The least strict sandboxing for EasyAntiCheat

[exander77]

This is more of a question. Is there a config available for the least strict sandboxing? Basically, allow everything that is possible?

It would be a great start for debugging issues.

[Dyras]

There is!
Sandbox -> Create New Box

[exander77]

@Dyras That one I tried already, but there are options elsewhere that relax sandboxing even more aren't there?

For example, EasyAntiChead doesn't want to run even with just this.

[isaak654]

If you don't care about isolation and you want to analyze any compatibility issue, I would suggest to combine the App Compartment mode with the following configuration: #1461 (comment)

If it's not enough, you may add also OpenIpcPath=* to those lines. If you want to find related issues like yours, please look at the documentation label.

If you need more information about taking the logs, see also the docs here.

And last but not least, you could obtain newer debug options quickly by finding the equal sign in the CHANGELOG.md file with your browser in order to highlight them.

[exander77]

@isaak654 Exactly, I want to debug compatibility, so I basically want to run every protection off.

Tested, no change.

EasyAntiCheat still complains. What else can be turned off?

[exander77]

This is basically what is between starting anti cheat and reporting bug:

|Process|                                          |Type|         |Status|      |Value|                                                                                                                                                 

hunt.exe (13016, 15208) - 00:54:28.799             SCM (U)                      StartService: easyanticheat                                                                                                                             
steamwebhelper.exe (14580, 11856) - 00:54:28.831   ComClass (U)   (7)           {228826AF-02E1-4226-A9E0-99A855E455A6} ImmersiveShellBroker                                                                                             
steam.exe (20788, 17224) - 00:54:28.877            Ipc (U)                      \BaseNamedObjects\SteamClientService_SharedMemLock                                                                                                      
steamwebhelper.exe (14580, 11856) - 00:54:28.893   ComClass (U)   (15)          {228826AF-02E1-4226-A9E0-99A855E455A6} ImmersiveShellBroker                                                                                             
steam.exe (20788, 17224) - 00:54:28.987            Ipc (U)                      \BaseNamedObjects\SteamClientService_SharedMemLock                                                                                                      
steamwebhelper.exe (14580, 11856) - 00:54:28.987   ComClass (U)   (11)          {228826AF-02E1-4226-A9E0-99A855E455A6} ImmersiveShellBroker                                                                                             
steam.exe (20788, 17224) - 00:54:29.097            Ipc (U)        (3)           \BaseNamedObjects\SteamClientService_SharedMemLock                                                                                                      
steamwebhelper.exe (23892, 24436) - 00:54:30.112   Rpc (U)        Trace         Endpoint = 'null', UUID = 00000000-0000-0000-0000-000000000000, BindingHandle = 0x828AC020, status = 0x00000000, timeout = 1, caller = 'fwpuclnt.dll'   
steamwebhelper.exe (23892, 24436) - 00:54:30.112   Rpc (U)        Trace         Endpoint = 'epmapper', UUID = 00000000-0000-0000-0000-000000000000, BindingHandle = 0x0, status = 0x00000057, timeout = 1, caller = 'RPCRT4.dll'        
steamwebhelper.exe (23892, 24436) - 00:54:30.112   Pipe (U)       Open          \Device\Afd                                                                                                                                             
steam.exe (20788, 20792) - 00:54:32.793            WinClass (U)   Closed (3)    Valve001                                                                                                                                                
hunt.exe (13016, 15208) - 00:54:39.792             WinClass (U)                 eac_bugreport

[exander77]

#1192 I have that already.

BlockNetParam=n

[exander77]

I can definitely wait for a new version of EAC, but this question is more about, how to debug this issue and what is really EAC doing.

[DavidXanatos]

To the NoSecurityIsolation=y
you could also add NoSecurityFiltering=y
But be warned than the sandbox is not safe ta all (!!!) and I don't expect this to improve compatibility.

what you could also try is to disable various DLL hooks, but disabling many of them can actually worsen the compatibility.

DllSkipHook=user32.dll
DllSkipHook=msi.dll
DllSkipHook=gdi32full.dll
DllSkipHook=gdi32.dll
DllSkipHook=sxs.dll
DllSkipHook=shell32.dll
DllSkipHook=shcore.dll
DllSkipHook=userenv.dll
DllSkipHook=MsCorEE.dll
DllSkipHook=ntmarta.dll
DllSkipHook=ComDlg32.dll
DllSkipHook=acscmonitor.dll
DllSkipHook=winnsi.dll
DllSkipHook=Pdh.dll
DllSkipHook=sysfer.dll
DllSkipHook=emet.dll
DllSkipHook=snxhk64.dll
DllSkipHook=snxhk.dll
DllSkipHook=IDMIECC.dll
DllSkipHook=MsgPlusLive.dll
DllSkipHook=agcore.dll
DllSkipHook=advpack.dll
DllSkipHook=mso.dll
DllSkipHook=dwrite.dll
DllSkipHook=osppc.dll
DllSkipHook=winspool.drv
DllSkipHook=wevtapi.dll
DllSkipHook=winsta.dll
DllSkipHook=wtsapi32.dll
DllSkipHook=sfc_os.dll
DllSkipHook=d3d9.dll
DllSkipHook=imm32.dll
DllSkipHook=uxtheme.dll
DllSkipHook=zipfldr.dll
DllSkipHook=cfgmgr32.dll
DllSkipHook=setupapi.dll
DllSkipHook=sspicli.dll
DllSkipHook=pstorec.dll
DllSkipHook=wkscli.dll
DllSkipHook=netapi32.dll
DllSkipHook=iphlpapi.dll
DllSkipHook=ws2_32.dll
DllSkipHook=hnetcfg.dll
DllSkipHook=crypt32.dll
#DllSkipHook=advapi32.dll
#DllSkipHook=sechost.dll
#DllSkipHook=secur32.dll
#DllSkipHook=rpcrt4.dll
#DllSkipHook=combase.dll
#DllSkipHook=ole32.dll

you may also try to open COM access but than a lot of stuff will escape the isolation like the MSI installer and install to the host
OpenIpcPath=\BaseNamedObjects_ComCatalogCache_
OpenIpcPath=\RPC Control\epmapper
OpenIpcPath=\RPC Control\LRPC*
OpenIpcPath=\RPC Control\OLE*
RpcMgmtSetComTimeout=n

[exander77]

So far, no go.

Interestingly:

DllSkipHook=advapi32.dll
DllSkipHook=sechost.dll

These to prevents the internal service to run. Otherwise, Steam Client seems to work fine without any other Dll hooks.

OpenIpcPath=*

Causes steam not to start at all.

OpenIpcPath=\RPC Control\epmapper

Cause steam not work after log in (no main window appears).

[isaak654]

@exander77 Please refer to the main issue if you have further news to share about EasyAntiCheat: #1192