Trust No Program

Better logout protection

Ideas for enhancements to the software

Better logout protection

Postby Guest » Thu Apr 24, 2008 9:37 am

I was playing with the matousec leaktests for firewalls and found sss.exe able to logout from sandbox. Please check:

http://www.matousec.com/downloads/ssts.zip - bin\level 4\sss.exe
Guest
 

Postby tzuk » Thu Apr 24, 2008 12:45 pm

I checked. The logoff is permitted because unlike poweroff/shutdown/reboot requests, Windows does not consider logoff a privileged (or administrative) operation. That's very reasonable -- you would not expect to have to be administrator just to logoff your session.

I could possibly add more system hooks to prevent this, but that would be new code in Sandboxie, because the poweroff/shutdown/reboot protection at this time is done by simply discarding the needed privilege, not by hooking anything.
tzuk
tzuk
Site Admin
 
Posts: 16076
Joined: Tue Jun 22, 2004 5:57 pm

Postby Guest » Thu Apr 24, 2008 2:35 pm

Thanks for answer. I though the log out protection is already implemented just not perfect,
because when i ran shutdown -l or logoff from sandboxed cmd i got "denied attempt" message from Sandboxie.
Guest
 


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 3 guests