Release v0.7.0 / 5.48.0

This build fixes again a few security issues, as well as brings some new functionality and expands on the tracing features.

If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.

You can support the project through donations, any help will be greatly appreciated.

ChangeLog

Added

• sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
• the trace log buffer can now be adjusted with "TraceBufferPages=2560"
  -- the value denotes the count of 4k large pages to be used, here for a total of 10 MB
• new functionality to the list finder

Changed

• improved RPC debugging
• improved IPC handling around RpcMgmtSetComTimeout, "RpcMgmtSetComTimeout=n" is now the default behavioure
  -- required exceptions have been hard coded for specific calling dll's
• the LogApi dll is now using Sbies tracing facility to logg events instead of an own pipe server

Fixed

• FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
• fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
• fixed issue with resource monitor sort by timestamp
• FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain a elevated rights handle to a process (thanks typpos)
• FIXED SECURITY ISSUE: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421)
  -- this allowed elevated processes to change passwords, delete users and alike, to disable filtering use "OpenSamEndpoint=y"
• FIXED SECURITY ISSUE: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421)
  -- this allowed elevated processes to change hardware configuration, to disable filtering use "OpenDevCMApi=y"