Runsafe By GetaData ???

Does Runsafe do the same as Sandboxie ?

Is Runsafe classed as a Virtual Sandbox app ?

Many thanks

 

RunSafe is more like DropMyRights, reducing any app's privileges to user when you're logged as admin.

It does offer few more features than DMR, too : you're prompted when the "runsafed" app is launching another one (with a "remember" mode), which you can refuse, etc. And you can send a program to the runsafe mode with just an icon drag-and-drop from desktop .

Hopefully someone else will tell more about it's features, I don't remember everything.

Cheers,
nicM

 

This is already being discussed in this topic:

https://www.wilderssecurity.com/showthread.php?t=123614

 

Ah, I didn't notice that thread


Thanks

 

I suppose what the question should of been.

Is there any point in running my Firefox within Sandboxie which itself would load within Runsafe. I've tried it and as Sandboxie is configured to boot Firefox when i click my Sandboxie Desktop Icon, its just a case of placing my sandboxie Icon in Runsurf as if I was just to place my Firefox Desktop icon it in. I've not noticed any performance hit when trying this, and everything seems to go ok. But underneath it all it might actually be doing more harm than good in terms of providing me extra security. Just like when you run two software firewalls, they may look like they get along together but underneath it all, it could be offering less protection.

I'd like to hear your thoughts on the matter guys, if you wound'nt mind that is ?

 

I don´t see any problems with it but it´s not really necessary. Running in non-admin mode will strip apps from certain rights and running apps in a sandbox will deny malware the chance to see the real registry and file system so sandboxing is always safer.

 

Thnaks for that mate

 

RunSafe adds some additional process control, like prompting you to allow or deny spawning other processes and downloads from your browser. I don't know what all else, but I'm sure it's not limited to that. It also works a little differently than DropMyRights, making it a little more reliable in some ways. So as to whether it's worth getting over DropMyRights, it definitely does more and adds some additional convenience. Chances are that it would also work just fine with another kind of sandboxing app if you really wanted to, but this is a sandbox itself.

Plus, if you're only going to use it for a couple apps, it will work with up to three for free. You only have to pay if you want to protect more than that.

 

From the info on the page I get the impression that it´s doing the exact same thing as DropMyRights, namely running apps in non-admin mode so I wouldn´t call it a sandbox. Also, if it can restrict process spawning it´s a nice extra but the child processes from apps running in non-admin mode will normally also run with limited rights AFAIK.

 

Erm, except that it.. does more.. than DropMyRights...

 

Yes if it can control process spawing it certainly does more, however like I said before, from all the info on their site I don´t get the impression that it´s a highly advanced sandbox, but perhaps you know more?

 

many thanks for all your replies

 

What is your definition of "a highly advanced sandbox" ?

 

^^^^

With that I mean apps like BufferZone, Sandboxie and Defensewall for example.

 

I think the difference you're thinking of is virtualization, which is a separate thing. A sandbox runs processes in a protected space, not allowing it to make changes to the system that may be damaging. Virtualization creates a whole virtual environment within the sandbox, that is separate from the host system.

 

What do those do, that make them 'advanced sandboxes'?

[Bquote]
I think the difference you're thinking of is virtualization, which is a separate thing. A sandbox runs processes in a protected space, not allowing it to make changes to the system that may be damaging. Virtualization creates a whole virtual environment within the sandbox, that is separate from the host system.
[/bquote]

So virtulization gives more flexibility to do dangerous things?

 

The reason why I wouldn´t call RunSafe a sandbox is because it´s basically DropMyRights + Process Spawning Control (PSC). HIPS like ZA Pro and SSM also have the PSC feature. So without RunSafe I´m currently just as safe.

And like I said before, with tools like BufferZone and Defensewall, you should normally be safer since they restrict apps even more plus running in non-admin mode will probably not always save your ass. But I´m not saying it´s a useless tool, the concept is nice but on my machine it´s not working smootly, plus what´s up with the GUI? It´s very unhandy if I have to keep launching my apps from the RunSafe window.

 

Hmm You earlier said you wouldn't call Runsafe an *advanced* sandbox, which implies it is a sandbox, just not an advanced one. Now you are saying it's not even a sandbox?

Because you don't need those features, you wouldn't call Runsafe a sandbox?

I guess the question is what restrictions does defensewall do that non admin mode + process spawning doesn't? Any answers are appreciated by those in the know.

Thanks.

 

What I´m trying to say is that personally I don´t see RunSafe as a sandbox, because a true sandbox will restrict apps from seeing the real registry and file system. I don´t see how I can explain it any better.

 

That's virtualization, though. All virtual machines are sandboxes, but not the other way around.

 

Yup, Notok is right. There are sandbox HIPS with virtualization and without it. Virtualization MAY give you an additional protection layer, but is is not for the regular users- there are a lot of the problems with virtualized file system for them (espesially when they uninstall/disable defense). As about RunSafe- the thing is that "restricted user account" is not very good idea to rely on it only- there are some ways to bypass it. Also, if this tool restrict process spawning, it is not good idea too. If you see e-mail link within web page and click it- you will be very dissapointed when your e-mail client won't start!

 

Of course Notok is right.

 

Ok I guess it´s a matter of definations then. But at the moment I´m running about 25 apps in non-admin mode (Software Restriction Policy) plus ZA Pro is taking care of Process Spawning. Then how would you call this? Is the SRP feature in XP also a sandbox?