{"id":270350,"date":"2022-07-10T00:11:00","date_gmt":"2022-07-09T22:11:00","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=270350"},"modified":"2022-07-09T10:10:40","modified_gmt":"2022-07-09T08:10:40","slug":"sandboxie-fork-mit-version-version-1-0-22-final-neuerungen-in-der-plus-version","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2022\/07\/10\/sandboxie-fork-mit-version-version-1-0-22-final-neuerungen-in-der-plus-version\/","title":{"rendered":"Sandboxie-Fork mit Version Version 1.0.22 Final &#8211; Neuerungen in der Plus-Version"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/i.imgur.com\/pfNu0Vx.png\" width=\"72\" height=\"72\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/?p=25565\" target=\"_blank\" rel=\"noopener\">English<\/a>]David Xanatos hat mich bereits im Juni 2022 dar\u00fcber informiert, dass er ein Update f\u00fcr Sandboxie in der Version v1.0.22 \/ 5.55.22 fertiggestellt und auf Githib freigegeben hat. Damit ist diese Version so \"richtig final\", wie er sich ausdr\u00fcckte. Zudem gibt es noch ein Sandboxie Plus mit einigen neuen Funktionen. Hier einige Informationen dazu.<\/p>\n<p><!--more--><\/p>\n<h2>Die Historie<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/5980185312274f94b55f191380e5cc4f\" alt=\"\" width=\"1\" height=\"1\" \/>Sandboxie wurde von Sophos zur Anwendungsvirtualisierung entwickelt und sp\u00e4ter als Open Source freigegeben (siehe auch <a href=\"https:\/\/borncity.com\/blog\/2020\/04\/10\/sandboxie-ist-nun-open-source\/\">Sandboxie ist nun Open Source<\/a> und <a href=\"https:\/\/github.com\/sandboxie\/sandboxie\">dieses GitHub-Projekt<\/a>). Das Unternehmen erwarb Sandboxie von Invincea, das sie zuvor von dem urspr\u00fcnglichen Autor Ronen Tzur erworben hatte. Es handelt sich um eine Sandbox-basierte Isolationssoftware f\u00fcr 32- und 64-Bit Windows NT-basierte Betriebssysteme. David Xanatos hat den freigegebenen Quellcode \u00fcbernommen und als Fork weiter entwickelt. Das Projekt ist auf der <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\" target=\"_blank\" rel=\"noopener\">GitHub-Sandboxie-Seite<\/a> abrufbar.<\/p>\n<h2>Sandboxie v1.0.22 \/ 5.55.22<\/h2>\n<p>David <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/releases\/tag\/1.0.22\" target=\"_blank\" rel=\"noopener\">schreibt<\/a> zur Version 1.0.22: Dieser Build bringt ein paar Korrekturen sowie ein paar kleine Funktionen, vor allem Unterst\u00fctzung f\u00fcr das neue Windows 11 Explorer-Kontextmen\u00fc. Um es zu aktivieren, muss die Einstellung manuell auf Windows 11 umgeschaltet werden. Ein sp\u00e4teres Installations-Update wird dies f\u00fcr Win 11 automatisieren. Hier die Erweiterungen:<\/p>\n<ul>\n<li>added auto update download and silent install option to sandman.exe <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/issues\/917\">#917<\/a><\/li>\n<li>trace monitor mode can now also save to file <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/issues\/1851\">#1851<\/a><\/li>\n<li>trace log now shows ipc object type information<\/li>\n<li>added support for windows 11 context menus<\/li>\n<\/ul>\n<p>Zudem gibt es einige Korrekturen:<\/p>\n<ul>\n<li>fixed sandman crash issue <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/issues\/1846\" target=\"_blank\" rel=\"noopener\">#1846<\/a><\/li>\n<li>fixed issue with windows server 2022 build 20348<\/li>\n<li>fixed translation switching issues <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/issues\/1852\" target=\"_blank\" rel=\"noopener\">#1852<\/a><\/li>\n<\/ul>\n<p>Die Classic-Versionen von Sandboxie l\u00e4sst sich auf der <a href=\"https:\/\/github.com\/sandboxie-plus\/Sandboxie\/releases\/tag\/1.0.22\" target=\"_blank\" rel=\"noopener\">GitHub-Seite<\/a> herunterladen.