Sandboxie Plus (Sbie fork) Guidance on use

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by smity, Jan 9, 2021.

  1. smity

    smity Registered Member

    Joined:
    May 13, 2008
    Posts:
    29
    have started this thread as a place for those interested to discuss configuring Sandboxie to their needs This I am sure will help new users as well as myself who is a little rusty I am now considering moving from my current Sophos version to this much improved update and at the same time review my settings to ensure they are optimum for me I would appreciate it those more knowledgable than myself could post there ini settings here plus any other tips they may have I myself mainly use Sandboxie with Firefox and Thunderbird
     
  2. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    335
    Location:
    Austria
    O.k. - perhaps for the beginners some basic information:

    1.
    If you want to inform yourself which different builds of Sandboxie exist and in which way they differ, take a look at the following post by @stapp. It is from October 2020 but I think the general principles described there are still the same (of course the version numbers for David's forks have changed in the meantime):
    https://www.wilderssecurity.com/threads/sandboxie-plus-sbie-fork.427755/page-26#post-2956467

    2.
    General information about Sandboxie (tutorials etc.) you can find here:
    - Help Topics on David's homepage: https://xanasoft.com/sandboxie/helptopics/
    or
    - a tutorial written by @bo elam: https://win10.guru/toolkit-item-sandboxie-by-guest-author-bo-elam/
    (Bo, I hope you will participate here in this thread with your knowledge. :) )

    3.
    - The file Sandboxie.ini contains the information about the settings of your sandbox or sandboxes (you can have one or more).

    - The path of the Sandboxie.ini is simply C:\Windows
    You can open an ini-file with a text editor: Right click on the file --> "Open with" --> choose e.g. "Editor"

    - Or you can open it directly from Sandboxie Control. At least in the classical version of Sandboxie (the one I use) you choose the menu "Configure" and from the dropdown list "Edit Configuration"

    - If you post the contents of your ini-file be aware that it has an entry with your user name: "SbieCtrl_UserName=......."
    --> If you do not want to be seen your user name in public, simply delete it. ;)

    - As the list of entries in the ini-file may become quite long (especially if there are more than one sandboxes) perhaps it is better to paste the text not directly here in the editor window of the Forum but to use the spoiler: Click on the symbol "Insert" in the toolbar (the 4th from right) and choose the option "Spoiler". Then it will appear in the following way after clicking on "Spoiler":

    This text is put in spoiler tags
    This text is put in spoiler tags 2
    This text is put in spoiler tags 3
    This text is put in spoiler tags 4
    etc.

    That's all that comes to my mind at the moment. ;)
     
    Last edited: Jan 9, 2021
  3. smity

    smity Registered Member

    Joined:
    May 13, 2008
    Posts:
    29
    Thanks for that intro Hopefully more posts will come I am interested mainly in the various ways people configure their sandboxes in case I miss something useful or important
     
  4. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    335
    Location:
    Austria
    By clicking on "Spoiler" you can see my ini-file.

    [GlobalSettings]

    Template=Windows10CoreUI
    Template=FireFix_for_Win7
    Template=WindowsRasMan
    Template=Microsoft_MSMQ
    Template=7zipShellEx
    Template=OfficeLicensing
    Template=Microsoft_Security_Essentials
    Template=AdobeAcrobatReader
    Template=NortonInternetSecurity
    Template=WindowsLive
    ProcessGroup=<InternetAccess_Operabox>,opera.exe
    ActivationPrompt=n

    [DefaultBox]

    ConfigLevel=7
    AutoRecover=y
    Template=WindowsFontCache
    Template=BlockPorts
    Template=LingerPrograms
    Template=Firefox_Phishing_DirectAccess
    Template=AutoRecoverIgnore
    RecoverFolder=%Desktop%
    Enabled=y
    BoxNameTitle=n
    BorderColor=#00FFFF
    AutoDelete=y
    NeverDelete=n
    NotifyInternetAccessDenied=y
    ClosedFilePath=!<InternetAccess>,InternetAccessDevices
    ClosedFilePath=C:\Program Files\Symantec\
    ClosedFilePath=%Personal%\
    ClosedFilePath=\Device\Mup\
    NotifyStartRunAccessDenied=y
    ReadFilePath=C:\Windows\
    ReadFilePath=C:\Program Files\
    ProcessGroup=<StartRunAccess>,firefox.exe,plugin-container.exe,plugin~1.exe,skype.exe,AcroRd32.exe,PDFXCview.exe,Silverlight.Configuration.exe,wisptis.exe,dllhost.exe,jp2launcher.exe,jp2lau~1.exe,java.exe,plugin-hang-ui.exe,ctfmon.exe,PDFXEdit.exe,SkypeBrowserHost.exe,rundll32.exe
    ProcessGroup=<InternetAccess>,firefox.exe,skype.exe,plugin-container.exe,SkypeBrowserHost.exe
    DropAdminRights=y
    LeaderProcess=firefox.exe
    ClosedIpcPath=!<StartRunAccess>,*

    [UserSettings_.......]

