Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Ahhhh! :thumb:
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I took the easy out, and added dllhost to my sbie boxes
     
  3. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    Forced or ?
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    No, thats one process you do not want to force. But for convenience, you might want to add it to the programs that are allowed to run (Sandbox settings>Restrictions>Start Run access.

    Bo
     
  5. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    Should I add it to like my browser sandbox?
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Nothing wrong doing that, Pete. It is still very safe to do it since ONLY dllhost thats installed in your computer (out of the sandbox) can run when the process is added to the list of programs that are allowed to run. After adding dllhost to the list, if malware using the name dllhost downloads into the sandbox, it wont run. I think this restrictions work beautifully.:cool:

    Bo
     
    Last edited: Sep 26, 2015
  7. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    You can add it or not, it really doesn't matter. Whether you add it or not, you ll still be able to do what you doing sandboxed without allowing dllhost to run. I add it to my everyday browser sandbox in the list of programs that are allowed to run.:)

    Bo
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,446
    Location:
    Slovenia
    It's also interesting that dllhost wants to communicate to network when downloading files in Chrome. I don't give that right to this process, but I do let it run.
     
  9. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,031
    Location:
    Mexico
    Exactly what I do, let it run but no Internet allowed so any attempt to retrieve or worst to send data is blocked. When I close Chrome session every piece of data (sensitive or not) is destroyed.
     
  10. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,083
    dllhost aka "com surrogate" is a called security feature, read more:
    http://blogs.msdn.com/b/oldnewthing/archive/2009/02/12/9413816.aspx
    so if there is something wrong with other code - malware, wrong hook, wrong jump, breaking DEP/ASLR - that wont concern the calling process and makes it weak or vulnerable.

    it is possible to deactivate surrogate by id, but it lowers security. in most cases a 3rd-party security software causes problems with it.
    if you experience trouble check processes first.

    if surrogate eats cpu or ram its matter of the called dll file (see above)

    HTH
     
  11. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,031
    Location:
    Mexico
    Thank you for this information, enlightening indeed.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Thanks for the feedback. I will post about it on the SBIE forum, I don't believe it should be this sluggish.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I don't get it, can't it update inside the sandbox?
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590

    Sure it can, but then I exit, the sandbox deletes, and the updates are gone.
     
  15. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    New beta, 5.05.1 has been released.
    http://forums.sandboxie.com/phpBB3/viewtopic.php?f=54&t=21855#p114056

    Bo
     
  16. meatouph

    meatouph Guest

    Hurray! :)
     
  17. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    Running v5.05.1 with no problems.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Same here
     
  19. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    Ditto for me also. So far no problems.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I just discovered that apps (and SBIE processes) won't terminate correctly, what a bummer, I will upgrade to 5.05.
     
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Sometimes setting a program as the Leader program in a sandbox, solves the issue of a program remaining running after the sandboxed application is closed. Use this setting for the primary program of the sandbox. You can also try adding processes to the list of Lingering programs. Don't add Sandboxie processes to either list, they auto terminate when nothing else is running sandboxed. Its not really abnormal to experience something like this in one, maybe two sandboxes, but it shouldn't be happening in every sandbox you are using. Read here.
    http://www.sandboxie.com/index.php?ProgramStopSettings#leader
    http://www.sandboxie.com/index.php?ProgramStopSettings#linger

    Bo
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    v5.05.1 :)
     
  23. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    957
    Location:
    usa
    Bo,

    I've had a few problems with my Sandboxie. One of them - issues with printing - has been resolved.
    My second problem was this.
    I could not run the Delete command upon closing Sandboxie on my Windows 7. I got used to that and decided to wait till I update Win 7 to Windows 10.
    Yesterday, I updated my Windows 7 computer to Windows 10, but I still get the same "Delete command" problem.
    Here is the pop-up window snapshot.
    Could you help me to resolve it?
    Thanks in advance.
    sand.PNG
     
  24. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Had a few Firefox false starts with v5.05.1
    I'll delete the 1mb and second Run Web Browser is okay.
    Had some false starts with v4.x.x.
    Must be me. I'll try Forced and see.
     
  25. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Zmechy, I am not familiar with using Eraser to delete the sandbox. I use RMDIR (default) and that works well. Take a look at this recent thread about Eraser and SBIE, it might help you figure out what you need to do to get Eraser working with SBIE. Your issue probably has to do with Eraser not setup correctly in Sandboxie settings.
    http://forums.sandboxie.com/phpBB3/viewtopic.php?f=5&t=20784&p

    Bo
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.