Prevx/SOL prevents browser from working under Sandboxie

Discussion in 'Prevx Releases' started by m00nbl00d, Dec 9, 2010.

Thread Status:
Not open for further replies.
  1. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I've come across two different behaviors, which both end up in not being able to to the web browser.

    Web browser: Chromium

    Sandboxie: Latest beta version

    SOL: Maximum settings for both https and http

    Steps (Steps 1 and 2 made separately):

    1. Run a non-sandboxed browser session. Everything works great. Close session.
    2. Run a sandboxed browser session. Everything works great. Close sandbox.
    3. Run a non-sandboxed browser session, then open a sandboxed browser session. Try to navigate to any website. It should not happen anything.

    The mentioned steps were done, via Chromium started as a forced program.

    If I remove Chromium (chrome.exe) as a forced program, and then perform the step 3, Sandboxie won't even be able to execute Chromium.

    Could you see if anything could be done to solve this? I haven't tried to lower SOL settings; but, lowering SOL settings can't be the answer to each and every problem, unless nothing else can truly solve it.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you let me know if the current live Sandboxie version works on your PC and is it just the newest beta? I haven't tested with the beta but the live version seems to work fine here.

    It may be worth seeing a scan log if you could send one to report@prevxresearch.com

    Thanks! :)
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Well, I really am not looking forward to uninstall the version I'm running right now, thought it would be possible to save the configuration file. I just really can't spend the time, even if only a short one to do it, and in case the configuration file doesn't restore everything as it should ... after all, it's a beta version... I would just need to make many sandboxes work fine again.

    Maybe something you guys can test in a virtual environment. I can't do it anytime soon.

    But, I can say that the opposite scenario won't make the sandboxed session stop working. That is, if I first open a sandboxed session, and only then the unsandboxed session, all is OK.

    So, SOL is preventing Sandboxie from properly doing its task, when I first have a protect Chromium session with SOL.
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Well, it seems I was wrong with this statement. Once the sandboxed browser sessions runs, and then browser session protected by SOL starts, it will no longer be possible to execute any chrome.exe child processes in the sandbox.

    It is still happening, and a new Sandboxie beta version came out, so I'm predicting this to be happening when final release comes out.

    -Edit-

    The reason why this happens is due to the fact that SOL prevents Sandboxie from communicating with its service when it tries to execute chrome.exe, somehow.
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We'll be testing this closer and will hopefully have a solution soon :) In the meantime, you may wish to lower the Prevx self protection to Medium and lower browser protection to Medium from Maximum as this seems to correct it from my testing.
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    That would be something. ;)


    This is of no concern to me... But, I'm pretty such people like family members to whom I have installed SOL (which I started using for easier testing of why something doesn't work as it should, as things are pretty much the same between all systems), may actually not like the idea of decreasing the security of an application that, perhaps, they installed or someone installed with home banking protection in mind.

    So, if a peaceful co-existence can/could exist, then it sure would be the best solution. :)
     
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    A new Sandboxie beta version came out, and it all seems to be OK now.
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    -edit-

    It seems I talked too soon. This behavior happened due to what I make mention in this thread: https://www.wilderssecurity.com/showthread.php?t=289813

    The problem still exists.

    Has Prevx come to any findings about this problem? Without having to reduce SOL protection, that is.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    SafeOnline doesn't fully support Chromium so I'd tend to suspect it would have erratic behavior in its ability to identify the current website. Adding SandboxIE into the mix will certainly cause further issues even with the lowered protection. At the moment, we do not have a solution for SandboxIE compatibility as it is conceptually designed to block what Prevx does within the browser.
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    But, that's not the issue I've related. Mine is unrelated to that problem.

    What I have related is that it's impossible to have a sandboxed browser/pdf reder/media player/etc at the same time I have a web browser opened with a website that's under SOL protection. (The latter is not under a sandbox.)

    I'm not trying to open a protected browser by SOL under Sandboxie. This is not what I've been trying to relate.

    Sandboxie fails to communicate with its service, if I have a protected website open.
    I hope I made it more clear this time.
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Sorry about that, I misunderstood the problem previously. I've made a few changes in our database with regard to Sandboxie - could you see if scanning your PC/rebooting corrects the issues now?

    Thanks!
     
  12. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I performed a scan and rebooted, and although things are a bit better (it's possible run a sandboxed media player, etc), it's still impossible to run a sandboxed browser session, if I already have one other session (unsandboxed) opened with a web site under SOL's protection. It's regardless of the web browser. The sames happens with IE8.

    For whatever reason, SOL is preventing Sandboxie service from being able to start the web browser's process under its sandbox.

    -edit-

    Even if I open two different web browsers - IE8 under SOL's protection and Chromium under Sandboxie's protection - the latter one will fail to start, due to the mentioned reason.
     
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Just to let know that Sandboxie's programmer fixed this issue.
     
Thread Status:
Not open for further replies.