Recent Posts

91

ReHIPS / Re: How to allow Powershell specific actions?

« Last post by fixer on October 21, 2019, 02:44:19 pm »

You're right, trusted command lines aren't supposed to have an alert window. Looks like it's some kind of quotation mark parsing issue, will take a look. Thank you for your report.
P.S. And don't worry about questions, that what we're here for, to answer them

92

ReHIPS / Is there a conflict with sandboxie?

« Last post by nick on October 21, 2019, 11:00:05 am »

I have sandboxie on my system and now that I try to use it in combination with ReHIPS there seems not to be compatible. I want to allow sandboxed programs (under sandboxie) but although I try to allow them when ReHIPS asks me the sandboxed programs never start. Actually the processes start (I can see them running at process explorer) but I cannot see anything on my screen. Does this has something to do with the anonymous user that sandboxie puts as the owner of the processes instead of my normal account ? Is there anyway around it?

93

ReHIPS / Re: How to allow Powershell specific actions?

« Last post by nick on October 19, 2019, 11:47:52 pm »

Hello fixer thanks, I'll do my best not to ask too many questions but it will be a challenge, documentation is not that detailed.

As I see it is something totally simple: I just try to run a bat file from windows explorer. I don't seem to manage how to use the wildcard correctly(??) but if I click the exact command to become trusted, the next time it represents it as trusted but if it is trusted wasn't supposed to not have a warning window?
(on the image I upload the username is the same on both windows I just removed it because I use it as a password sometimes online)

94

ReHIPS / Re: Problem with Directory OPUS's viewer and ReHIPS

« Last post by Stephen on October 19, 2019, 10:21:47 am »

Directory OPUS is a file manager with a feature to preview in a separate pane files that are selected in the file listing pane. This includes images, pdf files, text files and Office files.

The problem with Office files is that they are not shown in the Preview pane if ReHIPS is in any mode other than disabled. As soon as I set ReHIPS to disabled, the Office files are immediately viewed in the preview pane. If I re-enable ReHIPS the problem appears to be gone, but it comes back if I log out and log in to Windows and repeat the exercise of viewing Office files in the preview pane.

What may be worth mentioning is that when I disable ReHIPS and try to preview a Word document (actually it is a LibreOffice document with an odt extension) a dialog comes up saying "Microsoft Word isn't your default program for viewing and editing documents. Do you want to select the file types that Word should open?".

If I respond with No, then the previews load properly. If I respond with Yes then I'm taken to Windows settings to define which program should open Word documents etc. Even if I make no changes in Windows settings, the previewer in Directory OPUS then works as I describe above. Strangely, this also fixes Excel document previews, but again it's a temporary thing. Moreover, no dialog ever comes up about Excel, but only about Word.

EDIT: This is an interesting thread: https://resource.dopus.com/t/activex-preview-office-web/5472/5
Please note that Windows File Explorer with preview enabled does not show previous of Office documents and in fact exhibits a similar behavior to what I had experienced. I don't know if this may help the ReHIPS developers discover what it is with ReHIPS that causes this problem.

95

ReHIPS / Re: Problem with Directory OPUS's viewer and ReHIPS

« Last post by fixer on October 19, 2019, 09:09:18 am »

Could you please explain more about Office files? What exactly doesn't work? Any errors? Any screenshots.

96

ReHIPS / Re: Problem with Directory OPUS's viewer and ReHIPS

« Last post by Stephen on October 18, 2019, 11:56:21 pm »

Thank you for the explanation although to be honest I didn't fully understand. Too technical for me!

There remains a problem with MS Office and LibreOffice files. Is there any possibility that a solution may be found for these? I don't see anything in the ReHIPS rules settings that could help me solve it. The Directory OPUS programs include a few executables that appear, judging by their name, to be connected to the viewer function, but they are not listed in the ReHIPS rules settings and I cannot add them anyway.

97

ReHIPS / Re: Problem with Directory OPUS's viewer and ReHIPS

« Last post by fixer on October 18, 2019, 10:22:39 pm »

Thank you for your report, let's see.

Acrobat Reader is isolated in ReHIPS default rules as these rules were created when it didn't support AppContainer. If you use AppContainer, it can be allowed in ReHIPS. Some of you may say "hey, be consistent, in your blogpost https://forum.rehips.com/index.php?topic=9533 you recommended to isolate in ReHIPS for cases like this". You're right, but keep reading.

Why doesn't it work in ReHIPS? The problem is partly Windows and partly tight Acrobat sandbox restrictions. Windows in its msctf.dll has poor handling of some class freeing memory at first and then referencing its memory including handles causing invalid handle to be addressed (this will be covered in a separate blogpost). And sandbox doesn't allow it to address invalid handles causing it to crash immediately. Acrobat doesn't expect this crash and shows the window that something is incompatible.

98

ReHIPS / Re: How to allow Powershell specific actions?

« Last post by fixer on October 18, 2019, 05:35:28 pm »

Hello, nick. Welcome to our forum and thank you for your interest in our product.
Could you please explain more? What exactly command line you try? Post screenshot of the alert window?

99

ReHIPS / Re: How to allow Powershell specific actions?

« Last post by nick on October 17, 2019, 05:13:17 pm »

Take a look at Settings Duration radio-button. By default it's set to Only Once. This way your action will be applied only once. If you set it to Permanent, all Sub-Programs for powershell.exe will be Blocked or Allowed according to your choice.

If you want to allow some command lines only, there is an underlined "add to trusted" link, it'll add current command line to trusted and will be allowing it without alerts. If some part of this command line changes, you can use wildcards. Take a look at Trusted Command Lines tab in Settings, there are some predefined ones with wildcards.

I have started testing ReHIPS today, I don't know what am I doing wrong but this is not happening:
I am at the expert mode, I have added the command line as trusted, the next time I try to rerun (it's a bat file that has the cmd.exe with that specific command line) again I have the alert window for sub programs (showing at the same time that the command line is trusted...). Why does the alert window open if it is a trusted command? If I try to give allow permanently then it stops asking but for all cases even for "untrusted" command lines

Also I tried to use wildcards in the trusted command lines list but it's not working? if for example I change the above (which verified was recognized as trusted in the warning window before) removing the part of the filename (after "\") until the file extension (".") and replace it first with * then also tried {*} but in both cases it was not recognized as trusted.....

100

ReHIPS / Problem with Directory OPUS's viewer and ReHIPS

« Last post by Stephen on October 17, 2019, 02:36:27 pm »

I now use Directory OPUS as my file manager. Among its features is a viewer that allows one to see the content of various documents (images, text, Office, PDF etc.).

I'm having a problem with Acrobat Reader DC which apparently is used by Directory OPUS for PDF file viewing. Firstly, Acrobat Reader shows the attached image on starting up the program.

Secondly, the Security settings of Acrobat Reader are shown as attached.

Thirdly, Acrobat Reader is set by ReHIPS to run in an Isolated Environment.

The problem described above also affects MS Office documents such as Word and Excel files, presumably for a similar reason. I'm highlighting Acrobar=t Reader here for the purpose of explaining what is going on.

If I disable ReHIPS then Directory OPUS's viewer works with no problem.

EDIT: I solved the pdf problem as follows. I downloaded SumatraPDF and installed it by enabling the option of a Windows PDF handler (if I remember correctly). Now pdf files are displayed in the Directory OPUS viewer.

I'll have to wait a while and test a bit more MS Office files and LibreOffice files.

EDIT 2: I can confirm that there is a problem with MS Office and LibreOffice files. They are not shown properly in Directory OPUS unless ReHIPS is disabled.