Sandboxie-Plus v1.9.1,v1.9.2

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by DavidXanatos, Apr 23, 2023.

  1. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    This release addresses multiple issues and introduces new features. Firstly, a critical memory corruption problem with privacy enhanced sandboxes has been resolved. Additionally, a hooking bug affecting ARM64 devices has been fixed, along with several other bugs. Furthermore, the user interface has been improved and additional protection features have been added.

    Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.9.1

    Changelog
    Added
    • added option to disable all force rules of a given sandbox #2797
    Changed
    • reworked configuration storage for box grouping
    Fixed
    • fixed system check in Classic installer #2812
    • fixed encoding issue with Korean translation #2833
    • fixed memory corruption issue with Normal[File/Key]Path #2588
    • fixed DPI scaling in the snapshot manager window #782
    • fixed issue with arm64 DialogProc hook #2838
    • fixed Qt6 compatibility issue with 7z FS implementation #2681
    • fixed issue with TLS support using Qt6 #2682
    • added template preset for Spotify #2673
    • added missing localisation to finder #2845
     
  2. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    560
    Thank you. Plus v1.9.1 (portable install on Win7) is up and running well here so far :)
     
  3. DjKilla

    DjKilla Registered Member

    Joined:
    Oct 4, 2021
    Posts:
    207
    Location:
    Tampa, FL
    Everything seems to be working good using the orange box (I'll test the red box soon). I do have a question about the new Image Protection setting in the Security Options section. I read the description and this looks like an extra layer of protection so shouldn't this be checked by default? Are there any cons for using or not using this setting?

    I have the following apps sandboxed:
    Firefox 112.01
    Thunderbird 102.10.0
    Microsoft Edge
     
    Last edited: Apr 23, 2023
  4. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Silly question probably but...I use a security-hardened box (ordinarily it's the orange border). Can this be changed safely, without disrupting anything? I strongly prefer the light turquoise border so I always change this if it slips back to the default orange (yuck).
     
  5. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    413
    @DjKilla
    Copy "C:\Program Files\Mozilla Firefox\xul.dll" file into a sandbox (X:\Sandbox\xxx\drive\C\Program Files\Mozilla Firefox\) then try running Firefox in that sandbox.

    @plat
    You can change the border color as you wish.
     
  6. DjKilla

    DjKilla Registered Member

    Joined:
    Oct 4, 2021
    Posts:
    207
    Location:
    Tampa, FL
    Edited my post above with the apps I have sandboxed. Anyway, was wondering if there's any cons to using Image Protection. Seems like it should be set to on by default since it adds extra protection unless there's a reason for it to be off. I have it on now and everything is working perfectly so far using the orange box.
     
  7. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Tried to make it work but I couldn't :p
    Is this correct? DisableForceRules=y per box
    A helping hand please...
     
  8. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
    Updated over the top on Win 10.
    All colour boxes working on Edge and Vivaldi.
     
  9. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
    Is there any of all the Plus boxes that is better to use when testing software, where the soft actually can run?
    With Classic version, more than often the software can not run.
     
  10. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Well it depends, as it comes with additional limitations, for example a process which binary is located in the box will not be able to start a executable which is not located in the box itself.
    So installing software to a box is hindered and executing software installed to the box may also be problematic depending on what the software does.
    Enabling it by default hence is not recommended. But perhaps we should put it into the box creation wizard.

    You know this is one of the things that we could decide if there would be some usage telemetry, if we would find that 90% of the users which participate in the telemetry program only use sandboxes for isolation of apps installed on the host we could consider making this option default.
    But in absence of hard data we need to err on the side of caution and maintain optional compatibility.

    Perhaps we need a master selection combo box at the beginning of the new box wizard where the users could choose their intended use case for the box
    1. Use it to run apps installed on the host and discard the status upon termination
    [#] drop admin rights
    [#] image protection
    [#] auto delete
    [] msi installer excemptions
    2. Use it to run apps installed on the host but maintain the status between sessions
    [#] drop admin rights
    [#] image protection
    [] auto delete
    [] msi installer excemptions
    3. Install apps to the box entirely.
    [] drop admin rights
    [] image protection
    [] auto delete
    [#] msi installer excemptions

    more suggestions welcome

    for me it works fine when testing how about others?
     
