I saw that already in previous post. Plz read my last 3 posts.
Sent from my OMNIA7 using XDA Windows Phone 7 App
Sent from my OMNIA7 using XDA Windows Phone 7 App
Yes i do read all post'sI saw that already in previous post. Plz read my last 3 posts.
Sent from my OMNIA7 using XDA Windows Phone 7 App
<Rule
PriorityCategoryId="PRIORITY_HIGH"
ResourceIri="/FILESYS/PRIMARY/WINDOWS/SECURITY/POLICYDB.VOL"
SpeakerAccountId="S-1-5-112-0-0-1"
Description="Protect the policy DB from everyone but the system">
<Stop>
<Match AccountId="S-1-5-112-0-0XFF" />
</Stop>
</Rule>
<Rule
PriorityCategoryId="PRIORITY_STANDARD"
ResourceIri="/FILESYS/PRIMARY/APPLICATIONS/INSTALL/(+)/INSTALL/(*)"
SpeakerAccountId="S-1-5-112-0-0-1"
Description="ACL the application installation directory to be read + execute (so resource dlls can be read. This access is required by all who need to read an application's title">
<Authorize>
<Match AccountId="S-1-5-112-0-0X21-0X0000000A" AuthorizationIds="FILE_ALL_ACCESS, FILE_GENERIC_READ, FILE_GENERIC_WRITE, FILE_GENERIC_EXECUTE, FILE_READ_ATTRIBUTES, FILE_WRITE_ATTRIBUTES, FILE_LIST_DIRECTORY" />
<Match AccountId="S-1-5-112-0-0X23" AuthorizationIds="FILE_GENERIC_READ, FILE_GENERIC_EXECUTE, FILE_READ_ATTRIBUTES, FILE_LIST_DIRECTORY" />
</Authorize>
<Stop>
<Match AccountId="S-1-5-112-0-0XFF" />
</Stop>
</Rule>
OMFG! I DID IT!
> Completed successfully.
Now just hope we can write it to the real policy.vol
Remote CMD used:
var ar = @"/nowritemerged /mdb=""\PolicyMeta.xml"" /pdb=""\policydb.vol"" /adb=""\accountdb.vol""";
PID:0CE60056 TID:0DE30056 PolicyLoader.exe : Info PolicyXml0000:
PID:0CE60056 TID:0DE30056 PolicyXmlSaveToDatabase(P="\policydb.vol", A="\accountdb.vol", M="\PolicyMeta.xml")
PID:0CE60056 TID:0DE30056
PID:0CE60056 TID:0DE30056 PolicyLoader.exe : Info PolicyXml0000:
PID:0CE60056 TID:0DE30056 Completed successfully.
PID:0CE60056 TID:0DE30056
edit:
Seems to work against real policy.vol
Re-configured to "\Windows\policydb.vol":
var ar = @"/nowritemerged /mdb=""\PolicyMeta.xml"" /pdb=""\Windows\policydb.vol"" /adb=""\accountdb.vol""";
PID:0CDE0052 TID:0D39005A PolicyXmlSaveToDatabase(P="\Windows\policydb.vol", A="\accountdb.vol", M="\PolicyMeta.xml")
PID:0CDE0052 TID:0D39005A Completed successfully.
PID:0CDE0052 TID:0D39005A
-pdb=FileName
Specifies the name to display for the Policy database file in diagnostic messages. Default is "policy.vol". (Note that regardless of the file policy.vol name given here, the device's built-in Policy database will be used.)
Yes, everything is done in the Emulator, don't want to brick my phone by mistakeSo I assume you're still doing this in the emulator. We should now think of some policies that we can apply so we can test if this really works. I could be something like adding a high priority policy that block access for LPC. If we can't run any apps after we applied that policy, we know it works.
<Rule PriorityCategoryId="PRIORITY_HIGH" ResourceIri="/LOADERVERIFIER/GLOBAL/AUTHORIZATION/PE_AUTHZ/NONE/NONE/PRIMARY/WINDOWS/TASKHOST.EXE" SpeakerAccountId="S-1-5-112-0-0-1" Description="Stop taskhost.exe be loadable to $(TASKHOST_CHAMBER_SID)">
<Stop>
<Match AccountId="S-1-5-112-0-0X80-0X00000001" />
<Match AccountId="S-1-5-112-0-0X80" />
</Stop>
Got some problems :/Try to add this to the emulator:
Code:<Rule PriorityCategoryId="PRIORITY_HIGH" ResourceIri="/LOADERVERIFIER/GLOBAL/AUTHORIZATION/PE_AUTHZ/NONE/NONE/PRIMARY/WINDOWS/TASKHOST.EXE" SpeakerAccountId="S-1-5-112-0-0-1" Description="Stop taskhost.exe be loadable to $(TASKHOST_CHAMBER_SID)"> <Stop> <Match AccountId="S-1-5-112-0-0X80-0X00000001" /> <Match AccountId="S-1-5-112-0-0X80" /> </Stop>
I'm not sure you can apply this, because it may conflict with existing policies and I don't know how that is handled by the PolicyLoader. If you can apply it and you can't run apps anymore afterwards, it means that it worked.
edit: Removed AuthorizationIds from XML, because it is in <Stop> instead of <Authorize> and stop-tags don't have the AuthorizationIds attribute in them.
