Released Sandboxie Plus (Sbie fork) Versions with Signed Driver

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Dec 7, 2020.

  1. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,155
    Location:
    usa
    I just really hope that David could continue with the Classic version of Sandboxie.
    It's for the MASSES.
    The PLUS version for the CHOSEN ones is ...
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    What I told you is how you fix your issue, which is really not a problem or a bug. In the Sandboxie message you are getting, Sandboxie is telling you that you need to change a setting. Sometimes you can ignore the message, and the file named in the message becomes read only, and SBIE works fine regardless of you doing nothing.

    But in your case, it seems you have to do one of the 2 solutions I posted for you.

    By the way, this SBIE message is not new but normal and dont need complicated workarounds to take care of it. The solutions I posted is what is done to take care of the message. So, look for the file that's mentioned in the SBIE message, and give it direct access or increase the size that's allowed for files that are copied into the sandbox.

    Bo
     
    Last edited: Feb 6, 2021
  3. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Please explain why a bigger file in size doesn't trigger the message and a smaller file in size does.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    You have being using SBIE even longer than I, you ought to know how to read the SBIE message that Freki is getting.

    FWIW, I installed yesterday VLC in a sandbox. My installation did not have a 1mp4 file like according to Sandboxie Freki has. And I was able to run mp4 videos large and small without SBIE issuing a message. He is getting the message with all kind of mp4 files not only small ones (read what he said again).

    And Buster, I am trying to help the guy. Dont bust my chops.

    Bo
     
    Last edited: Feb 6, 2021
  5. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Maybe I've been using Sandboxie even longer than you but even if that's right I consider the user question is legit and your reply is not helping at all.

    The user wrote:

    "The sandbox gives me errors for every .mp4 file I have no matter the size. While huge .mkv files are opend without any error.

    I can open an 4.500 MB .mkv file in a sandbox with a file mitigration setting of 48MB (with no error or popup), but not a 128MB .mp4 file."

    Does it mean MKV files are not copied into the sandbox and mp4 files do?
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I 'll try again.

    Freki is getting the message with all kind of mp4 files, large and small. The solution I posted for him is how he will fix his non issue if he looks for file 1mp4 file, that is the file that according to SBIE is triggering his issue. (should be located inside the VLC folder in Program files).

    Bo
     
  7. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    What's VLC doing with "1.mp4" file when he reproduces other mp4 file?

    I don't use VLC frequently that's why I don't understand why VLC would want to do something with a file which is not being reproduced.
     
  8. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I have no idea and don't care what that that file does.

    My posts are about the SBIE message and how to solve it. Period.

    Buster, I am out until we hear from Freki. Good bye.

    Bo
     
  9. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    What happens if you move, rename or delete "1.mp4" from the folder? Does the error continue showing when you reproduce mp4 files?
     
  10. Freki123

    Freki123 Registered Member

    Joined:
    Jan 20, 2015
    Posts:
    336
    @bo elam Thanks again for the suggestion with the size increase, for some reason it now worked :D

    The filenames comes from me renaming the file before running it again to take a screenshot for the post. (It could also have been freki123needshelp.mp4)

    The filename or folder was not the problem. For me it was that I ran the sandbox ini setting for years and suddenly I got size problems for certain video extension types (.mp4).

    Just for fun: use a file mitigation of 48MB and you can run a .mkv file of 5.000MB. But when you change the .mkv to .mp4 (via simple right click and renaming it to whatever.mp4) sandboxie will trigger a popup. It's still the same file then [but one extension (.mp4) triggers a message the other not (.mkv)]

    So to quote Buster_BSA: Does it mean MKV files are not copied into the sandbox and mp4 files do?

    Sorry for confusing you all, english is sadly not native for me :D
     
    Last edited: Feb 6, 2021
  11. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Reproducing mp4 files should be a process where VLC only needs to read the files. If file size limit is reached is because a writing operation is involved and that causes Sandboxie to try to copy the file into the sandbox.

    For me the question is: Why VLC is performing a writing operation when in theory only reading opeations are required?
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Freki, Sandboxie only copies files into the sandbox when a sandboxed program wants or needs to modify it. If it had to copy an entire 4GB video into the sandbox before playing it, it would be very inconvenient and take a while. Thats why most files are Read only. The 48mb default size thats allowed to be copied covers most instances when a file needs to be modified.

    In your VLC case, for some reason when playing mp4's, VLC needs to modify file 1mp4. So, you needed to make the size that's allowed to be copied larger than what that specific file size is (or give it Direct access). The numbers at the end of the SBIE message tells you the size. Its in bytes, once you convert that number to mb it becomes 138.13mb. That's why I wrote that number in my first post. If you find or found that file, you ll see that SBIE calculated the correct size.

    I am glad you are OK now.

    Bo
     
    Last edited: Feb 6, 2021
  13. 100

    100 Registered Member

    Joined:
    Nov 21, 2020
    Posts:
    34
    Location:
    -
    Hm, I can open mp4 files with VLC in Sandboxie up to an approximate size of 70 MB without the error messages 2102 + 2223. But above that I also get the messages. My limit setting is the 48 MB (default).
     
  14. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi 100. When you get message 2102, you have 3 potential solutions to solve it.

    1. The first solution is to ignore the messages and hide them or dismiss them . This solution is OK if the sandboxed program works regardless of the message. In your VLC case, and Freki's, this solution doesn't work as you can't watch the videos. This solution works in most cases as the file becomes read only automatically and the sandboxed program works fine. But for some reason, it doesnt work in this VLC case.

    2. Solution 2 is to increase the 48mb default size to something higher.

    Sandboxie gives you clues on what to do regarding the size when you interpret SBIE message 2102. So you get an idea, look at picture below where it says name and size. See what this two details are in your SBIE 2102 message in your computer.

