Settings for sandboxing Java via Sandboxie?

[Sully]

This isn't something I have tried. If you have a java sandbox (SBIE), it doesn't matter what non-sandboxed application wants to use the java in the sandbox, the sandbox would have to have access to the real system for it to escape the sandbox at all. How much of the real system, I don't know. Perhaps just the chrome directory, maybe more.

Sandboxie traps what happens in the sandbox there. What you want to do is a good idea, but limitations I think are what you are up against. At a very basic level, you defeat the purpose of using the sandbox to contain java, as you have to let it out to work with a non-sandboxed process. This would imply that, if you got it to work, the java in the sandbox would have access to whatever it was you made an exception for, which could mean it has free access to modify etc. You could try read only or read/execute but not write access. That might do the trick.

Theories only on this topic though.

Sul.

[m00nbl00d]

You either run both in the same sandbox or you run both outside of the sandbox. That's how it works.

Sometime ago, as I've mentioned in Sandboxie's thread created by you, I've suggested precisely what you want to achieve. But, it's not possible for now.

When you run your web browser, it's calling Java's plugin, etc. Java is being forced to its sandbox. Unless I'm missing something, there would never exist the needed interaction between the browser and Java. That's not how it works.

-edit-

As Sully mentioned you could try to open holes in the sandbox and see what would come out of that, but it would beat the purpose of using Sandboxie, in the first place.

[Hungry Man]

Guess I'll stick to Comodo for sandboxing Java. Thanks for the input, in class so I haven't read it all.

EDIT: The part that confuses me is that I've opened ALL of the holes I can in Sandboxie. Still crashes. I've given literally full access to the entire system.

Somehow Comodo works (and protects against java exploits.)