Sandboxie-Plus v1.3.1, v1.3.2

- Yes, the name of the Windows user profile is "User" in my test VM.
- The permissions of the folders involved are correct.
- I have tried several older versions and found out in the meantime that the message is only triggered from version 1.1.0 and newer. Version 1.0.22 and older, on the other hand, do not show the issue.

I have now opened an issue report on GitHub. Let's see if the bug can be found.

 

If this is not really a sandbox then what's the difference between running the program without a sandbox at all?

 

I don't use Firefox. It happens to me with any program some programs such as Chrome, Telegram (portable). Same here, process load in the sandbox but no GUI on screen.

 

Well it can be very usefull for non security applciations,
in this state you have opened the filesytem with OpenFilePath=*
now the NormalFilePath directives overrule open directives hence while for the most part the file system is open you can sandbox selected paths.
Or you can still use desktop isolation.
An example use case would be to coerce an application that wants to run only a single instance to open multiple instances which are oblivious to one another.

 

To save power while listening to music I bought a used laptop with Windows 10, but now find that the Streamripper plugin for Winamp with Sandboxie no longer works. I have now tried everything possible for days:
Native installation of Sandboxie with default values, as well as placeholders (asterisks) in "direct file access", "registry access", IPC, "window access" and "COM access". Nothing helps!

Now I have tried quite a few versions of Sandboxie and the result is this:
The last Sandboxie release with which Streamripper still works on Windows 10 is 5.55.15. With 5.55.18–5.58.2 Streamripper no longer works on Windows 10.
With Windows 7 there is no problem even with the current 5.58.2!

Is there anything else to try directly in the configuration INI?

Yes, Winamp is very old, but I can not find an alternative that can record and also supports the current plugin "Stereo Tool" from Thimeo Audio, which automatically regulates the volume without noticing limiting effects.

 

Have you tried 1.0.16 and 5.55.17 ?
I think its 1.0.16 which broke this

Code:

### Added
- FIXED SECURITY ISSUE: memory of unsandboxed processes can no longer be read, exceptions are possible
-- you can use ReadIpcPath=$:program.exe to allow read access to unsandboxed processes or processes in other boxes
- added "Monitor Mode" to the resource access trace, similar to the old monitor view of SbieCtrl.exe

### Changed
- EnableObjectFiltering is now set enabled by default, and replaces Sbie's old process/thread handle filter
- the $: syntax now accepts a wildcard $:* no more specialized wildcards though

### Fixed
- fixed NtGetNextProcess being fully disabled instead of properly filtered
- fixed reworked image name resolution when creating new processes in a sandbox
- fixed regression with HideOtherBoxes=y

try enabling this option:

 

i dont have that issue but after revieving the code around i think i know that may have caused this issue it shoudl be fixed in 1.3.3

 

Many thanks for trying to help, David!

I just tried the 5.55.16 and you are right. Exactly from this pre-release version Streamripper no longer works on Windows 10.
Then I tried the 1.32 with the option you suggested, but it doesn't change anything. I also tried other options that reduce security without success.

I guess I'll have to stay on 5.55.15 with Windows 10. It is strange that Windows 7 does not have this problem.

 

mmh... but if we know what caused it it should be solvable, can you tell me where to get this particular winamp plugin and how to test it, a step by step instruction would be great

you could also try setting EnableObjectFiltering=n perhaps thats the breaking change

 

Great! Thank you very much. I hope this fixes the issue. I will give you feedback after the installtion of the next version.

@busy, @soccerfan, @stapp : Thank you again for your replies.

 

I have now bought a support certificate and activated the security-hardened sandbox.
SB+ v1.3.2, Firefox Portable and Thunderbird Portable are in the "User" folder and are started in a defaultbox.
I have had no problems or messages at all with the security-hardened sandbox.
Does enabling the security-hardened sandbox now automatically increase security,
or do I have to set more in SB+?
Many thanks, Sabine

 

I too am looking forward to v1.3.3 even though I did not
encounter this problem (in portable mode on Win7).
Your sandboxie problem reports have always showed
meticulous attention to detail. Much appreciated

 

Thank you very much, David!

Unfortunately, your suggestion above does not solve the problem either. The question is, what obvious elementary difference is there to Windows 7 in this case?

Here are the official pages with download links:

• Winamp 5.666 b3516 (links at the beginning of the thread; do not take the lite version)
• Streamripper 1.64.6

It is easy to reproduce:

• Install Winamp and then quit it.
• Install Streamripper.
• Start Winamp (Streamripper starts automatically with it).
• Right click on Winamp -> "Play" -> "Address".
• Paste an mp3 stream as http not https (e.g. http://148.251.43.231:8554/stream).
• The address of the stream running in Winamp should appear almost immediately in Streamripper and can also be recorded via "START". The settings of Streamripper (OPTS) don't matter for testing.

 

@DavidXanatos
Re ReHIPS + Sbie issue while messing around with the ini file, I found that putting NoSecurityIsolation=y, Chrome opens again (but no sync).

I need to run ReHIPS alongside Sandboxie to sandbox programs that are irremediably incompatible with Sandboxie. Take a look on this David please. Some other users around will appreciate it too.

Code:

https://rehips.com/ReHIPSSetup2.6.0.zip

~Keys removed~

 

Those keys are publicly available to anyone willing to try the product (ReHIPS) before purchasing. They are not illegal by any means.
They were released on 2017 at the product forums
https://forum.rehips.com/index.php?msg=16219
@DavidXanatos you can find therre free LEGAL LEGAL keys to trial the product please.

So kindly reply to know whether I'm allowed to post those keys or not.

Besides that, I already know it's not allowed to post illegal keys here, i've never done that before, of course. I'm not that dumb

 

Not secure browsers say cause the page's certificate expired yesterday but the website is secure, no problem.

I know, many know, everyone knows what pride means. Good night.

 

Yes just enable it and you are secure, no additional tweaks needed.

 

This post is from 2017 i'm not sure if the keys wil work with a new VMWare but i can try.

 

Thank you David. Follow up here https://www.wilderssecurity.com/thr...ffecting-google-chrome-and-other-apps.447282/

 

many thanks, David, I still have one problem :
I have problems starting vlc.exe in the security-hardened sandbox.
In the standard-isolation box I could start VLC with the following box setting:

ProcessGroup=<StartRunAccess>,vlc.exe
ProcessGroup=<InternetAccess>,vlc.exe

But VLC does not start in the security-hardened sandbox.

Even if the paths to the data are opened:
OpenFilePath=C:\Program Files (x86)\VideoLAN\VLC\*
OpenFilePath=C:\Users\xxxxx\AppData\Roaming\vlc\*

I get the following error message: VLC player just crashed



Does anyone know, what else I have to set in the security-hardened sandbox so that VLC.exe starts in the sandbox?
Many thanks Sabine

 

A general note on the security hardened boxes, file and registry accesses are in those threaded the same way as in normal boxes so opening file paths to actual files does not change anything.
What changes things is opening file paths to device endpoints and alike
as well as allowing more sys calls to be run with the original token.

I'll take a look on vlc soon and try it out lets see whats the issue there...

 

I've encountered this issue in some of my cases as well. Based on what you said, is possible for regular users like me to fix program crashes by myself or we need to bring it to you to solve it?

 

Try this: https://www.wilderssecurity.com/goto/post?id=3101866#post-3101866

 

hmm... strange for me VLC works just fine