    Sin título.png

    Perhaps in your computer the file's name is also 1mp4 as in Freki's case. But I think he said he changed the name of the file. So, I am not sure.

    So, look for the name of the file and locate it in your computer. It should be inside VLC's folder in Programs files.

    And figure the size in MB. The number written in the Sandboxie message is in bytes. So, you have to divide that number into 1024 twice, to convert it into megabytes.

    After you locate the file in your computer, you ll see that SBIE calculated the size of the file correctly.

    So, if the file is 138.13mb as it was for Freki, try increasing the size allowed from 48mb to 150 or 200.

    3. The third solution is to give vlc.exe Direct file access to the file that's named in the SBIE2102 message. If you do this, the changes VLC wants to do in this file, will not happen in the sandboxed environment and the changes will be allowed out of the sandbox and to take place in the real file, your videos will play and you won't see this message again.

    Bo
     
    Last edited: Feb 6, 2021
  15. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Every mp4 file over 70 MB you reproduce with VLC is copied into the sandbox folder?
     
  16. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Videolan vlc.exe tries to write uneeded copy of "files.mp4" inside the box
    https://github.com/sandboxie-plus/Sandboxie/issues/536
     
  17. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    As I thought this should be reviewed because the behaviour is pretty strange.
     
  18. 100

    100 Registered Member

    Joined:
    Nov 21, 2020
    Posts:
    34
    Location:
    -
    Hi Bo,
    Thank you very much. I just wanted to share that with the approximate limit of 80 MB (not 70 MB, after testing with more mp4 sizes) for me, as it may be of interest how it is for me. The mp4 videos work perfectly fine with VLC (x64) in Sandboxie classic 5.47.1 (x64) on Windows 7 and I just ignore the messages.

    Hi Buster_BSA,
    Yes, the messages appear with all mp4 from about 80 MB (not 70 MB) upwards. Not below that. I still found mp4 with a little below and a little above 80 MB on my computer and tested with them now.
     
    Last edited: Feb 6, 2021
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    That's how message 2102 can be workarout almost 100% of the time. If it gets to annoy you, click the message and click Hide so it wont disturb you.

    Bo
     
  20. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    about the mp4 problem,
    i would recommend to add MP4's to the list of files that are never to be migrated
    see recent changelog:

    - reworked file migration behaviour, removed hardcoded lists in favour of templates
    -- you can now use "CopyAlways=", "DontCopy=" and "CopyEmpty=" that support the same syntax as "OpenFilePath="
    -- "CopyBlockDenyWrite=program.exe,y" makes a write open call to a file that won't be copied fail instead of turning it read-only

    so add
    DontCopy=*.mp4

    to your sandboxie ini

    earlier versions had a hardcoded list including many media files, that imho is problematic as peopel who want to run some media editor sandboxed will run against a invisible wall.
    Hence the list was removed and replaced with a template with less entries using said new options parameters
     
  21. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    thanks I have revieved them, and implemented a few changes for the next build during my tests i found out that
    WINNSI.DLL which is used by winhttp.dll fails to operate when there is a timeout set for the binding
    So the next build will for this particular dll never apply RpcMgmtSetComTimeout disregarding the preset.

    Also I have found out that the reason RpcMgmtSetComTimeout was added by sophos is that without it a call from CreateProcessInternalW to kernel32.dll fails here I have implemented an other hard coded behavior such that for this particular call it wil always set a timeout.

    last but not least the next build will probably have RpcMgmtSetComTimeout=n as default I don't think messing with IPC timeouts when its not required is a good idea, and in case it causes any unforeseen issues users can switch it on with RpcMgmtSetComTimeout=y

    Also the next build will have an improved IPC trace, so I would ask you to record teh same logs again with the new build once its out to confirm that in your case it also was the WINNSI.DLL and not an other one.

    The improved trace function uses the return address to find out which dll issued the call to the hooked function and adds a caller=somedll.dll entry to the tace.
     
  22. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,794
    Location:
    .
    Wow stupendous job! Than you so much. I'm very grateful for what you're doing with this great program. I was never fully content with development under Sophos/Invincea/Curt's watch.

    Now I know you really love Sandboxie...
     
  23. txhawkeye

    txhawkeye Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    27
    @DavidXanatos : You are amazing! I am very impressed with your skills and your dedication to improving Sandboxie. I started using it in 2008 and it has been an essential security tool for me ever since. I wasn't happy with Sophos support, but at least they had the decency to make it open source when they officially stopped supporting it. I cannot thank you enough for the many hours you've spent to make so many improvements!

    I will be happy to create new IPC traces with the next build.
     
  24. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,794
    Location:
    .
    That makes two of us.
     
  25. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    Bit lazy to read and write lately. :rolleyes:
    First of all @DavidXanatos Cyberpunk and I am quite happy with the game, but I am also quite high end, still runs flawless, as the rest on my PC with the latest SB Plus.
    Though still no improvement for the Unity prob. One late new game demo, also unity, but it starts flawless. I wonder if the issue is related to the unity "spyware" errr user experience functions.

    Just another thought about VLC and videos. Think about MKV and MP4 are simply container for codecs, not actual codecs. So comparing MP4 with MKV means nothing, as the codecs in the file could be anything. Also depending on the codecs in the MKV and MP4, VLC and other players might behave different.
    In those containers you can have video codecs like X264, X265, V1, V9, or even older ones. Same for audio, from FLAC, MP3, WAV, ...
    And this will lead a difference with the read ahead in SB space. Recontainer e.g. with mkvtoolnix from mp4 to mkv and see if the same file would still be load, as an example and see if it makes a difference.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.