais de 32 caracteres.
+ Can't remove a snapshot that is shared by multiple later snapshots
- Não é possível remover instantâneos compartilhado por vários instantâneos posteriores
+
@@ -1304,12 +1303,12 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Do you want to open %1 in a sandboxed (yes) or unsandboxed (no) Web browser?
- Deseja abrir %1 em um navegador Web na caixa de areia (sim) ou fora da caixa de areia (não)?
+ Remember choice for later.
- Lembrar escolha mais tarde.
+
@@ -1415,11 +1414,11 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Path / Command Line
- Caminho / Linha de Comando
+ Path
- Caminho
+ Caminho
@@ -1501,7 +1500,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Create ShortcutCreate Desktop Shortcut
- Criar Atalho
+ Criar Atalho na Área de Trabalho
@@ -1551,12 +1550,12 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Sandbox Options
- Opções da Caixa de Areia
+ Opções do SandboxRename Sandbox
- Renomear Caixa de Areia
+ Renomear Sandbox
@@ -1566,7 +1565,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Remove Sandbox
- Remover Caixa de Areia
+ Remover Sandbox
@@ -1591,12 +1590,12 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Allow internet access
- Permitir acesso à Internet
+ Force into this sandbox
- Força nessa caixa de areia
+
@@ -1611,7 +1610,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
This box does not have Internet restrictions in place, do you want to enable them?
- Esta caixa não possui restrições à Internet. Deseja ativá-las?
+ Suspend
@@ -1625,21 +1624,21 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
File root: %1
- Pasta de arquivo: %1
+ Raiz do arquivo: %1
Registry root: %1
- Pasta de registro: %1
+ Raiz do registro: %1
IPC root: %1
- Pasta do IPC: %1
+ Raiz IPC: %1
@@ -1882,7 +1881,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Prevent change to network and firewall parameters
- Impedir alterações nos parâmetros de rede e firewall
+
@@ -1948,7 +1947,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Protect this sandbox from deletion or emptying
- Protejer essa caixa de areia contra exclusão ou esvaziamento
+ Proteja essa caixa de areia contra exclusão ou esvaziamento
@@ -1990,7 +1989,7 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
You can group programs together and give them a group name. Program groups can be used with some of the settings instead of program names.
- Você pode agrupar programas e dar um nome ao grupo. Os grupos de programas podem ser usados com algumas das configurações em vez de nomes de programas.
+ Você pode agrupar programas e dar-lhes um nome de grupo. Os grupos de programas podem ser usados com algumas das configurações em vez de nomes de programas.
@@ -2060,43 +2059,43 @@ Faça o download da versão mais recente e configure-a em sandboxie.ini conforme
Block access to the printer spooler
- Bloqueie o acesso ao spooler de impressão
+ Allow the print spooler to print to files outside the sandbox
- Permitir que o spooler de impressão imprima arquivos fora da caixa
+ Printing
- Impressão
+ Remove spooler restriction, printers can be installed outside the sandbox
- Remova a restrição do spooler, as impressoras podem ser instaladas fora do sandbox
+ Add program
- Adicionar programa
+ Auto Start
- Auto Iniciar
+ Here you can specify programs and/or services that are to be started automatically in the sandbox when it is activated
- Aqui você pode especificar programas ou serviços que devem ser iniciados automaticamente na caixa de areia quando ela for ativada
+ Add service
- Adicionar serviço
+
@@ -2272,12 +2271,12 @@ Para acesso a arquivos, você pode usar o 'Direct All' em vez de fazê
Do not start sandboxed services using a system token (recommended)
- Não iniciar serviços no sandbox usando um token de sistema (recomendado)
+ Allow access to Smart Cards
- Permitir acesso a cartões inteligentes
+
@@ -2287,12 +2286,12 @@ Para acesso a arquivos, você pode usar o 'Direct All' em vez de fazê
Start the sandboxed RpcSs as a SYSTEM process (breaks some compatibility)
- Iniciar RpcSs com caixa de areia como um processo do SISTEMA (quebra alguma compatibilidade)
+ Iniciar RpcSs com caixa de areia como um processo do SISTEMA (quebra alguma compatibilidade)Add sandboxed processes to job objects (recommended)
- Adicionar processos do sandbox a objetos de trabalho (recomendado)
+ Adicionar processos em sandbox a objetos de trabalho (recomendado)
@@ -2356,7 +2355,7 @@ Para acesso a arquivos, você pode usar o 'Direct All' em vez de fazê
Hide host processes from processes running in the sandbox.
- Ocultar processos do host de processos em execução na sandbox.
+ Ocultar processos de host de processos em execução na sandbox.Remove Process
@@ -2448,22 +2447,22 @@ ao invés de "*".
Lift security restrictions
- Levantar restrições de segurança
+ Sandbox isolation
- Isolamento da caixa de areia
+ Auto Exec
- Auto Executar
+ Here you can specify a list of commands that are executed every time the sandbox is initially populated.
- Aqui você pode especificar uma lista de comandos que serão executados sempre que o sandbox for iniciado.
+
@@ -2478,12 +2477,12 @@ ao invés de "*".
COM Class Trace
- COM Class Trace
+ <- for this one the above does not apply
- <- para este o acima não se aplica
+
@@ -2498,7 +2497,7 @@ ao invés de "*".
These options are intended for debugging compatibility issues, please do not use them in production use.
- Essas opções destinam-se a depurar problemas de compatibilidade, não as use em produção.
+ Essas opções destinam-se a depurar problemas de compatibilidade, não as use em produção.
@@ -2665,7 +2664,7 @@ ao invés de "*".
Open urls from this ui sandboxed
- Abrir urls dessa IU na caixa de areia
+
@@ -2680,7 +2679,7 @@ ao invés de "*".
Only Administrator user accounts can make changes
- Apenas conta de usuário Administrador pode fazer alterações
+ Apenas conta de usuário Administrador podem fazer alterações
@@ -2690,7 +2689,7 @@ ao invés de "*".
Password must be entered in order to make changes
- Uma senha deve ser inserida para fazer alterações
+ A senha deve ser inserida para fazer alterações
@@ -2717,17 +2716,17 @@ ao invés de "*".
Sandbox <a href="sbie://docs/filerootpath">file system root</a>:
- <a href="sbie://docs/filerootpath">Pasta dos arquivos</a> do Sandbox:
+ Sandbox <a href="sbie://docs/ipcrootpath">ipc root</a>:
- <a href="sbie://docs/ipcrootpath">Pasta do ipc</a> do Sandbox :
+ Sandbox <a href="sbie://docs/keyrootpath">registry root</a>:
- <a href="sbie://docs/keyrootpath">Pasta de registro</a> do Sandbox:
+
@@ -2742,7 +2741,7 @@ ao invés de "*".
Portable root folder
- Pasta raiz portátil
+