Sandboxie Configuration Recommendations

I have found out how to avoid the browser lock-up with firefox,when trying to open certain Java-rich sites in a sandbox configured allow only Firefox.exe to run/access the internet.

Disabling the "Java(TM)Platform SE 6 u19 6.0.190.6"
plug in in Firefox stops the problem.
(this on XP ProSp3)

Really of course, you are disabling that function for all instances
of Firefox,not just sandboxed,so its really not a elegant workaround.

But it does work.
For me,it is acceptable, because most of my browsing is in just such a
restricted sand box,and a few clicks re-enables the plug in if needed.

rat

 

Correct.

 

Yes of course, that's correct. And that is exactly what I meant. Perhaps in order to avoid this misunderstanding I should have written also the part I add now with red letters:

I thought that this would be obvious. And Windows - as possibly other programms too (e.g. antivirus) - are "virtually" (as copy) inside the sandbox. I think it makes sense to protect them (= their "copies") from being modified. To my mind that's the reason for the restriction "Read-only access" to the folders "Windows" and "Programs".

 

Indeed. It works! The problem has gone by deactivating this plugin!!

Thank you very much, ratwing, for finding this solution and posting it here. It's a great help for me.

 

No problem!! Glad it helped!!

rat

 

Hello,

I want to allow direct access to:

1) autopager

2) cookie monster


Can you please advise?

 

Hi mike21:

Please open Sandboxie Control,right click your
default box,scroll to and click "sandbox settings", from the left panel click "resource access",then "file access",and "full access".

Then hit add,and browse to find the exes for your programs.(autopager and
cookie monster)

repeat this for each sandbox you want so configured.

You may have to play around adding things other than just their exes,from their respective folders to get it to work.

hope it works,
rat

 

thank you for your reply. Unfortunately I forgot to mention that both are firefox extensions. So I have to allow full access to:

Code:

C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\xfcjry7n.default\autopager\autopagerTee.json

C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\xfcjry7n.default\autopager\autopager-patterns.json

and

Code:

C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\xfcjry7n.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}\chrome\cookiemonster.jar

correct?

 

Mike, that sounds about right.

I thank some, (a lot) of these permission things amount to trail and error,if someone has not configured the same settings before, successfully,and pitched in with the exact directions.
.

rat

 

Just bought sandboxie and am running Firefox sandboxed, but don't want to loose the Adblock Plus-updates everytime I close FF, so I put patterns.ini in the full access-list. It works, but is it ok to do ( I'm pretty sure it is.. just checking). Great software btw.

 

Your right!!

respect,
rat

 

thx.

 

Hi guys,

I'm a little confuse about the Drop_Rights function and how to use it. If I set the Drop-Rgihts ON, in my default box or any other box, my browser won't start in each of those boxes. If I set it on OFF, the the browser starts. What is the purpose of this function? Thanks

 

I have Sandboxie Paid.

What is the best/recommended way to configure a Microsoft Outlook 2003 Sandbox?

I have already setup an Outlook 2003 Sandbox with the following changes from default:

1. Program Start>Forced Programs>outlook.exe
2. Restrictions>Drop Rights>drop rights enabled
3. Applications>Email Reader>Office Outlook enabled (allow access to mail files outside of sandbox)

Thanks in Advance.

 

Paid subscription is 47 bucks now. 0_o I should of gotten it when it was 30 bucks.

 

I thought it was 37?

Edit: It's 39 U.S dollars, I just checked. No way was I going to go along with that big of a price hike, lol.

 

What Sandboxie configuration(s) would typical Businesses use?

I have never used the Password options. How many things beside configuration changes get "locked down" by Password protection? Is there a way to not allow file recovery from the Sandbox?

Thanks in Advance.

 

I have set configs so that all browsers are forced into a sandbox which restricts to only those programs allowed plus some extras like adobe etc.

I did the same thing with email clients.

Each browser is told to not ask when dowloading and save all to 'downloads' directory. The downloads directory is forced into a sandbox without net access, but all is allowed to run.

In this manner, the users can browser "as normal". The bookmarks are saved to the real location. The downloads cannot run in the browser sandbox. If the user executes a download it runs but is within a sandbox. They must move downloads to different directory to run for real.

The few businesses that I configured this for are typical Small Business so it doesn't seem to interfere with what they do. No one is spending time surfing the web when they shouldn't be, only working.

HTH.

Sul.

 

Sandboxie have now the option to choose a download folder where is possible to directly download to the "real" location without asking?

Is already possible to save the History of IE?

Thanks!

 

Yes and no. No, there is not, AFAIK, an "option" for a download directory (I am using v442 still), but you can, through the options, do so.

It is called Direct Access. In each browser sandbox, in ResourceAccess>FileAccess>DirectAccess I put the downloads directory into. This then tell the sandbox to be able to "directly" access that downloads directory. If you save something then, it is not put to the c:\sandbox directory which would need to be recovered, but "directly" to the real downloads folder.

If you look at (for your IE sandbox) the Applications>WebBrowser>InternetExplorer area, you will see all the different "rules" that are included with SBIE for IE. Such things as whether history and bookmarks are kept in the real location are listed there. The little [+] indicates that rule is in effect.

Sul.

 

Sully, how do you configure the browser to do this? I'm running IE8 on Win7 Ultimate 32bit. Thanks.

 

I don't know in IE, I never use it. In Firefox, Opera, Kmeleon and Chrome/Chromium, there are options in the properties to do so. Some of them allow you to configure it to by default save to "downloads" but also offer the "save to" option so you can re-direct downloads on the fly to somewhere else.

I generally set it so that if I click to download, it doesn't ask and puts it in my downloads directory.

Sul.

 

Thanks!

Can someone please confirm if is possible to keep History in IE?
Last time i used Sandboxie that option didn´t exist to IE (only to the other browsers).

 

Are there any issues running this configuration? Creating a TrueCrypt container, mounting it, and running Portable Firefox within it and using Sandboxie with Sandboxie's Container Folder set within that Truecrypt container. Will this configuration keep everything contained within the truecrypt container? Any issues?

 

What a bizarre thing to do. What problem are you trying to solve with this approach?