Got some problems :/
When having no <Rule>'s at all it succeeds
> Complete success.
Having one (the taskhost thing):
Internal error - function failed: PolicyRuleOpen(805307329) (GetLastError = 1260)
May be file system access somewhere. (open as "rwb") (read + write + binary)
Same error @ PolicyRuleOpen(805307329)Ok. Plz try with /pdb=""\Temp\policydb.vol""
edit: You may have to copy the orignal policydb.vol to \Temp\ first. Not sure about that.
edit2: It seems that \Temp\ needs only Standard Privs to write there.
<Rule
PriorityCategoryId="PRIORITY_HIGH"
ResourceIri="/RESOURCES/(MATCH-CHAMBER)/(*)"
SpeakerAccountId="S-1-5-112-0-0-1"
Description="All chambers have access to their resources">
<Authorize>
<Match AccountId="S-1-5-112-0-0-0" AuthorizationIds="SCHEDULE_GENERIC_ACCESS, SCHEDULE_CREATE_PERSISTENT, SCHEDULE_ALL_ACCESS, MESSAGE_SEND, MESSAGE_RECEIVE, PROCESS_QUERY_INFORMATION, PROCESS_DUP_HANDLE, GENERIC_READ, GENERIC_WRITE, GENERIC_EXECUTE, GENERIC_ALL, DELETE, READ_CONTROL, WRITE_DAC, WRITE_OWNER, SYNCHRONIZE, STANDARD_RIGHTS_REQUIRED, SPECIFIC_RIGHTS_ALL, ALL_ACCESS" />
</Authorize>
</Rule>
<Rule
PriorityCategoryId="PRIORITY_HIGH"
ResourceIri="/KERNEL/(+)/(MATCH-CHAMBER)/(*)"
SpeakerAccountId="S-1-5-112-0-0-1"
Description="All chambers have access to their own kernel objects">
<Authorize>
<Match AccountId="S-1-5-112-0-0-0" AuthorizationIds="GENERIC_READ, GENERIC_WRITE, GENERIC_EXECUTE, GENERIC_ALL, DELETE, READ_CONTROL, WRITE_DAC, WRITE_OWNER, SYNCHRONIZE, STANDARD_RIGHTS_REQUIRED, SPECIFIC_RIGHTS_ALL, ALL_ACCESS" />
</Authorize>
</Rule>
<Rule
PriorityCategoryId="PRIORITY_LOW"
ResourceIri="/LOADERVERIFIER/ACCOUNT/(MATCH-CHAMBER)/ACCOUNT_CAN_LAUNCH/(+)/(+)"
SpeakerAccountId="S-1-5-112-0-0-1"
Description="Allow every Chamber try to load non-rom exe into its own Chamber, if not blocked by other policies">
<Authorize>
<Match AccountId="S-1-5-112-0-0-0" AuthorizationIds="LV_ACCESS_EXECUTE" />
</Authorize>
</Rule>
.