    Last edited: Apr 24, 2023
  11. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    413
    @Mr.X
    It will not work with a shortcut created by Sandboxie. (.../Start.exe" /box:XXX)
     
  12. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Great, thanks alot busy. :)
     
  13. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    No it won't I know it.
    Could you show in a screenshot what is to be expected when adding DisableForceRules=y in every box in the ini file?
     
  14. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    413
    You can use this setting to disable force rules only on specific sandboxes when you don't want to disable forced programs and folders globally using the "Pause Forcing Programs" setting from the system tray.

    "Pause Forcing Programs" -> Global
    DisableForceRules=y -> Per Box [Sandbox Options > Program Control > Force Programs > Disable forced Programs and Folders for this sandbox]

    Code:
    https://streamable.com/pxpdgz
     
  15. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
  16. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    :argh:
    @busy I read your comment hours ago but I got... busy :D
    And believe it or not just came in to comment what was I expecting from this new feature that seemed to not work for me, and guess what: before replying here I saw this comment
    then jumped to
    https://github.com/sandboxie-plus/Sandboxie/pull/2851
    This github post has exactly what I was expecting from DisableForceRules=y prior release 1.9.2 :argh:
     
    Last edited: Apr 24, 2023
  17. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
  18. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    413
    If you are using Windows 11, try rebooting.
     
  19. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
    I suppose this post was meant to me.
    Did not help, still absent after restart and rerun of the guide.
     
  20. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    401
    Location:
    uk
    I'm not sure when this started so it may well not be a 1.9.x issue, but my Firefox homepage (https://www.bbc.co.uk/news) which loads with Firefox (forced) now mainly, but not always, times out when Firefox starts. No problem when not sandboxed. My sandboxes either auto-delete or, as run on a memory drive, clear when my pc is shutdown.

    I've tried various sandbox types inc setting up default new ones, and version 1 and 2 virtualisation schemes (whatever that means). Refreshing the page will make it load.

    My sandboxes have remained essentially unchanged for many, many, SB iterations.
     
  21. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Adding disable time to it would be of help in some scenarios. What do you think?
    Something like this?
    Code:
    DisableForceRules=10   > number of seconds the setting will be active 'y' then automatically will switch back to 'n'
    DisableForceRules=y   > when permanently active
    DisableForceRules=n  > when permanently inactive
    
    When I disable force rules to update FF portable for example, sometimes I forget to deactivate it when I relaunch FF portable.
     
    Last edited: Apr 28, 2023
  22. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Sandboxies driver does nto maintain permanent per box state information which is a bit of a bad design, but simplifies fings quite a bit, so its not trivial to add a function to re enable forced rules after x seconds, also the driver never writes to the ini that's the services job so chaning a setting back form the driver woudl also require new mechanism to be added.

    What would be trivial would be to make sandman do it but than it would be only reliable as long as sandman runs.
     
  23. busy

    busy Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    413
    @pb1
    1. Close programs running in all sandboxes.
    2. Sandboxie Plus > Sandbox > Maintenance > Stop All
    3. Sandboxie Plus > Sandbox > Exit
    4. Backup your Sandboxie config files
      Code:
      C:\Windows\Sandboxie.ini
      %LocalAppData%\Sandboxie-Plus\Sandboxie-Plus.ini
      
    5. Uninstall Sandboxie (select remove configs too)
    6. Restart your computer
    7. Install the lastest version
    8. Restart your computer again (2)
    9. Check the context menu.

    @henryg1

    Can you verify if the problem is caused by the latest version by trying previous versions?
     
  24. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    I can live with that :) So you say yes or no?
     
  25. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
    I have followed your guide 5-6 times, no change. No context item.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.