Firefox profile & Shadow Defender

Discussion in 'sandboxing & virtualization' started by mike21, Jun 30, 2009.

Thread Status:
Not open for further replies.
  1. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Hello,

    For more than a couple of months I am out naked with security setup as per my signature. Now I am testing Shadow Defender and I am thinking to drop sandboxie in favor of Shadow Defender, but since I am depending on firefox and its recent history, I am asking if I can exclude entire firefox profile from shadow mode, or is this involves some risk?

    Thanks
     
  2. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Well nevermind I think I will keep only bookmarks and browsing history, in order to be on the safe side.
     
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,045
    Hi Mike

    I use both of them. Use SBIE all the time and SD when the occasion fits.

    Pete
     
  4. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Hi Pete, is it safe to add entire firefox profile to exclusion lists?

    About SBIE, I noticed a small delay in launching firefox and incompatibility with some programs like snagit, babylon. Also I have the impression that certain web pages load slower but I am not sure.
     
  5. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hi Mike,

    I run SD on two computers all the time. Why would you want to exclude FF?

    Take Care
    Rico
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,045
    Yes with SBIE, there will be a slight delay, as you are loading into the sandbox. I am running Firefox right now as I type, within SBIE, and I had not problem capturing an image with Snagit. You aren't trying run Snagit sandboxed are you.

    Pete
     
  7. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    I wouldn't exclude the entire firefox profile from shadow mode. way way to Risky it is one of the places where Malware can be.
     
  8. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Arran, thanks for reply.

    Rico I want to exclude entire firefox profile in order to have same cookies, history addons etc. but I understand that it is kind of risky, so I settle with history and bookmarks under "places.sqlite"

    Pete, the only way for me to use snagit on sandboxed firefox is to run it sandboxed as well, so I will have 2 snagit applications runnig, each one with different snapshots, until I delete sandbox and lose everything from the sandboxed snagit.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,045
    That's strange indeed. Snagit is just capturing the screen so it shouldn't matter whether Firefox is sandboxed or not.
     
  10. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Well you are right, I was talking about the text capture feature.
     
  11. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    Hi Mike,

    Currently I have 9 FF add-ons + many bookmarks. And still have not excluded FF in SD. Add-ons + bookmarks were obtained, while not in shadow mode. They will survive, if obtained that way. I'm also very careful to obtain the bookmark or add-on then get offline & promptly enter SM. I also have excluded my "Desktop," I can download a program in SM test it, reboot the programs gone, but the download survives.

    Rico
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,045
    Ah, never tried that.
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I wonder about this in my testing with SD, why should you not exclude a browsers preferences/history/cookies/.dat stuff from SD? The thoughts that it is too risky apply to what? To the fact that you are creating or modifying files in those excluded dirs?

    My tests right now, if as admin, show I can exclude certain browser directories/files, but since I still use SRP to demote the browser to user anyway, it cannot modify/create anything a User cannot, so it seems a mute point. Running as a LUA, it is the same case. I can allow profile type things, bookmarks, history etc, but because of LUA/User status, manipulation of .exe or other such would be forbidden. That seems to me the best part of it all so far, is that I can use SD to exclude areas like MyDocs, and true a virii might get written there, but because I am shadowed all the time, only those excluded areas can get the files, but the system not the virii.

    Indeed, running combination (from admin) as LUA and using Sandboxie to force folders, it seems a very ideal way to nearly mitigate every threat while still opening holes for exclusions to setting per program.

    Interested to hear opinions why exclusions would be dangerous or risky, as I am only dabbling in the shadow type programs.

    Sul.
     
  14. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Would it be better to run say Firefox portable from say www.portableapps.com and then commit the relevant data folder before reboot? You could even clear all history etc first, run CCleaner to remove all temporary windows files, then just commit the whole Firefox portable folder.

    Surely a portable version with less ties to other system directories would be easier to manage. Or is there still some risk?
     
Loading...
Thread Status:
Not open for further replies.