Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.14.10 Added added Ability to import encrypted archive files directly #4255 Changed when the sbiesvc.exe worker crashes it now can automatically be restarted. Fixed fixed issue with sandbox path entry combo boxes fixed Proxy for GetRawInputDeviceInfoW() causes a buffer overflow #4267 (thanks marti4d)
While using Windows 11 on a virtual machine, I encountered the problem of files not being deleted, but I couldn't identify the source of the issue. Additionally, Microsoft Edge doesn't close properly in the 24H2 version.
@busy I'm logged in at websites (e.g., Wilders, Gmail) when not sbox'd...even thru browser cycles. Why am I not logged in to the same websites when calling my discrete browser sbox? Where is the disconnect?? I thought Sboxie copied over what's needed into my browser sbox. 1.14.10 How may I create a discrete browser sbox that will mirror my not sbox browser?? ======================= Edit: I finally remembered here Okay...after the needed folders are created with my Security Hardened Sandbox. How may I retain the needed folders with auto-delete?
@bjm_ It could be due to the new cookie encryption introduced in Chromium 127 and above. https://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html Maybe it could work properly with the settings below.
Snapshot does not retain my Gmail accounts sign ins...head scratch. Whereas Snapshot does retain for example: Wilders, MalwareTips n' GitHub n' other webmail, etc., sign ins. Does..."Code" negate my "isolations" with for example: my Edge sbox? Meaning, NoSecurityIsolation sounds like I'm opening up a hole? Code: NoSecurityIsolation=y Template=OpenCOM Spoiler: Edge ini Enabled=y BlockNetworkFiles=y RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#027df7,ttl,6 Template=BlockTelemetry Template=LingerPrograms Template=qWave Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=BlockPorts Template=Edge_Bookmarks_DirectAccess ConfigLevel=10 ProcessGroup=<InternetAccessDisabled>, ProcessGroup=<InternetAccess>,SandboxieCrypto.exe,msedge.exe ProcessGroup=<StartRunAccess>,notepad.exe,msedge.exe,Enpass.exe PromptForInternetAccess=y ClosedIpcPath=!<StartRunAccess>,* DropAdminRights=y HideHostProcess=KeePass.exe UseRuleSpecificity=y AllowBoxedJobs=y UseFileDeleteV2=y UseRegDeleteV2=y ProtectHostImages=y AllowNetworkAccess=!<InternetAccess>,n DenyHostAccess=audiodg.exe,n ConfidentialBox=y LingerProcessDisabled=msedge.exe LeaderProcess=msedge.exe OpenPrintSpooler=y AllowSpoolerPrintToFile=y OpenDevCMApi=y UseSecurityMode=y Meaning, if my problem retaining sign ins are only Gmail accounts? Will "Code" open holes? Just that...I thought I remember not needing Snapshot to retain sign ins. I thought Sboxie used to copy over whatever (including persistent login cookies) was needed.
The cookie file saved with the new cookie protection (on the host) cannot be read in the standard sandbox, so it is recreated from scratch. As a result, websites you visit outside of the sandbox will not be remembered until you log in again. Therefore, for now, the cookie file on the host cannot be used in the sandbox except for the settings below. Spoiler: Example config Code: NoSecurityIsolation=y OpenIpcPath=msedge.exe,*\BaseNamedObjects*\__ComCatalogCache__ OpenIpcPath=msedge.exe,\RPC Control\LRPC* OpenIpcPath=msedge.exe,\RPC Control\OLE* OpenIpcPath=msedge.exe,\RPC Control\epmapper ProcessGroup=<StartRunAccess>,notepad.exe,msedge.exe,Enpass.exe ClosedIpcPath=!<StartRunAccess>,* DropAdminRights=y