<\/p>\n<h2>Sonstige Neuigkeiten zu Sandboxie Plus<\/h2>\n<p>Auf der Homepage <a href=\"https:\/\/sandboxie-plus.com\/\" target=\"_blank\" rel=\"noopener\">Sandboxie-Plus.com<\/a> hat David zudem die <a href=\"https:\/\/sandboxie-plus.com\/plus-features\/\" target=\"_blank\" rel=\"noopener\">neuen Plus-Features<\/a> vorgestellt. Hier die englischen Neuerungen:<\/p>\n<h3>Rule Specificity -&gt; data protection *<\/h3>\n<ul>\n<li>With this option rules are prioritized based on their specificity (see changelog\/docs for details) this way sub paths can be readable\/writeable while parent parts are still protected. With this applying a preset rule collection all locations potentially containing personal data can be protected. Applications running in boxes with personal data protection will see an empty PC with no user data on it.<\/li>\n<\/ul>\n<h3>Compartment Mode *<\/h3>\n<ul>\n<li>This mode is intended to optimize compatibility at the cost of security, here sandboxie's token-based isolation scheme is not used. Isolation is limited to the FS minifilter as well as registry and object callbacks. This has the potential to greatly improve compatibility with variouse applications.<\/li>\n<\/ul>\n<h3>WFP (Windows Filtering Platform) support<\/h3>\n<ul>\n<li>With this feature Sandboxie can be like an application firewall which applies the rules on a per box bases allowing the same application access to the internet in one box while blocking it in another.<\/li>\n<\/ul>\n<h3>Windows 11 context menu integration<\/h3>\n<h3>Process\/Thread handle filtering (obCallbacks)<\/h3>\n<ul>\n<li>Using this mechanism greatly improves on isolation of processes and provides enhanced security.<\/li>\n<\/ul>\n<h3>Win32 syscall hooking<\/h3>\n<ul>\n<li>With this feature win32 sys calls can get the same treatment as NT sys calls which helps with graphics and hw acceleration.<br \/>\n<h6>New UI with dark mode and much more<\/h6>\n<\/li>\n<li>Sandboxie-Plus bring an entirely new Qt based UI sandman.exe<\/li>\n<li>Customizable per box run menu<\/li>\n<li>Global hotkey to terminate all boxes<\/li>\n<li>INI section editor for easy configuration of advanced options<\/li>\n<li>Box event triggers\/scripts<\/li>\n<li>Ability to stop selected applications from running globally, regardless of box presets<\/li>\n<\/ul>\n<h3>Snapshots<\/h3>\n<ul>\n<li>Sandboxie-Plus can create box snapshots, with them it is possible to easily revert a box to a defined previous state.<\/li>\n<li>Box set to auto delete will when available auto revert to the last snapshot allowing to benefit from a fresh clean box each time but with some preset configuration<\/li>\n<\/ul>\n<h3>Enhanced debug\/trace monitor<\/h3>\n<h3>Fake admin privileges<\/h3>\n<ul>\n<li>Allows to make all processes in a box think thay have admin permissions and act accordingly, without the potential draw backs of granting them admin permissions<\/li>\n<\/ul>\n<h3>A lot of security fixes<\/h3>\n<ul>\n<li>FIXED: memory of unsandboxed processes can no longer be read, exceptions can be configured<\/li>\n<li>FIXED: NtCreateSymbolicLinkObject was not filtered (thanks Diversenok)<\/li>\n<li>FIXED: in certain cases, a sandboxed process could obtain a handle on an unsandboxed thread with write privileges<\/li>\n<li>FIXED: Hard link creation was not properly filtered (thanks Diversenok)<\/li>\n<li>FIXED: when starting <em>COMSRV<\/em> unboxed, the returned process handle had full access<\/li>\n<li>FIXED: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421)<\/li>\n<li>FIXED: elevated sandboxed processes could access volumes\/disks for reading (thanks hg421)<\/li>\n<li>FIXED: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos)<\/li>\n<li>FIXED: \"\\RPC Control\\samss lpc\" is now filtered by the driver (thanks hg421)<\/li>\n<li>FIXED: \"\\Device\\DeviceApi\\CMApi\" is now filtered by the driver (thanks hg421)<\/li>\n<li>FIXED: the registry isolation could be bypassed, present since Windows 10 Creators Update<\/li>\n<li>FIXED: a Sandboxed process could start sandboxed as system even with DropAdminRights in place<\/li>\n<li>FIXED: Sandboxie now strips particularly problematic