AppGuard and Sandboxie

I so want to get AppGuard to work with Sandboxie. Especially since Sandboxie 3.55 beta x64 will provide the same protection to 99% as the 32-bit version!

 

Hi delah,

Have you tried temporarily setting the AppGuard protection level to Off to see if you still get the problem?

This would help to pin down whether it is AppGuard that is causing the issue or whether there might be some incompatibility between IE9 and Sandboxie on your system. I can't try it myself because I'm still on Windows XP so I can't run IE9.

Regards

 

Hi Shadek,

You don't say whether this is happening with all sandboxed applications or just with one specific application. You've got both Chrome and Internet Explorer in the guarded applications list, so I'm not sure which one it is you're having trouble with. You've also set MemRead to Yes on Internet Explorer, which is a change from the default.

Here are a couple of suggestions of things to try.

1. Set MemRead back to the default of No and see if that makes any difference to Internet Explorer. If that solves the problem, I wouldn't worry because I don't think it's necessary to deny memory read access for applications that you are going to run sandboxed.

2. If using the High protection level, try changing it to Medium. If that solves the problem, again I wouldn't worry because the slight drop in AppGuard protection is more than compensated for by the protection that Sandboxie provides.

Regards

 

Internet Explorer works fine with AppGuard at 'high'-settings. Chrome does not. Chrome gives me this error message when having AppGuard at 'high';



When I disable AppGuard's protection, it works fine though. I've added all the .exe files to exception list of Memory Guard. I've changed Chrome so MemRead is off in AppGuard. I've added so that Guarded apps can write to the sandbox.

I really don't know what's wrong.

 

I don't use Chrome but I'll download it and install it to see if I get the same result on my Windows XP system.

 

There was another fellow describing the same problem at Sandboxies official forum.

Also, I've found a workaround. I right click sandboxie in systray, and run Chrome from there instead of double clicking the icon on my desktop. Then it works just fine.


EDIT: Definitely found a workaround! I created a shortcut for Chrome on desktop which starts sandboxed via the start.exe. Then everything works fine!

 

I've tried Chrome now and I can't reproduce the problem on my Windows XP system, so I guess it must be problematic on some system configurations and not others. I can launch Chrome into Sandboxie via any of the various methods that sandboxed applications can be started with AppGuard protection set to High.

I'm glad you found a workaround.

 

I think a problem I'm having is that I have Chrome installed in Program Files (as Blue Ridge Network recommended me to do) and not in User Space which is default. That's where AppGuard is interfering and preventing it to work properly with Sandboxie, I believe.

 

Hi pegr, thanks for reply.
Tried everything above then saw shadek's post and that solved the IE9 problem - creating a shortcut for IE9 to start with SBIE rather than creating a new sandbox for IE9.

 

Yeah, this seems like the best solution. You don't even have to add Sandboxies components (start.exe etc) to the memory exception guard!

 

You may be right about that. When I tried Chrome, I didn't change the default install location to see what would happen; I just let Chrome do a standard install into user space, and everything worked okay.

 

I'm glad shadek's workaround solved the problem for you too.

 

C:\sandbox added to Exception Folders and the above added to Memory Guard exception list SBoxie loaded up Firefox okay. Looking forward to seeing how these two work together.

 

In my opinion, you don't need to add Sandboxies .exes to Memory Guard exception list. There is an excellent workaround which also mean AppGuard is protecting Sandboxies components.

 

You tease!!

Please, elaborate...

 

Sandboxie's executables do attempt to write to the memory space of guarded applications. Whether this is strictly necessary or not, only the Sandboxie developer would know for sure.

If Sandboxie is prevented from injecting its own code into the memory space of other processes, there has to be a possiblity that Sandboxie's ability to fully control processes running inside the sandbox may be weakened.

Given that Sandboxie is a trusted application, it does no harm to allow it write access to the memory space of guarded applications, e.g. browsers, just in case.

 

Please see post #31 for an elaboration.

You are right about that. However, when I did my workaround, AppGuard didn't report blocking Sandboxies components at all in the log. I reckon that if AppGuard did limit Sandboxies functions when not excluding Sandboxies components, AppGuard would show that in the log.

 

I agree that it is unnecessary to make MemoryGuard exceptions for Sandboxie if the AppGuard Events panel does not indicate that it is blocking any Sandboxie executables.

Maybe the way MemoryGuard works partly depends on the system configuration. On my Windows XP system, it definitely blocked the four Sandboxie executables that I mentioned, which is why I added them to the MemoryGuard exception list, just to be on the safe side.

 

I'm on a x64 system. I assume you're on a 32-bit system? Maybe that's what differs?

 

Yes, could be.