and the new cookie protection effects Chromium based -> Chrome and Edge? Hello @busy Thanks for your recent messages and all past help. Edit: I give up. Something on my machine changed with Chrome and Edge. Firefox behaves like I'm used to...at this time. Logins outside my discrete Firefox sbox are copied over to my Firefox sbox...and retained thru sbox cycles...even with Auto delete enabled. Chrome and Edge used to, as I recall, behave as Firefox. Now, Chrome and Edge are head scratch. I've tested Chrome and Edge with new default discrete sbox's. Chrome, Edge, Firefox...as far as I know...do not clear anything on close. I'm trying Sboxie - Snapshots with Chrome and Edge...as workaround. ======================================= btw ~ what do these for? Code: ClosedFilePath=*:\*Norton*\* OpenDevCMApi=y btw ~ what do these do? Code: NoSecurityIsolation=y OpenIpcPath=msedge.exe,*\BaseNamedObjects*\__ComCatalogCache__ OpenIpcPath=msedge.exe,\RPC Control\LRPC* OpenIpcPath=msedge.exe,\RPC Control\OLE* OpenIpcPath=msedge.exe,\RPC Control\epmapper
anyone know what this means when I call -> Run Windows Explorer #27 anyone know why adding Code: ProcessGroup=<InternetAccess>,FileCoAuth.exe ClosedFilePath=*:\*Norton*\* allows -> Run Windows Explorer? Spoiler: [Explorer] [Explorer] Enabled=y BlockNetworkFiles=y RecoverFolder=%Desktop% RecoverFolder=%Personal% RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% BorderColor=#00ffff,ttl,6 Template=LingerPrograms Template=BlockPorts Template=qWave Template=FileCopy Template=SkipHook Template=OpenBluetooth ConfigLevel=10 UseFileDeleteV2=y UseRegDeleteV2=y PromptForInternetAccess=y AllowNetworkAccess=!<InternetAccess>,n ProcessGroup=<InternetAccess>,FileCoAuth.exe ClosedFilePath=*:\*Norton*\* 1.14.10
@bjm_ In Sandboxie, the ClosedFilePath directive is used to define paths that should be restricted or blocked from access while running in a sandbox. Specifically, in the line you mentioned: Code: ClosedFilePath=*:\*Norton*\* This is instructing Sandboxie to block access to any files or directories that match the path pattern *:\*Norton*\*. --- OpenDevCMApi=y -> See https://www.wilderssecurity.com/threads/sandboxie-plus-0-7.436454/#post-2990080 --- btw ~ what do these do? # NoSecurityIsolation=y -> Application Compartment (aka Green Box) # Template=OpenCOM but only for MS Edge. See OpenIpcPath=msedge.exe,*\BaseNamedObjects*\__ComCatalogCache__ OpenIpcPath=msedge.exe,\RPC Control\LRPC* OpenIpcPath=msedge.exe,\RPC Control\OLE* OpenIpcPath=msedge.exe,\RPC Control\epmapper --- anyone know why adding Code: ProcessGroup=<InternetAccess>,FileCoAuth.exe I don't know, i don't use OneDrive. Just block it with ClosedPath... Code: ClosedFilePath=%LocalAppData%\Microsoft\OneDrive\*
afaik ~ I don't use OneDrive. with added Code: ClosedFilePath=%LocalAppData%\Microsoft\OneDrive\* and removed Code: ProcessGroup=<InternetAccess>,FileCoAuth.exe Run Windows Explorer opens okay...but, I still (head scratch) need Code: ClosedFilePath=*:\*Norton*\* --- I've removed Code: OpenDevCMApi=y -- @busy still head scratch why only with [Explorer] btw ~ does Snapshot contents survive Auto delete content &or Delete Content? When I'm not opting "Also delete all Snapshots". Spoiler: Also delete all Snapshots Edit: Snapshots does not retain logins for my Gmail accounts. Snapshots does retain logins for Wilders, MalwareTips, Yahoo, Outlook, etc. --- Edit2: as test added Code: to Default box. Code: NoSecurityIsolation=y OpenIpcPath=msedge.exe,*\BaseNamedObjects*\__ComCatalogCache__ OpenIpcPath=msedge.exe,\RPC Control\LRPC* OpenIpcPath=msedge.exe,\RPC Control\OLE* OpenIpcPath=msedge.exe,\RPC Control\epmapper ProcessGroup=<StartRunAccess>,notepad.exe,msedge.exe,Enpass.exe ClosedIpcPath=!<StartRunAccess>,* DropAdminRights=y AutoDelete=y Default/Application Compartment box retained my four Gmail accounts logins. as test: added Code: Code: UseSecurityMode=y ConfidentialBox=y Application Compartment box remained Application Compartment? Application Compartment box retained my four Gmail accounts logins. --- I don't run Edge in Application Compartment box. I run Edge in Security Hardened box. --- No notion how Default/Application Compartment box with Code: Code: UseSecurityMode=y ConfidentialBox=y compares to Security Hardened/Enhanced Isolation box with Code: Code: UseSecurityMode=y ConfidentialBox=y other than Edge (white screen) not working. @busy my bad...took me too long to realize only my Gmail logins were not retained and why [Explorer] needs *:\*Norton*\*