privileges from sandboxed system tokens<\/li>\n<li>FIXED: added print spooler filter to prevent printers from being set up outside the sandbox<\/li>\n<li>FIXED: processes could spawn processes outside the sandbox (thanks Diversenok)<\/li>\n<li>FIXED: bug in the dynamic IPC port handling allowed to bypass IPC isolation<\/li>\n<li>FIXED: CVE-2019-13502 \"\\RPC Control\\LSARPC_ENDPOINT\" is now filtered by the driver (thanks Diversenok)<\/li>\n<li>FIXED: fixed permission issues with sandboxed system processes<\/li>\n<li>FIXED: fixed missing SCM access check for sandboxed services (thanks Diversenok)<\/li>\n<li>FIXED: sandboxed processes could obtain a write handle on non-sandboxed processes (thanks Diversenok)<\/li>\n<\/ul>\n<p>Bei <a href=\"https:\/\/www.wilderssecurity.com\/\" target=\"_blank\" rel=\"noopener\">wilderssecurity.com<\/a> gibt es jetzt ein <a href=\"https:\/\/www.wilderssecurity.com\/forums\/sandboxie-sbie-open-source-plus-classic.144\/\" target=\"_blank\" rel=\"noopener\">Unterforum f\u00fcr Sandboxie<\/a>.<\/p>\n<h2>Hintergrund zu Sandboxie<\/h2>\n<p>Sandboxie ist ein Programm zur Anwendungsisolierung, welches einem erm\u00f6glicht, andere Software unter Windows in einer kontrollierten Umgebung ablaufen zu lassen. Dazu \u00fcbernimmt Sandboxie bei der Installation der Anwendung die Kontrolle und isoliert alle Datei- und Registrierungszugriffe und leitet diese in separate Dateien um. Xanatos schreibt dazu:<\/p>\n<blockquote><p>Es schafft eine Sandbox-\u00e4hnliche isolierte Betriebsumgebung, in der Anwendungen ausgef\u00fchrt oder installiert werden k\u00f6nnen, ohne dass das lokale oder zugeordnete Laufwerk dauerhaft ge\u00e4ndert werden muss. Eine isolierte virtuelle Umgebung erm\u00f6glicht das kontrollierte Testen von nicht vertrauensw\u00fcrdigen Programmen und das Surfen im Internet.<\/p><\/blockquote>\n<p>Die von Sandboxie verwendet Isolationstechnologie trennt die so installierten Programme vom darunter liegenden Betriebssystem. Das verhindert, dass unerw\u00fcnschte \u00c4nderungen an pers\u00f6nlichen Daten, Programmen und Anwendungen, die sicher auf der Festplatte liegen, vorgenommen werden. Sandboxie erm\u00f6glicht daher, Software zu testen und sp\u00e4ter r\u00fcckstandsfrei vom System zu deinstallieren.<\/p>\n<p><strong>\u00c4hnliche Artikel:<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2019\/09\/11\/sophos-gibt-sandboxie-5-31-4-als-tool-frei\/\">Sophos gibt Sandboxie 5.31.4 als Tool frei<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2020\/04\/10\/sandboxie-ist-nun-open-source\/\">Sandboxie ist nun Open Source<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2020\/02\/09\/diskcryptor-nachfolger-von-david-xanatos\/\">DiskCryptor-Nachfolger von David Xanatos<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2020\/07\/11\/sandboxie-build-0-3-5-42\/\">Sandboxie Build 0.3\/5.42 verf\u00fcgbar<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]David Xanatos hat mich bereits im Juni 2022 dar\u00fcber informiert, dass er ein Update f\u00fcr Sandboxie in der Version v1.0.22 \/ 5.55.22 fertiggestellt und auf Githib freigegeben hat. Damit ist diese Version so \"richtig final\", wie er sich ausdr\u00fcckte. Zudem &hellip; <a href=\"https:\/\/borncity.com\/blog\/2022\/07\/10\/sandboxie-fork-mit-version-version-1-0-22-final-neuerungen-in-der-plus-version\/\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7459],"tags":[3836],"class_list":["post-270350","post","type-post","status-publish","format-standard","hentry","category-software","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/270350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=270350"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/270350\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=270350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=270350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=270350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}