Sandboxie / 8's IE Tile

Discussion in 'sandboxing & virtualization' started by philby, Nov 28, 2012.

Thread Status:
Not open for further replies.
  1. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hello All

    Am I right in thinking that if a user runs iexplore.exe using the Start Page tile, then these sessions are not sandboxed at all, even if iexplore.exe is 'forced' in SB?

    That's what I'm seeing here on my machine...

    Cheers

    philby
     
  2. chris1341

    chris1341 Guest

    Yes, same here. Only Desktop apps are sandboxed.

    Tzuk has no plans to include 'Metro as was' apps support to SBIE as he feels the App Container is strong enough and SBIE would little to security for the effort involved. At least that was his view last I saw him write about this subject on his own forum.

    Cheers
     
  3. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    ...he feels the App Container is strong enough ...

    Thank you - I didn't even know what this was! Will read about it...

    One more question: I'm used to using IE sandboxed with the box set to delete all content on close - that way I know I have nothing left on the system after any particular session. If IE is run as a 'contained app' via ex-Metro, are all traces of that session gone, or are there files sprayed all round the system when the app is closed?

    Cheers

    philby
     
  4. chris1341

    chris1341 Guest

    Hi Philby,

    The App Container is policy based restriction rather than virtualisation so unless IE10 has some internal way of dropping changes on exit they would remain.

    You can run IE10 as a desktop rather than metro app though where it would continue to be sandboxed.

    Cheers
     
  5. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    You can run IE10 as a desktop rather than metro app though where it would continue to be sandboxed.

    Exactly what I'll do - if tile IE leaves 'detritus', despite offering protection through restriction, I'll stick with sandboxed d/t IE!

    Thanks

    philby
     
Loading...
Thread Status:
Not open for further replies.