    SbieCtrl_UserName= .....
    SbieCtrl_NextUpdateCheck=-1
    SbieCtrl_UpdateCheckNotify=y
    SbieCtrl_ShowWelcome=n
    SbieCtrl_HideWindowNotify=n
    SbieCtrl_ActiveView=40021
    SbieCtrl_AutoApplySettings=n
    SbieCtrl_SettingChangeNotify=n
    SbieCtrl_WindowCoords=817,176,864,575
    SbieCtrl_HideMessage=2101,ConnectPort (C0000022) access=001F0000 initialized=1
    SbieCtrl_HideMessage=1308,software_reporter_tool.exe [GoogleChromeBox]
    SbieCtrl_HideMessage=2303,CoGetObject (33, 1655)
    SbieCtrl_HideMessage=2303,RegisterDragDrop (33, 1655)
    SbieCtrl_HideMessage=2222,software_reporter_tool.exe [GoogleChromeBox]
    SbieCtrl_HideMessage=2318,ole32.dll
    SbieCtrl_HideMessage=2314,software_reporter_tool.exe
    SbieCtrl_HideMessage=1308,RuntimeBroker.exe [DefaultBox]
    SbieCtrl_HideMessage=2222,RuntimeBroker.exe [DefaultBox]
    SbieCtrl_HideMessage=2314,RuntimeBroker.exe
    SbieCtrl_HideMessage=2222,dllhost.exe [Testbox]
    SbieCtrl_HideMessage=2314,dllhost.exe
    SbieCtrl_HideMessage=2221,GOM.EXE [Testbox]
    SbieCtrl_HideMessage=2205,Font Path C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf
    SbieCtrl_HideMessage=2314,MsSpellCheckingFacility.exe
    SbieCtrl_HideMessage=2205,Font Path C:\Program Files\Mozilla Firefox\fonts\EmojiOneMozilla.ttf
    SbieCtrl_HideMessage=2205,DDE DATA
    SbieCtrl_HideMessage=2221,FlashPlayerPlugin_11_3_300_257.exe [DefaultBox]
    SbieCtrl_HideMessage=2222,dllhost.exe [DefaultBox]
    SbieCtrl_ProcessViewColumnWidths=250,70,300
    SbieCtrl_EnableLogonStart=n
    SbieCtrl_EnableAutoStart=y
    SbieCtrl_AddDesktopIcon=y
    SbieCtrl_AddQuickLaunchIcon=y
    SbieCtrl_AddContextMenu=y
    SbieCtrl_AddSendToMenu=y
    SbieCtrl_SaveRecoverTargets=n
    SbieCtrl_BoxExpandedView=GoogleChromeBox

    [GoogleChromeBox]

    Enabled=y
    ConfigLevel=7
    AutoRecover=y
    BlockNetworkFiles=y
    Template=AutoRecoverIgnore
    Template=Firefox_Phishing_DirectAccess
    Template=Chrome_Phishing_DirectAccess
    Template=LingerPrograms
    Template=BlockPorts
    Template=WindowsFontCache
    Template=qWave
    RecoverFolder=%Desktop%
    BorderColor=#00FF00
    AutoDelete=y
    NeverDelete=n
    NotifyInternetAccessDenied=y
    ProcessGroup=<InternetAccess>,googlechromeportable.exe,google~1.exe,chrome.exe
    ProcessGroup=<StartRunAccess>,googlechromeportable.exe,chrome.exe
    ClosedFilePath=!<InternetAccess>,InternetAccessDevices
    ClosedFilePath=%Personal%\
    NotifyStartRunAccessDenied=y
    ClosedIpcPath=!<StartRunAccess>,*
    ReadFilePath=C:\Windows\
    ReadFilePath=C:\Program Files\
    BoxNameTitle=n
    ForceProcess=chrome.exe

    I have two sandboxes:

    1) "DefaultBox":

    - Here I run my browser (Firefox). (Formerly sometimes also Skype. Therefore there is still also the skype.exe (and SkypeBrowserHost.exe) under "ProcessGroup=<InternetAccess>"

    - Under "ProcessGroup=<StartRunAccess>" there are still a lot of entries and I assume that many of them are unnecessary in the meantime when simply using Firefox within this Sandbox. I plan to remove a lot of them as soon as I have found out more about them.


    2) "GoogleChromeBox":

    As the name says its function is to use within it sometimes the Google Chrome Browser (portable version).

    ----------

    I should add that there are various entries in my ini-file which obviously have no meaning any longer:

    For example there is still an entry "ProcessGroup=<InternetAccess_Operabox>,opera.exe" although since a long time I do not have any more Opera (and the corresponding sandbox "Operabox") on my computer.

    The same applies to the entry "ClosedFilePath=C:\Program Files\Symantec\": I have removed Symnatec/Norton already a long time ago from my computer.

    etc.etc.

    Questions, comments and advices concerning my settings of Sandboxie are welcome.
     
    Last edited: Jan 11, 2021
  5. smity

    smity Registered Member

    Joined:
    May 13, 2008
    Posts:
    29
    Thanks That is what I was wanting Will review over the coming days
     
  6. hidebu

    hidebu Registered Member

    Joined:
    Jul 23, 2020
    Posts:
    5
    Location:
    canada
    Is there a way to export an ini file to another computer? If so, how do you import it to the other computer and replace the existing ini file?

    And advice much appreciated.
     
  7. davi

    davi Registered Member

    Joined:
    Jul 3, 2020
    Posts:
    15
    Location:
    RO
    Backup c:\windows\sandboxie.ini from one computer, and then copy it to the other pc.
    If the other computer has different users i would advise you to modify the ini after copying the file and remove the sections with "[UserSettings_" and than some random characters, those sections contain settings specific to the original computer users that might not be used in the new pc.
     
    Last edited: Jan 14, 2021
  8. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    107
    Location:
    uk
    is there a Plus v Classic comparison available? I have Plus installed but only run Classic still.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.