open files in site-specific sandbox (sandboxie?)

Discussion in 'other anti-malware software' started by dabruro, Jan 5, 2009.

Thread Status:
Not open for further replies.
  1. dabruro

    dabruro Registered Member

    Joined:
    Aug 23, 2006
    Posts:
    15
    Location:
    New York, US
    In sandboxie (or similar) I would like to isolate downloaded files from one another according to the domain that I downloaded them from.

    For example, is there a way to configure Firefox (or other browser) to substitute the domain or URL into the command it associates with the downloaded file type? This way I could explicitly specify the sandbox name in a sandboxie command line using the domain name.

    I feel that this would be a very powerful way to prevent one site from giving me malware that affects my interaction with another site -- similar to the domain-of-origin policy of javascript or java applets. Using a shared sandbox does not provide such protection -- any site whose downloads I opened in the sandbox (since the last time I cleared the sandbox) could possibly compromise my use of another site (e.g. steal password).

    Even if I *never* cleared the sandboxes, so long as I don't open the files outside their respective sandboxes, the most that could happen is that the files from the same site could infect and compromise one another.

    Of course ideally I would like to also execute the browser and plugins themselves within such a domain-specific sandbox, but I can't think of a way to do this (without major mods to browser) -- I don't believe even Google Chrome provides its sandboxes in a way that would securely isolate domains from one another (I once asked this on their forums).

    David R (Dabruro)
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.