Question about sandboxie settings

[JohnMult]

I use Sandboxie for surfing with chrome mainlly and i believe i am quite happy about it.
My question is if I can add in Resource Access -- File Access -- Blocked Access the executables:
1 taskmgr.exe (Task Manager)
2 regedit.exe (Registry Editor)
3 taskkill.exe (Task Killer)
4 mmc.exe (Microsoft Management Console)
5 wscript.exe (Windows Based Script Host)
I have already added my "Panda Security" Folder and "My Documents"

[bo elam]

Hi John, I have never block or set as read only any of the files you listed. Personally, I prefer to use the blocked access setting to block personal files and folders and use the read only setting for system files. Doing it like that, I don't get any messages from SBIE.

You could test it yourself and see what happens. If I was you, I would test one or two at a time and see if SBIE works fine. If it doesn't, set the resources as read only. Blocking the My Documents folders is OK.

Bo

[PJC]

Why blocking these files?
For further security?

[tomazyk]

I have blocked file access on my personal data only. I don't see much risk in reading access on those applications.
If you don't want those apps to be run in sandbox, you can try to create a list of allowed apps in Start/Run access.

[sweater]

Maybe, you can check this proven & tested settings of ours:

http://www.wilderssecurity.com/showthread.php?t=310281

[Amit]

Quote:

Originally Posted by bo elam

Hi John, I have never block or set as read only any of the files you listed. Personally, I prefer to use the blocked access setting to block personal files and folders and use the read only setting for system files. Doing it like that, I don't get any messages from SBIE.

You could test it yourself and see what happens. If I was you, I would test one or two at a time and see if SBIE works fine. If it doesn't, set the resources as read only. Blocking the My Documents folders is OK.

Bo

Same here.

[Jarmo P]

I use Sandboxie in it's default setting and with experimental protection for 64 bit. Does it need any more strengthening if just mostly using as browser surfing?

The only thing I have allowed is 'Allow direct access to Firefox bookmark and history database' and 'Allow direct access to Google Chrome bookmark and history database'. It used to be that only bookmarks needed to allow but it has changed into needing to allow also the surfing history, which is not so good IMO?

[bo elam]

Quote:

Originally Posted by Jarmo P

I use Sandboxie in it's default setting and with experimental protection for 64 bit. Does it need any more strengthening if just mostly using as browser surfing?

If I was using SBIE only for browsing, I would restrict the sandbox: allowing to run the browser and any program that I normally use while browsing, like for example, the Plugin container in Firefox or the PDF reader if its opened out of the browser. Also, I would only allow the browser to connect.

You ask if a default settings sandbox needs to be restricted. In my honest opinion, no, but it is a nice feeling when you are browsing and you know that nothing but what you allow to run, can run. I mean, nothing in the background will do nothing. In the almost four years that I have been using SBIE, I have never seen anything that looks like malware attempt to run. Never. I credit that to Sandboxies Start/Run restrictions.

Now, at the same time, I totally trust a default settings sandbox because most of the people that I know that are using Sandboxie, are using a default settings sandbox, they don't even know what restricting a sandbox is but don't get infected anymore. A couple of this friends always have their AV either disabled or not working but don't get infected. That kind of tells me that the default settings sandbox is working well for the average user.

Restricted or not, Sandboxies sandbox is great, IMO.

Bo

[jo3blac1]

I enabled the option to empty sandbox whenever I close chrome. Besides that everything else is in default settings.