Found Security Compromise in Sandboxie

Well, I just tested.

I cleared my Recent folder, moved a file from D:\ to C:\....\Desktop and no .lnk file appears in Recent.

Then I opened the document on the Desktop, immediately a .lnk file appeared in the Recent folder.

 

What do you mean?

 

Ok thank you.

 

You're welcome

 

Hi Tony,,

I don't use Sandboxie but am interested in it, so I've been following this.

I'm curious at what point the .lnk file was created in Recent. Did you open the file from the desktop after you saved it there?


I would also like to see the Target of the link file:

1) r-click on the .lnk file you refer to, and click on Properties

2) you will see a Target box with a path. See my post #76 above.

Can you post a screen shot or copy the path?

thanks,

rich

 

Hi rich, sorry I can't remember. But it's easy to test for yourself. First run CCleaner, then Load SandboxIE and download an mpeg file... then ask Sandboxie to save it to your Desktop. Then run Ccleaner and see if theres a .lnk in Reference folder. If not, run the mpeg, and then run Ccleaner again to see if it was created.

maybe that has nothing to do with Sandboxie, maybe it was only written to Recent after I played the mpeg in windows.

I am not sure anymore... I am confused

 

Hi Tony,

It can be confusing and frustrating when you've noticed something that doesn't appear to be right, and numerous actions have already taken place so that it's hard to pinpoint the cause. I've had this happen.

Especially when it happens while using an application you like and trust.

If you opened the file from within Windows, that would explain the shortcut (.lnk) file in the Recent folder.

But until you test for yourself, you will not be satisfied by what anyone else says!

1) first clear your Recent folder,

2) download a file to the Sandbox,

3) open it,

4) Check the Recent folder

5) Close the file, Save the file to the Desktop

6) Check the Recent folder. If nothing there,

7) Open the file on the Desktop

8 ) Check the Recent folder.


----
rich

 

Thanks rich for your empathy

 

The "recovery" terminology used by Sandboxie is probably not the best use of language. It's not obvious to a native English speaker, and it's probably far from obvious if English is a second language.

The descriptive information provided in the settings dialog window is much better, but a casual user won't necessarily see that. Perhaps "Move/Copy Outside of Sandbox" is more appropriate than "Recovery".

Blue

 

Thanks Blue

 

As long as he now knows what happened and why, it really doesn't matter. But yes, this is a fine example of what has been discussed over in the "Fanboy" thread in the malware section. It's imperative that FAQs, forum posts, and how-to's are read and understood.

 

I agree with that completely. And it seems like every time I think something doesn't really matter, it turns out that it does, or at least could. So if it is possible for me to protect my privacy without putting out too much effort....no matter how minor it seems, I am going to go for it.

But how about XB Machine in Sandboxie, over top of Returnil, connected to a public wireless network with a stolen laptop, wearing a disguise?.....LOL!

 

The disguise did it, you are now 100%, ain't no way on Gods' green earth, fuhgetaboutit, safe from everything the most highly advanced world powers have at their disposal to get you. *loud applause and bowing of the people at your feet*

 

Agreed, the documentation is quite explicit on what is done.

However, from the two screenshots below, the first one real, the second doctored in a small way, which would provide the clearer message to the eye of the casual user (and avoids threads like this one occurring)....




A simple and trivial change of wording and the result is transparent to anyone, even the novice user. From a useability perspective, that type of tweak can be useful.

Blue

 

I agree with you, BlueZannetti. That tweak would be most helpful to those who don't read the documentation.

 

Well That's certainly a relief. Whew! You know I thought about putting all of that on a sesame seed bun but decided that was probably overkill.

 

That's laptop1.
What about laptop2 in another public wireless network, where you, with a wireless keyboard and mouse, sitting on a Kawasaki Ninja (or something like that), vpn to laptop1?

You can keep the disguise, as long as you keep the engine running

 

LOL!

 

I agree with Blue, making a small wording change will assist users who don't grasp the 'recover' feature.

But we should all learn to post threads with more balance, such as 'is this a security breach?', rather than statements 'aha I found a breach!' that haven't been proven.

Let's focus more on facts. Don't want to scare users away from such a valuable program.

 

After reading the sandboxie thread, best to keep 'recover' as is. 99.9 per cent of people understand this word.

 

Indeed, recover seems to imply something was lost.

 

Well i for one don't see it this way ,with my english."Recover from sandbox"maybe.Not that it would not be obious ,but just in case
This was just another case of Online Paranoia.

 

I agree, but BlueZannetti's point goes beyond this specific case i think.
If it can be made better..
It's not like when you're on the command line, and prefer short commands. It's a button