Sandboxie Observation

Discussion in 'sandboxing & virtualization' started by ratchet, Sep 12, 2007.

Thread Status:
Not open for further replies.
  1. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Most of you probably already know this, however, I found it interesting. I've only performed the benign test of creating a Firefox bookmark while sandboxed and then seeing if it is in non sanboxed Firefox and indeed it isn't. So I thought I'd delete a bookmark while sandboxed to see what happens, assuming in non sandboxed it would still be there, which it was. Here is the interesting thing though. I just randomly select a news article and mark it. I re-sandbox and it isn't even there. I came to realize that until you delete the contents of a session, when you sandbox, you return to a previous session. After I deleted the Sandboxie contents and added the bookmark un-sandboxed it was in the new sandboxed session. Point being, until Sandboxie contents are deleted you sort of return to the previous sandboxed session.
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    which is why most of us check the box to empty contents of sandbox on closing, or exiting.
     
  3. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Here I usually open up my trusted sites with login details outside the sandbox.

    When starting my browser in a newly created sandbox my details are retained along with the cookies and cached items which help speed up browsing.

    You can open file paths to retain favourites but I prefer to do it manually.
    Sandboxie ini settings
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,050
    Another way of looking at this, is if you aren't sure you are done or whether you want anything, you can leave it in the sandbox, and even after rebooting, go back to it. THen when you are done delete it.

    Pete
     
  5. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    That is not any secured way! Your "trusted" site could be hacked and infected with malicious iframe or Flash object.
     
  6. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    How would FF with Noscript and adblockplus handle those exploits?

    Only sandboxed trusted sites are noscript whitelisted when needing to post.
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    The simple way is, I have my email and web browser sandboxed, After that my AV is in place. And it works.
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Wise! Very Wise.

    I was researching over the weekend and got bit for the first time in a very long time with a clever file infector. I always like to run On-Demand AV scans and good thing, every .exe got popped. At least they were cleanable.

    Just when you think you have everything in place and let just one of your guards down, whammo comes some engenious invader to spoil the party. After that, i went out and got Anti-Exe. ErikAlbert (member) is talked up this program quite a lot recently and now i see the WISDOM in those, his apprehensions we sometimes find exhibited in his posts. :thumb:
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,050
    OT but it AE may play havoc with FDISR. It did with me.
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Thanks Pete for that notice. If that be the case then it's but a simple matter that i'll just keep AE onto the drive w/o FD-ISR.

    Don't need conflicts, thats for sure. $M has enough of their own, built-in. LoL
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    Why should you have a trusted list?
    Allow on demand, when needed.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.