This build fixed a lot of various issues, some of them quite old, as well as a security issue related to some internal COM workarounds. Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/1.0.9 ChangeLog Added SandMan now causes all boxed processes to update their path settings in real time when access options were modified added new maintenance menu option "Uninstall All" to quickly remove all components when running in portable mode added version number to the title bar of Sandboxie Classic added option to return not to a snapshot but to an empty box state while keeping all snapshots Sandboxie-Plus.ini can now be placed in C:\ProgramData\Sandboxie-Plus\ folder and takes precedence (for business use) added support for AF_UNIX on Windows to resolve issues with OpenJDK17 and later #1009 #1520 #1521 Changed reworked breakout mechanism to be service based and not allowing the parent process to access the broken out child process enabled creation of directory junctions for sandboxed processes #1375 restored back AutoRecover=y on box creation #1554 improved snapshot support #1220 renamed "Disable Forced Programs" command to "Pause Forced Programs Rules" (Plus only) Fixed fixed BreakoutProcess not working with EnableObjectFiltering=y FIXED SECURITY ISSUE: when starting COMSRV unboxed, the returned process handle had full access fixed issue with progress dialog #1562 fixed issue with handling directory junctions in Sandboxie #1396 fixed a handle leak in File_NtCloseImpl fixed border issues on maximized windows introduced in the last build #1561 fixed a couple of index overruns (thanks 7eRoM) #1571 fixed issues with sysnative directory #1403 fixed issue with starting SandMan when running sandboxed from context menu #1579 fixed dark mode flash issue with main window creation #1231 fixed issues with snapshot error handling #350 fixed issues with the always on top option (Plus only)
Exited Plus UI and installed 1.0.9. Just asking: is the default now "Security Hardened Sandbox" versus the Standard Security one? Not that I mind at all, this has been working out quite well so far and I appreciate any extra security. In the past, I enabled drop rights so maybe that's it. Edit: I get this error message also, same as deugniet, after right-clicking on Default box to get to Snapshots Manager.
After updating to 1.0.9 Classic I no longer see yellow border around window indicating window is sandboxed. If I move cursor to edge of screen it will appear until I move cursor away from edge. I see nothing about this in change log. Is that behavior by design? OK...found fix in appearance. Again, not seen before so.....
Please check if the following option is ticked and untick it: Sandbox Settings > Appearance > Display the border only when the mouse cursor is on the window title Here you can find screenshots: https://www.wilderssecurity.com/thr...-sandboxie-yellow-border.437829/#post-3005379
I see this on Plus 1.0.9 as well. I can see it by using the 'restore down' button of my browser so the window is smaller. Yellow outline is only seen when I hover my mouse on edges. I can reproduce on anything eg. right-click a txt file and select to run sandboxed.
Wow, that border-only-when-mouse-hovers--I had that back in the Sophos days already. I can't recall ever NOT having the border configured like that. With browser minimized, that border would be distracting and annoying to me. Speaking of which, haven't had the border in yellow either for a long time. For the dark brown top border of default Firefox, I find the lite-aqua kind of pretty. Kind of. Spoiler
whats wrong there? you cant take snapshots when the box is active, that is has processes running only when all processes are stopped you can take a snapshot can you make a video of the border issue please
G'day All, Context: sandboxie-plus (any version); firefox in default box; immediate recovery enabled When I download a file the File Recovery dialog opens, I successfully recover the file, but the File Recovery dialog stays open and I have to click the close button to get rid of it. I've searched high and low but can't find a setting to automatically close the File Recovery dialog when there are no longer any files eligible for recovery - is there an option that does that? If not, I'll submit a feature request on github. Thanks
I have to click to close a window on almost any software that I have. Sandboxie is many things, but I don't think it has reached the status of being a mind reader yet Personally I would rather see David spend time on other areas (just my opinion)
Just to be clear on this David, are you saying that a box has to be empty to take a snapshot? (because that doesn't work for me) If you don't mean that, can you show what you mean?
I mean there must be no processes running in a box to take a snap shot, but there must be files inside (at least the always cerated RegHive). When processes are running there will be the error shown. When the box is empty i.e. no new files inside there will be an other error.
I have noticed an interesting autodelete issue with latest versions of sandboxie-plus (which may have been present in previous versions too but am unable to test). I don't want to create a new thread just for this, so here goes: SETUP: Win7x64 SP1 with Sandboxie-Plus x64: v1.0.7-1.0.9 (portable) BROWSERS: 32bit portable mypal, slimjet and vivaldi (I do not use x64 browsers) DefaultBox: Forced processes: mypal.exe, slimjet, vivaldi and AutoDelete=y RESULTS with only SandMan.exe active, listed below in three columns: MY ACTION ~~~~~~~~~~~~~~~~ "UI STATUS shows"~~~~~~~~~~~~~~~~~[Autodelete?] Mypal double-click (forced) ~~~~~~"Forced Running *32"~~~~~~~~~~~~~~~~[FAILS] Mypal right-click (-> defaultbox) ~~~"Running *32" ~~~~~~~~~~~~~~~~~~~~~[Success] Slimjet double-click (forced) ~~~~~"Forced Running *32 (Chromium Based)"~~[Success] Slimjet right-click (-> defaultbox) ~~"Running *32 (Chromium Based)" ~~~~~~~[Success] Vivaldi double-click (forced) ~~~~~"Forced Running *32 (Chromium Based)" ~~[Success] Vivaldi right-click (-> defaultbox) ~~"Running *32 (Chromium Based)" ~~~~~~~ [Success] __________________________________________________ With SandMan.exe Active and double-clicking a sandboxed shortcut (to the defaultbox) for ANY browser, autodelete is always a success. With only SbieCtrl.exe active ("classic" mode), autodelete always a success With both SbieCtrl.exe AND SandMan.exe running, autodelete always a success _____________________________________________________ NOTE: slimjet and vivaldi are chromium based browsers BUT mypal is based on palemoon (a FIREFOX derivative). __________________________________________________ MY WORKAROUND is to use a sandboxed shortcut (to the defaultbox) for mypal. The Bottom Line: Autodelete fails only if (a) Just SandMan.exe is active AND (b) mypal.exe is run forced in the defaultbox. [Using the Panic Key (or "terminate all") does not help.] With just sandman.exe active, some combination of forcing mypal (or firefox based process?) in the defaultbox causes autodelete to fail. Hope @DavidXanatos can make sense of it Maybe there are others who may have come across something similar. EDIT: David, the "uninstall all" option in v1.0.9 works great. Thank you!!
