Teach a n00bie how to use Sandboxie

Discussion in 'sandboxing & virtualization' started by berryracer, Aug 18, 2012.

Thread Status:
Not open for further replies.
  1. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    I don't get it, from what I heard about it, it sounds absolutely useless...

    I have Eset Smart Security, MBAM, and SAS, along with safe surfing habits and common sense.

    Convince teh meh why shall I use S4ndb0x!3 o_O?

    I also have a question, I usually login to all my fav. sites and like to have my cookies for them always there ...

    does that mean if I use Sandboxie, I will have to login to them again and again every time I use my browser?

    Finalleh, can you explain to me briefly how to use this thing? sounds too confusing which is why I have never tried it....hope you can show meh how to use it like some step by step instructions would be highly appreciated

    kthxbye
     
  2. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,306
    Location:
    USA,IA
    sandboxie useless? No i dont think so. with your web browser sandboxed nothing gets in. ever.
     
  3. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    i hope someone can answer my other questions:rolleyes:
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I'll take a stab at it I guess, although you should have searched a bit more, as I myself have explained it numerous times. But, I get better at it each time, so why not. And others describe it differently, which I also like to see.

    At a very basic level, all sandboxie does is to create a directory called c:\sandbox.

    With the paid version, you can create multiple sandboxes, maybe browser_box and media_box are two you might create, for use as labeled. When you create these sandboxes, what sandboxie does is to create subdirectories for them, like this
    c:\sandbox\browser_box
    c:\sandbox\media_box

    Within a sandbox directory, like those listed above, will be typically two distinct directories: drives and users. What sandboxie does, in the case of objects and containers (files and folders) is this.

    A. If the processes running in the sandbox need to access a file on the system, it is allowed so. If the access in any way needs to do anything but read the file, a copy is made of the original, within the associated directory of the sandbox. So any process then within the sandbox works like normal, but because it is using a copy, the real system never gets changed.

    Example. A process running in a sandbox wants to modify c:\windows\somefile.cfg. Sandboxie copies this file to an associated place, like this: c:\sandbox\browser_box\drive\c\windows\somefile.cfg.

    B. If you get a new file or folder, say from downloading with a sandboxed browser, the file/folder is created within the sandbox, but not the real system. The processes running with in the sandbox see it, and use it, everything is normal, but the file is in the c:\sandbox directory.

    An example would be you download somesong.mp3. The browser saves it to your downloads directory. However, sandboxies job is to keep it out of the real system, so it might be in this location: c:\sandbox\browser_box\user\<your user name>\downloads\somesong.mp3.

    Many people have a hard time understanding or just don't like how sandboxie creates this "virtual area". The recover options of sandboxie are designed to make it easier, so that if you download something to a "virtual directory", that sandboxie is "monitoring", it will pop up and say
    "Hey, you just downloaded something to your downloads folder. I am watching that folder for you, so would you like me to recover that file to the real location so it will be where you expect it to be, rather than just in the virtualized area?"

    So, if you have modified/created files/folders in an area sandboxie has been told to monitor, it can help you "recover" the file in the sandbox (virtualized area) to the real (couterpart) location. If you do things that sandboxie is not monitoring, then you have to find it yourself in the c:\sandbox directory. But, you need not fear. If you can find it in your real system, you can find it in the c:\sandbox directory, it is exactly the same once you get past the first few directories and understand how sandboxie creates its directory virtualization.

    Thats the basic IMO. There are other things it does or doesn't do that I neglected to include. Suffice to say that for most situations, what you start in the sandbox stays in the sandbox.

    Now it is possible to make an "exclusion" so that specific things don't have to be recovered, or specific files/folders cannot be used by sandboxed applications. The classic example is that you give sandboxie access to the real bookmarks file of your browser, so that if you create a bookmark while the browser is sandboxed, it is saved for real, no virtualization. If you delete the contents of the sandbox, a major benefit of using sandboxie, then in this case your bookmarks you created while browsing in the sandbox are not deleted. Lots of other ideas, but that is the most common.

    I feel a lot of people who might want to use sandboxie, or are experimenting with it, need to understand what sandboxie does, and does not, do.

    It DOES keep what happens within the sandbox.

    It DOES NOT protect the sandbox, at all.

    If you get exposed to a virus etc while using a sandboxed browser, the virus will not get to your real system. It stays confined to the sandbox. That is the job of sandboxie.

    However, if you do get a virus/etc while using a sandboxed browser, the virus can live within the sandbox, doing whatever it is designed to do.

    Sandboxie is used for these reasons usually, IMO

    1. to keep what happens in a browser/etc, when sandboxed, out of the real system.

    2. because you can delete the contents of a sandbox easily (and automatically), it is used to make sure a given sandbox/browser are always kept clean. If any nasties get in while you use it, they are deleted, having never touched the system. This might be used in the terms of privacy or just keeping a clean state.

    3. to install average applications in, to try them out, without mucking the real system up. If you don't like the application, you just delete the sandbox, and it is gone. The real system never even knew it was installed.

    This is of course just a sampling of the uses sandboxie might have, and the ways to configure it.

    Sul.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Berry, the other day in another thread, you called Sandboxie, "a headache". I didn't say nothing but I didn't like it. Now, you sort of call it useless. Sandboxie actually is more like an aspirin and if you learn how to use it, it would do more for you than MBAM, ESET and SAS combined.

    You say, "convince me, why I shall I use it". You also say that you use common sense, right? OK, if you go the Forum of each of those fine antiviruses and antimalware programs, in each of those forum you will find a sub forum for people that get infected. That is something that the SBIE forum don't have. Take a guess, using common sense, why is that.

    You ll find the answers for your questions somewhere in between page1 and page6 of the "Getting started" tutorial.
    http://www.sandboxie.com/index.php?GettingStarted

    Bo
     
  6. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    Wow!! thanks a lot for taking the time to explain how it works man! I really appreciate it now it's all clear

    2 more things

    1) You say I can install an application in the sandbox to test it out first, but how are the app's registry entries created then? it should have some registry entries to work right?

    2) Does this mean that when I run my browser sandboxed, the next time I run it I will have to relogin into all my sites that I visit again or are the cookies retained in the sandbox?

    thanks
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,940
    Location:
    UK
    Start from post 21 in this thread, although it's an old thread it does give a easy to understand info which may help you (goes into page 2)

    https://www.wilderssecurity.com/showthread.php?t=266765


    You may end up like the rest of us, install new OS, Sandboxie goes on first :D
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Oh, such a very very true reality indeed. I am very particular about this sort of thing.

    Sul.
     
  9. tomazyk

    tomazyk Guest

    1) SBIE creates registry hives in sandbox also. All changes to file system and registry are contained in sandbox.

    2) For most popular browser (IE, Firefox, Chrome, Comodo, SRW Iron) Sandboxie has built-in option to save cookies to real system. If you enable it, all cookies will be written to real system and will stay there. Then you can use other software (CCleaner...) to remove unwanted cookies.
     
    Last edited by a moderator: Aug 18, 2012
  10. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    Plenty of good info and advice indeed available, not only in this thread, but also at a press of Search button.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.