Sandboxie Acquired by Invincea

I dont know what to tell you other than try beta 5.17.1. You can run the installer over the top. I saw your post at the Sandboxie forum, you were recommended to try a new sandbox, you can also delete contents of your current sandbox (if it is not set to be done automatically) and test Chrome again. Antivirus? Try disabling it.

Also, when did you start experiencing this issue, was it after upgrading to 5.16? Or after upgrading Chrome? Or perhaps, after upgrading your antivirus or updating AV signatures?

Bo

 

@mood
Okay, then I'm doing something wrong.
1) After VS reset & snapshot, I'll launch setup installer not sandbox'd and get blinking VS.
2) After VS reset & snapshot, I'll launch setup installer sandbox'd (default) and do not get blinking VS.

> setup installer is added to VS Whitelist with 1 & 2 albeit, VS does not blink with 2.
VS Free

 

On my side it is clearly blinking while a file was blocked.
Execution of files outside and inside of the sandbox = Blinking tray-icon

 

Hmm, my VS tray Icon blinks for Whitelisted items.
I thought blinking indicates VS working?
I've only seen (so far) balloon & user prompt for VS context menu scan.
I'll move this to VS thread.
Multiple tries with launch of files inside sandbox, no blink.
Same files launch outside sandbox, blink.
Every launch resulted in file added to Whitelist.
Thanks for your time and interest.

 

I only recently started using Sandboxie which is 5.16 and it was a problem from the start.

I would not think it was my AV since Chromium trunks work like Iron and Brave just not Chrome itself.

I will try the 5.17 see what that does.

 

Socio, in your thread at the Sandboxie forum you reported using Kaspersky. Thats as bad a choice of an antivirus to use along Sandboxie as there is. As the link says for W10, "Kaspersky must NOT be installed, otherwise Sandboxie will not work."
https://www.sandboxie.com/index.php?KnownConflicts#Antivirus

Bo

 

Yes it was KIS but there is a work around where you have to set KIS to not scan encrypted connections and Chrome works the only thing that bugs me is why does KIS only affect Chrome and not Chromium trunks while using Sandboxie?

Anyway thanks for your help Bo!

 

No problem, I'm guessing that the thread you referred to was a lot more popular, so it's not that strange. But yes, I can't believe that I've been using SBIE for almost 13 years. And we need to be grateful to Invincea and Tzuk for making such a great deal.

 

Firefox was updated to version 51 today, which apparently has its own Sandbox.

This version won't render web pages in any of my Sandboxie Sandboxes. However, I have reduced the built in sandbox security to 0 and it then works. I have not looked deeply into this yet for lack of time.

I wonder what others are going to do?

 

This doesn't sound too good. Looks like Invincea will have to find a workaround, and hopefully Mozilla will continue to give an option to disable the sandbox, but I'm not counting on it. I would always prefer to use SBIE to protect browsers, unless it gives performance issues. I have a feeling that Vivaldi is a bit slower when protected by SBIE.

 

Multiprocess Windows 0/1 (Disabled by add-ons)
Multi-process 1.7 false
Web Compat 1.0 false
Content Process Sandbox Level 1
51.0x86, 5.17.1
FWIW ~ http://www.ghacks.net/2017/01/23/how-to-change-firefoxs-sandbox-security-level/#comment-4105173

 

pling_man, the recommended workaround is to disable Multi process via about:config. Not everyone is experiencing problems but users that get what you seeing when opening webpages can disable Multi process by changing preference "browser.tabs.remote.autostart" to false in about:config.
http://www.ghacks.net/2016/07/22/multi-process-firefox/

Bo

 

With 50.1 about:support used to show Multiprocess Windows as 1/1 and worked fine.
With 51 it now shows 1/1 and sometimes 2/2.

What I have done so far is change security.sandbox.content.level to 0 (it was 1) and it seems fine.

But I don't know enough about these new capabilities to know if this is OK.

I will experiment with Multiprocess disabled and see if it works.

I hope that Invincea will address this issue in a future release.

 

Well I am stuck, because browser.tabs.remote.force-enable doesn't seem to be in version 51.

So I can't try Bo's suggestion.

 

I havent upgraded to 51 yet.

I would set security.sandbox.content.level back to how it was before you made the change and or try a new Firefox profile to see if browser.tabs.remote.autostart shows up. I ll test 51 in a little bit and come back.

Bo

 

FWIW ~ I've had Multi-process staged rollout, No thru CCleaner since Multi-process appeared with CCleaner Browser Plugins.

 

pling_man, browser.tabs.remote.autostart is still good in Firefox 51. Be very careful when you copy and paste the preference in about:config. Look for it and you ll find it.

If I was you before switching browser.tabs.remote.autostart to false, I would set security.sandbox.content.level back to default.

Anyway, Firefox is working great sandboxed. You can get yours that way as well. If your Firefox profile has gone bad you can create a new one and start fresh.

Bo

 

The preference you want to change to false is browser.tabs.remote.autostart, NOT browser.tabs.remote.force-enable.

Bo

 

Upgraded to FF 51 and in about:config, security.sandbox.content.level is at default value 1 and so far FF is working good with Sandboxie (5.16). Win 7 64 bit. Currently not running an A/V in real time and using Voodoo Shield along with Sandboxie and all is well.

 

I created a new profile, but browser.tabs.remote.autostart is already set to false. I also have a browser.tabs.remote.autostart.2

 

Then, Firefox under Sandboxie should be OK now. Are things alright?

Bo

 

No it won't run in Sandboxie with these settings (they are the defaults for a new profile).

The only thing that works for me is to lessen the security on the built in sandbox.

 

Then, leave it like that for now. Dont worry, the Sandboxie developers are aware of the issue and are working on the solution.
http://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=23902#p126011

Bo

 

Thanks for that link Bo. Actually I have restored an image to get back to version 50.1 because I wanted to check my old settings. I will have another go at the update when it is offered to me again.

 

I am still good after the upgrade to FF 51 as my Multiprocess Windows is still disabled, presumably by my many add-ons , and security.sandbox.content.level is still at default value 1, as it was with FF 50.