Microsoft Mobile Device Privileged PCA - ced778d7bb4cb41d26c40328cc9c0397926b4eea - not used in this context
Microsoft Mobile Device TCB PCA - 88bcaec267ef8b366c6e6215ac4028e7a1be2deb - honored by System Identity Group
Microsoft Mobile Device Unprivileged PCA - 1c8229f5c8d6e256bdcb427cc5521ec2f8ff011a - honored by Standard Right Identity Group
Microsoft Mobile Device VSD PCA - 91b318116f8897d2860733fdf757b93345373574 - not used in this context
VeriSign Mobile Root Authority for Microsoft - 069dbcca9590d1b5ed7c73de65795348e58d4ae3 - honored by LPC Identity Group
I won't tell to anyoneI have to thank Cotulla for helping me find a stupid mistake I made! His incredible knowledge helped me see why I thought it was not working yet
ACCESSIBILITYCPL.EXE
ACCOUNTSMANAGER.EXE
ALARMS.EXE
APPCHECKERSHIM.EXE
APPPREINSTALLER.EXE
AUTODATACONFIG.EXE
AUTOSIM.EXE
AUTOTIMEUPDATE.EXE
BRIGHTNESSCPL.EXE
BTUXCPL.EXE
CALENDARAPP.EXE
CALLSETTINGSHOST.EXE
CALNOT.EXE
CALUPD.EXE
CAM_FW_UPDATE_UI.EXE
CELLUXCPL.EXE
CERTINSTALLER.EXE
CFGHOST.EXE
CFLAUNCHER.EXE
CHDIALERHOST.EXE
CIPHASE2.EXE
CLIENTSHUTDOWN3.EXE
CLOCKNOT.EXE
CMACCEPT3.EXE
COLDINIT.EXE
COMMSVC.EXE
COMPOSITOR.EXE
CONFIGDM.EXE
CONFIGXML.EXE
CONMANCLIENT3.EXE
CONTACTS.EXE
CPROG.EXE
DATETIMECPL.EXE
DCVSSWITCH.EXE
DEPOTCOPY.EXE
DEVICEFEEDBACKCPL.EXE
DEVICEREG.EXE
DIAGPORTCHANGETEST.EXE
DLLHOST.EXE
DMSCHEDULERCALLBACK.EXE
DMSRV.EXE
DMSTOOLS.EXE
DUACLIENT.EXE
DW.EXE
EDM3.EXE
EMAIL.EXE
EMAILSETUP.EXE
ENDPOINT.EXE
FCROUTERCMDTEST.EXE
FIELDTESTAPP.EXE
FLIGHTMODE.EXE
GAMESUX.EXE
IEXPLORE.EXE
INITIATEDMSESSION.EXE
INVALIDLICENSEUXLAUNCHER.EXE
KEYBOARDCPL.EXE
LASSCREDENTIALEXPIRATIONCHECK.EXE
LASSRESTARTER.EXE
LIVETOKEN.EXE
LOCKCPL.EXE
LOOPBACKTEST.EXE
MEDIAGROVEL.EXE
MEUX.EXE
MITSMAN.EXE
MMSPRPROXY.EXE
MMSTRANSHOST.EXE
MULTIMEDIALAUNCHER.EXE
MYPHONECPL.EXE
MYPHONETASKSRUNTIME.EXE
NATIVEINSTALLERHOST.EXE
OFFICEURL.EXE
OMADMCLIENT.EXE
OMADMPRC.EXE
OMHUB.EXE
ONBOOTSQM.EXE
ONENOTEMOBILE.EXE
OOBE.EXE
PACMANINSTALLER.EXE
PHOTOENT.EXE
PHOTOENTCAPTURE.EXE
PHOTOUPLOADER.EXE
PPT.EXE
PWORD.EXE
PWRLOGCTRL.EXE
PXL.EXE
RAPICONFIG.EXE
REGIONCPL.EXE
RMACTIVATE.EXE
SAPISVR.EXE
SECSIMTKIT.EXE
SERVICESD.EXE
SERVICESSTART.EXE
SETTELEPORTMODE.EXE
SETTINGS3.EXE
SHORTMSG.EXE
SICLNT.EXE
SIGNALEVENT.EXE
SIREPSERVERAPPDEV.EXE
SMSETTINGS.EXE
SMSTRANSPORT.EXE
SOUNDCPL.EXE
SPEECHCPL.EXE
SPMC.EXE
SQMEVENT.EXE
SSUPDATE.EXE
TASKHOST.EXE
TELSHELL.EXE
TESTSHOW.EXE
THEMECPL.EXE
TOGGLEBROWSERHIBERNATION.EXE
TOGGLEDOG.EXE
UDEVICE.EXE
UIF.EXE
UNIFIEDPAIR.EXE
USBMGR.EXE
WEBSEARCH.EXE
WIFIUXSPLASH.EXE
WLANEXT.EXE
WLIDSETUP.EXE
WWANDATAMGR.EXE
XDRMREMOTESERV.EXE
ZIPVIEW.EXE
ZMFTASKLAUNCH.EXE
var doc = XDocument.Load(File.OpenRead("SamsungOmnia7_BasePolicy_webserver.xml"));
var ea = doc.Elements().ToArray()[0].Elements()
.Where(x => x.Name.LocalName == "Rule")
.Where(x => x.Attributes("ResourceIri").Count() > 0)
.Where(x =>
{
var r = x.Attribute("ResourceIri").Value;
return r.Contains("LOADERVERIFIER") && r.ToLower().Contains(".exe") && !r.Contains("CERTIFICATES");
})
.Select(x =>
{
var v = x.Attribute("ResourceIri").Value;
var l = v.LastIndexOf('/');
return v.Substring(l + 1);
})
.Distinct()
.OrderBy(x => x)
.ToArray();