Addition to my previous post above: After more testing, I find that any sandbox (defaultbox or not) where autodelete fails for a forced mypal.exe (using sandman.exe) also has DropAdminRights=y ("Enhanced Isolation").
I have a simple question, what are hooks? Not being a Windows programmer I don't understand what they do. Is it like injecting a Basic GOSUB into a program, that the programs then goes and runs and then return back to running what it was originally supposed to do? What are the hooks that Sandboxie uses? What do they do?
Hi, Malwarebytes is saying it contain Malware, ect..... I will wait, for now, I will stay with 108..... Kind regards, always the best....
Here are the steps to reliably reproduce an autodelete problem with forced processes that I encountered for mypal.exe (see posts 15, 16) but which I now find also occurs for others (eg. notepad and sumatrapdf). My test Setup: Win7x64 SP1 with Sandboxie-Plus x64: v1.0.9 (portable) For simplicity, Sandboxie is configured with just one box (DefaultBox) ForcedProcess(es) in box: notepad.exe, sumatraPDF.exe(v3.1.2, 32bit, installed) My sandboxie.ini is listed in the spoiler below. Spoiler: my sandboxie.ini Code: # # Sandboxie configuration file # [GlobalSettings] FileRootPath=R:\TEMP\%SANDBOX% SeparateUserFolders=y KeyRootPath=\REGISTRY\USER\Sandbox_%USER%_%SANDBOX% IpcRootPath=\Sandbox\%USER%\%SANDBOX%\Session_%SESSION% NetworkEnableWFP=n EnableObjectFiltering=n EnableWin32kHooks=y EditAdminOnly=n ForceDisableAdminOnly=n ForgetPassword=n [UserSettings_0C6E0217] SbieCtrl_UserName=xxxxxxx SbieCtrl_AutoStartAgent=SandMan.exe SbieCtrl_NextUpdateCheck=-1 SbieCtrl_UpdateCheckNotify=n SbieCtrl_EnableAutoStart=y SbieCtrl_EnableLogonStart=n SbieCtrl_AddDesktopIcon=y SbieCtrl_AddQuickLaunchIcon=y SbieCtrl_AddContextMenu=y SbieCtrl_AddSendToMenu=n SbieCtrl_AutoApplySettings=y SbieCtrl_AutoRunSoftCompat=n SbieCtrl_ReloadConfNotify=n SbieCtrl_EditConfNotify=n SbieCtrl_HideWindowNotify=n SbieCtrl_WindowCoords=395,241,880,450 SbieCtrl_ActiveView=40021 SbieCtrl_BoxExpandedView=DefaultBox SbieCtrl_ProcessViewColumnWidths=250,70,300 [DefaultBox] Enabled=y BorderColor=#00ffff,ttl,6 Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore ConfigLevel=9 BoxNameTitle=y DropAdminRights=y FakeAdminRights=y CopyLimitKb=81920 AutoDelete=y AutoRecover=y ForceProcess=SumatraPDF.exe ForceProcess=notepad.exe Steps to reproduce using the Plus GUI of sandman.exe [All tests start with a "clean slate"]: TEST for sumatraPDF.exe (1) Sandbox->Maintenance->Uninstall All (2) Sandbox->Maintenance->Connect (allow UAC prompt to create services) (3) Double-Click a PDF file to "force-run" in DefaultBox. Then "x out" of (close) file. Result: No running processses, but sandbox is NOT EMPTY (see status tab in GUI) (4) Right-Click DefaultBox->Delete Contents brings up list of files. Click "Delete All" results in an EMPTY sandbox in 'status' tab A smilar test for notepad is in the spoiler below: Spoiler: TEST for notepad.exe (1) Sandbox->Maintenance->Uninstall All (2) Sandbox->Maintenance->Connect (allow UAC prompt to create services) (3) Double-Click a .txt file to "force-run" in DefaultBox. Then "x out" of (close) file. Result: No running processses, but sandbox is NOT EMPTY (see status tab in GUI) (4) Right-Click DefaultBox->Delete Contents brings up list of files. Click "Delete All" results in an EMPTY sandbox in 'status' tab COMMENT 1: For me, the notepad test shows zero files in file list, yet the sandbox status is NOT EMPTY until "Delete All" is clicked! COMMENT 2: If the PDF (or .txt) file is run in DefaultBox by Right-Click->Run SandBox->DefaultBox and the file is closed, the sandbox autodeletes successfully.
Salutations/Greetings: Just downloaded this evening and installed this evening. No alert from Malwarebtyes and/or any of my security software. Good to go......Working like a champion!!! Kind regards, always the best......
