Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

can't install rust with rustup-init and windows gnu toolchain #3826

Closed
m0rph3usX opened this issue Apr 15, 2024 · 3 comments
Closed

can't install rust with rustup-init and windows gnu toolchain #3826

m0rph3usX opened this issue Apr 15, 2024 · 3 comments
Labels
fixed in next build Fixed in the next Sandboxie version Issue reproduced Issue reproduced without uncertainties Symlinks Collection of symbolic links issues

Comments

@m0rph3usX
Copy link

Describe what you noticed and did

Seems linke a similar issue, which should be fixed already?
#3481

Using Sandboxie v.1.13.3

  1. create a complete new sandbox
  2. drag n drop "rustup-init.exe" to sandbox
  3. install rust with "x86_x64-pc-windows-gnu" toolchain
  • press [2] key (customize installation)
  • enter "x86_x64-pc-windows-gnu"
  • press [ENTER]
  • press [ENTER]
  • press [y] and [ENTER]
  • press [1]
bug_report.mp4

How often did you encounter it so far?

every time

Expected behavior

Install rust without errors

Affected program

rustup-init.exe

Download link

https://static.rust-lang.org/rustup/dist/x86_64-pc-windows-gnu/rustup-init.exe

Where is the program located?

I tried to install it only inside a sandbox, but I wasn't able to achieve it.

Did the program or any related process close unexpectedly?

No, not at all.

Crash dump

No response

What version of Sandboxie are you running now?

v.1.13.3

Is it a new installation of Sandboxie?

I recently did a new clean installation.

Is it a regression from previous versions?

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

What is your Windows edition and version?

Win10 Pro 22H2, Build 19045.4291

In which Windows account you have this problem?

A local account (Standard user)., A local account (Administrator).

Please mention any installed security software

none

Did you previously enable some security policy settings outside Sandboxie?

Trace log

No response

Sandboxie.ini configuration

Enabled=y
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#02f6f6,ttl
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10
UseFileDeleteV2=y
UseRegDeleteV2=y
AutoRecover=y
@m0rph3usX m0rph3usX added the Confirmation pending Further confirmation is requested label Apr 15, 2024
@offhub offhub added the Symlinks Collection of symbolic links issues label Apr 15, 2024
@offhub
Copy link
Collaborator

offhub commented Apr 15, 2024
edited
Loading

Probably hardlink issue @DavidXanatos

run cmd as admin

MKLINK /H "%temp%\test.ini" "C:\Windows\Sandboxie.ini"

Incorrect function.

sbie3826hl

@offhub offhub added the Issue reproduced Issue reproduced without uncertainties label Apr 15, 2024
@DavidXanatos
Copy link
Member

hmm.. hard links complicate things, as they are a level lower than symlinks and junctions, if you hard link a file booth actual paths are actually representing the real file on a filesystem level. There is not real path and link path... Meaning:

  1. You can not hard link files across volumes, you can only create hard links on the same partition
  2. We can not apply our usual access controls even the driver at the level it operates currently would fail to protect a host file for which a sandboxed hard link was created, as for it it looks like the file is a sandboxed file.
  3. The sandbox being on a different volume than the linked file could not work, full stop.
    So how do we get it to work:
    a. We redirect the operation to the SbieSvc and make it ensure that only files residing in the sandbox already can be hard linked.
    b. We add a mechanism to SbieDll ensuring that if a program tries to hard link a host file the file is first copied into the sandbox and only then the SbieSvc is invoked to create the box to box hardlink.

@DavidXanatos DavidXanatos added ToDo To be done High priority To be done as soon as possible and removed Confirmation pending Further confirmation is requested labels Apr 16, 2024
@DavidXanatos
Copy link
Member

This actually looks simpler then expected, we can adapt the file rename logic a bit to cover link creation, same restrictions same conditions, we can rename or link only to a file we have a write access to which we don't get for host files.
A fix should be included in the next build.

DavidXanatos added a commit that referenced this issue Apr 18, 2024
@DavidXanatos
#3826
1919f91
@DavidXanatos DavidXanatos added fixed in next build Fixed in the next Sandboxie version and removed ToDo To be done High priority To be done as soon as possible labels Apr 18, 2024
isaak654 referenced this issue Apr 20, 2024
@DavidXanatos
Update win32_ntddk.h
9ee5aaf
isaak654 referenced this issue Apr 20, 2024
@DavidXanatos
Update file.c
e0f966e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fixed in next build Fixed in the next Sandboxie version Issue reproduced Issue reproduced without uncertainties Symlinks Collection of symbolic links issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DavidXanatos @offhub @m0rph3usX