Sandboxie + Limited User Account = Extra Security?

Discussion in 'sandboxing & virtualization' started by RedZero, Oct 27, 2007.

Thread Status:
Not open for further replies.
  1. RedZero

    RedZero Registered Member

    Joined:
    Oct 22, 2007
    Posts:
    34
    I use psexec from Sysinternals to launch Internet Explorer with limited user rights from within Sandboxie. This way, not only is Internet Explorer sandboxed but it's also running with limited rights.

    Sandboxie > psexec -l > Internet Explorer

    I was wondering what your thoughts are concerning this combo? Good/Bad?

    Thanks!
     
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    A bit overkill imo but it doesnt hurt your computer and if it makes you feel safer go for it.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    Well, I basically do about the same, I´ve restricted certain vulnerable tools with SSM Pro (so without virtualization) and in addition I also run them in limited mode, this all will make it difficult for malware (trying to exploit zero day bugs) to do any damage. Of course Sandboxie already restricts apps automaticly, but if it will ever fail to protect you, non-admin mode might still be able to stop malware from doing any damage.
     
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I do the same with DropMyRights and Sandboxie. I'm not sure if it helps, but I guess it doesn't hurt. Everything seems to work just dandy.
     
  5. Beggar

    Beggar Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    2
    I'm trying to do the same thing with DMR and Sandboxie but DMR doesn't seem to be invoked. It does run but it doesn't limit installations from inside of the browser (Firefox). I've read up just a bit on Sandboxie's site but I must confess to not really understanding what I'm reading.

    Could you tell me -- specifically -- how you set up DMR and Sandboxie to run a limited browser inside the sandbox?

    Thanks.
     
  6. RedZero

    RedZero Registered Member

    Joined:
    Oct 22, 2007
    Posts:
    34
    Have you tried psexec from Sysinternals? It does the same thing as DMR but offers much more control.

    Just use the following syntax: psexec -l some-program.exe
     
  7. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi Beggar, I'm not sure about what you mean by installation from inside the browser. I believe there are ways to tweak dropmyrights but they are over my head. This site goes into it further. It's under advanced option in the article.
    http://msdn2.microsoft.com/en-us/library/ms972827.aspx

    I set up an icon to start Sandboxie and dropmyrights and set the target as this.

    "C:\Program Files\Sandboxie\Start.exe" "C:\Program Files\DropMyRights\DropMyRights.exe" "C:\Program Files\Mozilla Firefox\Firefox.exe"

    I can see that it is working by using Process Explorer and right-clicking Firefox and in the Security tab it says Deny, Owner. I'm not sure of what to change to keep installations from happening in Firefox. Are talking about extensions? I think I can install them too, but they are contained by Sandboxie and are removed when I empty the sandbox. The link I posted may have tweak to stop this behavior. I wish I could help more.

    innerpeace
     
Loading...
Thread Status:
Not open for further replies.