From b6f7e4352a5f79cada03766750593bad48703a30 Mon Sep 17 00:00:00 2001 From: Jane Haring <52415314+wwxiaoqi@users.noreply.github.com> Date: Sun, 31 Dec 2023 00:17:21 +0800 Subject: [PATCH] add ConfidentialBox UseSbieDeskHack docs --- Content/AllPages.md | 4 ++++ Content/ConfidentialBox.md | 17 +++++++++++++++++ Content/UseSbieDeskHack.md | 25 +++++++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 Content/ConfidentialBox.md create mode 100644 Content/UseSbieDeskHack.md diff --git a/Content/AllPages.md b/Content/AllPages.md index 7352c0497..200ec2c7f 100644 --- a/Content/AllPages.md +++ b/Content/AllPages.md @@ -72,6 +72,8 @@ [Compartment Mode](../PlusContent/compartment-mode.md) +[Confidential Box](ConfidentialBox.md) + [Config Level](ConfigLevel.md) [Configuration Protection](ConfigurationProtection.md) @@ -638,6 +640,8 @@ [Use Rule Specificity](UseRuleSpecificity.md) +[Use SbieDesk Hack](UseSbieDeskHack.md) + [Use Security Mode](UseSecurityMode.md) [User Accounts Settings](UserAccountsSettings.md) diff --git a/Content/ConfidentialBox.md b/Content/ConfidentialBox.md new file mode 100644 index 000000000..b6fe70749 --- /dev/null +++ b/Content/ConfidentialBox.md @@ -0,0 +1,17 @@ +# Confidential Box + +_ConfidentialBox_ is a sandbox setting in [Sandboxie Ini](SandboxieIni.md). + +``` + . + . + . + [DefaultBox] + ConfidentialBox=y +``` + +Use the 'ConfidentialBox=y' option to prevent the host process from reading access to the isolated process. + +**Technical Details** + +For more information, see [Box Encryption](../PlusContent/BoxEncryption.md) and [Box Preset Comparison](../PlusContent/box-preset-comparison.md). diff --git a/Content/UseSbieDeskHack.md b/Content/UseSbieDeskHack.md new file mode 100644 index 000000000..d8085a48e --- /dev/null +++ b/Content/UseSbieDeskHack.md @@ -0,0 +1,25 @@ +# Use SbieDesk Hack + +_UseSbieDeskHack_ is a sandbox setting in [Sandboxie Ini](SandboxieIni.md). + +``` + . + . + . + [DefaultBox] + UseSbieDeskHack=y +``` + +A desktop object solution that is now enabled by default for all processes. + +**Technical Details** + +This is a desktop object solution that is used for all processes. + +It was initially implemented to address the issue of infinite callback problems caused by delayed loading (the infinite recursion problem has been resolved in version 0.4.0 / 5.43). + +It is now enabled by default. This allows Electron applications to run without the need to set the 'SpecialImage=chrome,program.exe' option. + +Related Sandboxie Plus setting: + +Sandbox Options > Various Options > Compatibility > Use desktop object workaround for all processes