Skip to content

Release v0.8.8 / 5.50.8

Compare
Choose a tag to compare
@DavidXanatos DavidXanatos released this 13 Jul 07:01
· 5399 commits to master since this release
ae43f35

0 5 5

This build reworks some internal mechanisms and fixes a lot of bugs as well as some new features.

If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.

You can support the project through donations, any help will be greatly appreciated.

Changelog

[0.8.8 / 5.50.8] - 2021-07-13

Changed

  • MSIServer no longer requires being run as system; this completes the move to not use system tokens in a sandbox by default
    -- the security-enhanced option "MsiInstallerExemptions=n" is now the default behaviour

Fixed

  • fixed issue with the "Explore Sandboxed" command #972
  • rolled back the switch from using NtQueryKey to NtQueryObject as it seems to break some older Windows 10 versions like 1803 #984
    -- this change was introduced to fix #951
    -- to use NtQueryObject the option "UseObjectNameForKeys=y" can be added to Sandboxie.ini

[0.8.7b / 5.50.7] - 2021-07-11

Fixed

  • fixed issue with boxes that had auto-delete activated introduced in the previous build #986

[0.8.7 / 5.50.7] - 2021-07-10

Added

  • added option to always auto-pick the DefaultBox #959
    -- when this option is enabled, the normal behaviour with a box selection dialog can be brought up by holding down CTRL
  • added option to hide a sandbox from the "run in box" dialog
    -- useful to avoid listing insecure compatibility test boxes for example
  • added box options to system tray #439 #272

Changed

  • changed default "terminate all boxed processes" key from Ctrl+Pause to Ctrl+Alt+Pause #974
  • Start.exe no longer links in unused MFC code, which reduced its file size from over 2.5 MB to below 250 KB
  • updated the main SandMan and tray icon #963
  • improved the box tree-style view

Fixed

  • added additional delay and retries to KmdUtil.exe to mitigate issues when unloading the driver #968
  • fixed issue with SbieCtrl not being properly started after setup #969
  • fixed issue with "explore sandboxed" shell option #972
  • fixed issue when running SandMan elevated #932
  • fixed new box selection dialog showing disabled boxes
  • fixed issue updating box active status

Removed

  • removed Online Armor support as this product is deprecated since 2016

[0.8.6 / 5.50.6] - 2021-07-07

Added

  • added LibreWolf template (by Dyras) #929

Fixed

  • fixed performance bug introduced in 0.8.5

[0.8.5 / 5.50.5] - 2021-07-06

Added

  • added global hotkey to terminate all sandboxed processes (default: Ctrl+Pause)
  • the Run Sandboxed dialog can now be handled by the SandMan UI
  • added "AllowBoxedJobs=y" allowing boxed processes to use nested jobs on Windows 8 and later
    -- Note: this allows Chrome and other programs to use the job system for additional isolation
  • added Librewolf.exe to the list of Firefox derivatives #927
  • added run regedit sandboxed menu command
  • added new support settings tab to SandMan UI for updates and news
  • added code integrity verification to Sbie service and UI
  • added template for Vivaldi Notes (by isaak654) #948

Changed

  • replaced the Process List used by the driver with a much faster Hash Map implementation
    -- Note: this change provides an almost static system call speed of 1.2µs regardless of the running process count
    -- The old list, with 100 programs running required 4.5µs; with 200: 12µs; and with 300: 18µs per syscall
    -- Note: some of the slowdown was also affecting non-sandboxed applications due to how the driver handles certain callbacks
  • replaced the per-process Thread List used by the driver with a much faster Hash Map implementation
  • replaced configuration section list with a hash map to improve configuration performance, and increased line limit to 100000
    -- not yet enabled in production build
  • the presence of the default box is only checked on connect
  • the portable directory dialog now shows the directory #924
  • when terminated, boxed processes now first try doing that by terminating the job object
  • the driver now can terminate problematic processes by default without the help of the service
  • the box delete routine now retries up to 10 times, see #954
  • replaced the Process List used by the service with a much faster Hash Map implementation
  • replaced the per-process Thread List used by the service with a much faster Hash Map implementation

Fixed

  • fixed faulty initialization in SetServiceStatus (by flamencist) #921
  • fixed buttons position in Classic UI settings (by isaak654) #914
  • fixed missing password length check in the SandMan UI #925
  • fixed issues opening job objects by name
  • fixed missing permission check when reopening job object handles (thanks Diversenok)
  • fixed issue with some Chromium 90+ hooks affecting the display of PDFs in derived browsers #930 #817
  • fixed issues with reconnecting broken LPC ports used for communication with SbieSvc
  • fixed minor setting issue #957
  • fixed minor UI issue with resource access COM settings #958
  • fixed an issue with NtQueryKey using NtQueryObject instead #951
  • fixed crash in key.c when failing to resolve key paths
  • added workaround for topmost modality issue #873
    -- the notification window is not only topmost for 5 seconds
  • fixed an issue deleting directories introduced in 5.49.5
  • fixed an issue when creating box copies

Removed

  • removed switch for "BlockPassword=n" as it does not seem to be working #938
    -- it's recommended to use "OpenSamEndpoint=y" to allow password changes in Windows 10