Question About Sandboxie and Windows Updates

I usually get windows updates on Tuesdays and I got windows update yellow shield appear on the tray but on my other computer that has Sandboxie, the yellow shield is not appearing. I'm afraid if this is happening since I have the settings set as to delete all contents when exiting out of Firefox sandboxed browser. I have an Adobe flash plug in and firefox in the safe list thing in sandbox. Do you think the yellow shield isn't appearing because maybe the updates got deleted automatically in the sandbox thing? I'm worried because when there was an update for Firefox few days ago, it deleted the FF update in sandbox since they're set as to delete automatically. Does anyone know if windows updates get deleted automatically as well??

 

Sandboxie settings don't affect automatic Windows updates. Windows
updates don't get deleted by Sandboxie unless you visited WU site on
a sandboxed IE.

Bo

 

Sandboixe does not isolate the operating system.My suggestion is to check the update settings and are set to auto update or notify when updates are available for downloads. Perhaps it updated already and you did not notice it.

 

She has it set to auto delete on exiting of sandboxes. Shes still worried if it might affect it.

 

Again sandboxie has nothing to do with windows updates.Auto deletion is of browser contents that are in the sandbox that get deleted when you close the browser,if invocation auto delete is selected.

 

This might be too technical for you, but I will throw it out there just in case. I am only theorizing though based on what I think I know.

Sandboxie employs a driver. The driver sits and waits until you call upon it.

If you start a program such as Firefox in the sandbox, the driver goes into action. It starts firefox.exe, and things appear normal. However, the driver has a special job, and that is to make sure that whatever firefox.exe does, it NEVER modifies anything on the real system. Instead, it redirects anything that WOULD have happened on the real system to a special location - which happens to the be c:\sandbox folder.

If the firefox program changed something, it only happens to the "fake" files in the sandbox, not the real files. When you delete the sandbox contents, you are deleting the "fake" files, not the real files.

It is possible to allow programs such as firefox to have access to real files. The most common example of this is that you allow firefox to change the REAL bookmarks file. But unless you make an exception, it will not change the real files, but rather create a "fake" copy and use that until you delete the contents of the sandbox.

You can see this is why if you update firefox within the sandbox, it does not "stick". Firefox does update, but it only updates or creates the "fake" files it needs, and they are in the c:\sandbox folder. If you don't delete the contents of the sandbox, then the next time you start it, it uses what is "fake" first, before the "real" files. Thus, it would stay updated.

If you were to delete the contents of the sandbox, then all of the "fake" update files for firefox would be gone, and the next time you started it, it would be exactly the same as the "real" firefox files, which have not been updated yet. That is why it is recommended to start firefox OUTSIDE of the sandbox to update it, so that the REAL files are updated.

If you were to visit microsoft website, and change a preference on how you get your updates, it would be REAL, because it is the website that changed. Sandboxie has nothing to do with your preferences at a website.

If you do not start the windows update tool in the sandbox, then the sandboxie driver ignores it. It has on job, and it only called upon when you want to start something in a sandbox. You can do ANYTHING on your computer, and unless you state "I want this to start in a sandbox", the sandboxie driver should do NOTHING.

Rest at ease. Unless you are the most unfortunate person who happens to get the first real exploit of Sandboxie, you don't have to worry about anything you don't SPECIFICALLY start in a sandbox.

One word of note though. It is very helpful to understand what people mean when they talk about Parent-Child relations in a computer. A parent is the top level. In your case, when you start Firefox.exe in a sandbox, it is called the Parent Process. If you then click the start button, and start notepad, it is its own Parent Process.

However, if you used the Firefox Parent Process to start notepad, then the notepad process would be a Child of the Parent. So, if you start Firefox in the sandbox (as the Parent), and it in turn somehow starts the Window Update Tool, that tool is now starting as a Child of the Parent. And since Firefox was run in the sandbox (theoretically), the Child of Firefox will also start in the sandbox.

The whole Parent-Child thing is not too hard to understand really, but very useful to know. It helps you to understand that when your sandboxed program starts something, it will also be sandboxed. At times you might start child processes, save something, and then wonder "where did it go". Knowing about Parent-Child relations can help clue you in to the fact that "Oh yeah, I started that from Firefox, which was in a sandbox, so when I started notepad and saved that document, as a Child of Firefox, it must be in the sandbox".

This aspect is, from my experience, the most difficult for newcomers to understand, but also solves the most issues.

HTH>

Sul.