Sandboxie

The name ilya rabinovich reminded me something

 

Yes, the signature definitely reminds me something...

 

Good grief, Ilya, you must be making someone somewhere very angry, which can only mean one thing ... your program must be doing its job very well!

Acadia

 

The offer screen comes up every few openings like every 4 or so. Plus its only 5 seconds. Why do people complain about something so trivial.

 

You should trademark your name also

 

Sandboxie paid have the option to select drives or folders to run automatically sandboxed (with limited privileges, without permition to execute and to access the internet).
Is this enought to prevent most automatic usb based infections?
thanks!

 

A basic question for the more experienced.

I have a number of program icons on my Desktop that update or automatically logon to the Internet when clicked. These logons are not sand-boxed by SBie.

Is there a way I can make these programs logon to the net within Sandboxie ?

John B

 

Just now checked: I right clicked a link on my desktop, browsed to "SendTo", and there was sandboxie folder, browsed into that and found DefaultBox, clicked that and the link launched in my browser sandboxed.

I don't specifically recall having taken extra steps to add sandboxie to my "SendTo" folder, so it may well be in yours already.

HTH

There may well be a more elegant and/or direct way to set up what you want. If so, someone will probably volunteer it directly.

 

John you should not use Sandboxie when updating programs, otherwise the
update will not remain when you delete the contents of the sandbox. On the
registered version you can force programs to open sandboxed whenever you
open them but that is not available on the free version. You can right click
on the icon and select "Run Sandboxed", doing that I think you ll be able to
do what you want.


Bo

 

Sorry, I interpreted John's stated problem as browser links saved to his desktop as opposed to program launch icons. If that's not the case, then my bad. I don't have "Run Sandboxed" available for browser links.

Also, I never thought of difference between paid and free. I'm running paid version and not sure the alternative I suggested is available in the free version.

Otherwise, I concur with bo elam's statement under his interpretation of the issue.

 

Hello Bo,

I have the Free version of Sandboxie and a right click on the Desktop icons
does give a "Send to". I never took any notice of this since I saw no reason to send it anywhere, just Run it.

BUT on reading these posts, I have now put the Cursor on "Send to" and a sub-panel does say "Sandboxie Defaultbox". Thanks for tipping me off on this oversight on my part, now I CAN run these Desktop programs within Sandboxie.

John B

 

Wow, I'm glad Bo nailed it for you, John.

 

What a surprise !

I am registered on the Sandboxie Forum. Nothing wrong in that, many of us belong to an assortment of Forum`s.

Just logged on to Sandboxie and up came a message "You cannot enter another post for 1 hour". Since I posted a previous comment I was told to come back in 39 minutes.

Not worth a return ticket, I`ll skip that Forum in future, can get a better deal with Wilders.

My question would have been :- Are NoScript and ABP simply excess baggage with Sandboxie ? Uninstall them ?

John B

 

Sandboxie usage...

1. Right click most any object > Run Sandboxed

2. Create a new shortcut, and in the TARGET box something like:

Code:

"C:\Program Files\Sandboxie\Start.exe" /box:DEFAULT "C:\Program Files\Program Name\program.exe"

3. Make a batch file with this in it:

Code:

"C:\Program Files\Sandboxie\Start.exe" /box:DEFAULT "%1"

Then, drop any object onto this batch file and it starts in the sandbox.
(NOTE: get the box name correct, DEFAULT may not be correct for you)

The sky is the limit really on how you can make use of this sort of thing.

Sul.

 

John Bull, in addition to what Peter2150 already mentioned, here tzuk's original comment in the Sandboxie Forum:

(Link: http://www.sandboxie.com/phpbb/viewtopic.php?p=55858#55858 )

 

Answer: Keep the same browser protection you would use normally before Sandboxie; by that I mean browser add-ons to prevent scripting and the exploits you were worried about before. Those same threats still exist - In sandbox real time. Just because you're sandboxing the browsing session you won't be immune to scripting and all the other exploits that exist within dangerous web pages - your system is just going to be safe when you close the sandbox.

By editing the sandbox ini you can restrict the sandbox to 1) the bare minimum running exe's, 2) restrict application's able to access the internet in the sandbox session. These can keep the sandbox activity under control and reduce the threats - in sandbox real time.

My browser sandbox goes like this.

- Browser Sandbox Start/Run restrictions - I only have Firefox.exe, my PDF viewer, & my on demand AV's allowed to execute

- Browser Sandbox internet access is restricted to Firefox and AV'S

- Drop Rights enabled


Simple sandbox firewalling.

 

Don't forget to add "plugin-container.exe" and both "jp2launcher.exe" and "java.exe" to your Start/Run and Internet settings in the sandbox you use to browse. That is, of course, if you use Flash and Java. Otherwise neither will work. Doing so also caused my browsing to slow noticeably, but that could just be my system alone. Drop Rights is a real pain unless you set up a sandbox just for testing software and other things. To be very honest, I'm not even sure you need Sandboxie if you use NoScript properly, meaning whitelisting websites that you trust and don't seem to have any problems. I think that pretty much goes with all browsers and proper handling of scripts. But, that's only my opinion.

 

Noscript will stop just about any exploit but curiosity to know what is at the blocked site might kill the cat.

Sandboxie used as required will keep the cat safe.

The malware exe has morphed since yesterday.

avupdate.exe - Result: 7/42 (16.67%)

 

That's very true, Franklin, though I'm the only one here that would wonder what was blocked. The rest of them come running to me the moment they see an error message or any warning. It's annoying, yet a blessing that I don't have any "clickers" in the household. I admit to having downloaded, *ahem* less legit software in the past. But, I've come to find that there is PLENTY of free software out there that does what I need, and admirably. I download movies and music still from time to time, but I do so much updating, bookmarking, and so on with my browser that, frankly, Sandboxie often becomes more of a burden than a help.

I truly believe that disabling javascript and whitelisting websites, along with running a browser that isolates plugins, like FF or Chrome, keeps you pretty safe. I also don't let PDF files run in my browser nor allow scripting in the reader, so that's another gateway shut. All in all, I think sandboxie is perfect for testing games, software, and media files before letting them on the real disk, and I intend to keep it for that. But for browsing, I really don't know anymore.

 

You can easily allow direct access to your browser settings (even profile). That means only the browser will have the access rights, not every process within your sandbox.

 

I have it set to allow access to bookmarks in FF, though it also means history stays as well. I'm not real sure about letting my profile be accessed, but if I could just save updates and, especially, NoScript settings, I'd be happy as can be.

 

Why not? It's better than no Sandboxie right?

 

From what I understand, having access to the profile is opening too big of a hole in Sandboxie. The way I figure, if I have to open up areas of Sandboxie to get what I want done, then why bother with it to begin with?. I love Sandboxie, it's easy on resources and it works as advertised, but something always ends up annoying me. My surfing habits just aren't all that compatible with these virtual apps. I just tire of them rapidly.