fwiw ~ new W11 23H2 machine...new Sandboxie+ install...new [Explorer] does not need any tweaking. Spoiler: ini # # Sandboxie configuration file # [GlobalSettings] DefaultBox=Explorer FileRootPath=\??\%SystemDrive%\Sandbox\%USER%\%SANDBOX% KeyRootPath=\REGISTRY\USER\Sandbox_%USER%_%SANDBOX% IpcRootPath=\Sandbox\%USER%\%SANDBOX%\Session_%SESSION% TemplateReject=SynapticsTouchPad TemplateReject=Edge_Fix TemplateReject=OfficeClickToRun TemplateReject=WindowsLive TemplateReject=WindowsRasMan TemplateReject=OfficeLicensing NetworkEnableWFP=y SandboxieLogon=y [UserSettings_0C340211] SbieCtrl_AutoStartAgent=SandMan.exe -autorun SbieCtrl_EnableAutoStart=n SbieCtrl_HideMessage=1308,identity_helper.exe [Edge] SbieCtrl_HideMessage=1308,RuntimeBroker.exe [Edge] SbieCtrl_HideMessage=1308,dllhost.exe [Edge] SbieCtrl_HideMessage=1308,MicrosoftEdgeUpdateBroker.exe [Edge] SbieCtrl_UserName=bjmer SbieCtrl_WindowCoords=200,150,1237,632 SbieCtrl_ActiveView=40021 BoxGrouping=:Chrome,Standard,Edge,Explorer [Chrome] Enabled=y BlockNetworkFiles=y RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#0055ff,ttl,6 Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=AutoRecoverIgnore Template=Chrome_Bookmarks_DirectAccess Template=LessConfidentialBox ConfigLevel=10 UseFileDeleteV2=y UseRegDeleteV2=y AutoRecover=y UseSecurityMode=y ConfidentialBox=y ProcessGroup=<StartRunAccess>,chrome.exe ProcessGroup=<InternetAccess>,chrome.exe ClosedIpcPath=!<StartRunAccess>,* AllowNetworkAccess=!<InternetAccess>,n PromptForInternetAccess=y [Standard] Enabled=y BlockNetworkFiles=y RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#02f6f6,ttl Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=AutoRecoverIgnore ConfigLevel=10 UseFileDeleteV2=y UseRegDeleteV2=y AutoRecover=y [Edge] Enabled=y BlockNetworkFiles=y RecoverFolder=%Desktop% RecoverFolder=%Personal% RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% BorderColor=#027df7,ttl Template=AutoRecoverIgnore Template=LingerPrograms Template=BlockPorts Template=qWave Template=FileCopy Template=SkipHook Template=OpenBluetooth Template=LessConfidentialBox Template=Edge_Bookmarks_DirectAccess ConfigLevel=10 UseSecurityMode=y UseFileDeleteV2=y UseRegDeleteV2=y ConfidentialBox=y AllowNetworkAccess=!<InternetAccess>,n ProcessGroup=<StartRunAccess>,msedge.exe ProcessGroup=<InternetAccess>,msedge.exe ClosedIpcPath=!<StartRunAccess>,* PromptForInternetAccess=y AutoRecover=n [Explorer] Enabled=y BlockNetworkFiles=y RecoverFolder=%Desktop% RecoverFolder=%Personal% RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% BorderColor=#0055ff,ttl,6 Template=AutoRecoverIgnore Template=LingerPrograms Template=BlockPorts Template=qWave Template=FileCopy Template=SkipHook Template=OpenBluetooth ConfigLevel=10 UseFileDeleteV2=y UseRegDeleteV2=y AutoRecover=y UseSecurityMode=y AllowNetworkAccess=!<InternetAccess>,n PromptForInternetAccess=y [UserSettings_04D4013A] SbieCtrl_AutoStartAgent=SandMan.exe -autorun BoxGrouping=:Chrome,Edge,Explorer,Standard SbieCtrl_HideMessage=1308,identity_helper.exe [Edge] SbieCtrl_HideMessage=1308,RuntimeBroker.exe [Edge] SbieCtrl_HideMessage=1308,dllhost.exe [Edge] SbieCtrl_HideMessage=1308,MicrosoftEdgeUpdateBroker.exe [Edge] SbieCtrl_EnableAutoStart=y
