Sandboxie Questions (I hope I'm welcome here)

Discussion in 'sandboxing & virtualization' started by Fizbin, Feb 28, 2011.

Thread Status:
Not open for further replies.
  1. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    5
    First off, I'm glad to have found a thriving alternative forum, for Sandboxie, since I asked some friendly questions on the Sandboxie forum and not only were they deleted but tzuk deleted my account, as well. (A warning over there...Be sure you show some love of Sandboxie before you ask questions, otherwise you're accused of making trouble).

    Anyway, regarding the Applications/Web browser exclusions...It does say there is a trade off for a small measure of security and privacy. I was wondering if it's generally accepted to use these exclusions or not. I find this feature very useful because I still sometimes use unsandboxed Chrome but the bookmarks and other settings that I setup in sandboxed Chrome are lost, when I switch over to unsandboxed...If I don't check mark the boxes.

    Also, the other day I had two jpg files, showing in the quick recovery, that I had not downloaded but have been on my hard drive for many months. (I just installed Sandboxie the other day). I was wondering why that would happen. It's no harm done, I deleted all the contents (without recovering them) and the files were still in my folder.

    Thanks!
     
    Last edited: Feb 28, 2011
  2. sbseven

    sbseven Registered Member

    Joined:
    Jan 30, 2011
    Posts:
    140
    I'll answer your question in the slightly wider context of usability/security/privacy.

    Sandboxie can be configured in a number of ways. You can set up direct access entries and auto-delete the rest at the end of the session. You can be prompted for file recovery at the end of the session (or even immediately). You can leave of sandbox intact between sessions and just flush it occasionally after manually recovering a couple of files. You can even install the whole browser in the sandbox and flush it occasionally after manually recovering your bookmarks maybe? Each method has its own set of trade-offs between usability/privacy/security.

    My acceptable trade-off? I've set up direct access for my bookmarks (and history) file on Firefox and I have one direct access download directory*. I don't have any directories set for recovery (so I'm not bothered with a popup at the end of each session) and just silently auto-delete the sandbox on exit. For browser configuration changes / software updates / add-on management, I do that outside the sandbox. My browser is also blocked from seeing any of my data directories.

    * I have an anti-execution policy on that directory (amongst others).

    Why do you use your browser to surf outside of the sandbox sometimes?

    That sounds strange unless the sandboxed program attempted to change those files.
     
  3. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    5
    The reason I sometimes use Chrome unsandboxed is because of a program that I use to watch ebay auctions, rather than using their own system. This program is old and unsupported now and I'm unable to run it sandboxed. (It doesn't update information properly sandboxed). So when I click on the links in this program, it opens a unsandboxed Chrome window. Since it's ebay only, I'm not concerned about viruses. Anyway, I think I'm going to stop using it soon anyway and then I can ditch most or all of those exclusions I have set.

    Yeah I don't know what was up with those two files. I didn't do anything with them, like put them in a sandboxed folder, from a non sandboxed. I'll just keep an eye out for that happening again.

    Anyway thanks for answering my questions!
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Those exclusions are more secure than they appear, because only the browser's process can access those folders.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Using the bookmarks exclusion, its a huge amount of convenience for
    nothing lost in security. The trade off makes it worth it. Its the only
    exclusion I use.

    Bo
     
  6. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    5
    This is good to know! Thanks for your responses!
     
  7. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    For saving bookmarks I do this trick. When I find a bookmark I want, I save it to a backup. It will ask to save the backup. Sandboxie will ask to recover the file. I then start the browser unsandboxed and restore the backup. Fairly easy and no loop holes in security
     
  8. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    There are a couple of methods that I use to save "secure" bookmarks. One of them involves special software so I will ignore that one and discuss another that I sometimes use since no special software is required other than an Office suite which everyone probably already has.

    If you don't do tons of bookmarking and don't mind taking the time, this will work. When inside of Sandboxie using Firefox, if I come upon a site that I want to bookmark, I can simply highlight the address bar, F6, and copy it. Then go over to MS Word or Excel, which I have up on another monitor unsandboxed, and paste. When I am done with my surfing session and I completely wipe out the Sandbox, I then bring Firefox back up again unsandboxed. My homepage is about:blank so I don't go anywhere, plus I always kill my Internet connection by either turning off my modem or using my Firewall, or both. I then take the address that I saved in either Word or Excel and manually create a bookmark which Firefox will let you do without having to go to the site. Some work involved but almost kind of fun; this method would probably grow tiresome rather quickly if you do tons of bookmarking.

    Acadia
     
    Last edited: Mar 3, 2011
  9. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    5
    So some of you (last two posters) are concerned with the security, using exclusions. Interesting...
     
  10. sbseven

    sbseven Registered Member

    Joined:
    Jan 30, 2011
    Posts:
    140
    For Firefox, it means you've granted firefox.exe direct access to one file places.sqlite which contains bookmarks and history. So, theoretically you've allowed malware running within the firefox.exe PID (either a rogue add-on or website malware exploiting Firefox itself) potential access to that file, to presumably tamper with the contents. So, theroetically, your bookmarks could get corrupted, deleted or redirected. If redirected, you could theoretically end up at a malware delivering site and receive a drive-by payload and get "infected" (Sandboxie will contain, of course) or you could theoretically get redirected via a bookmark to a phishing/spoofing site and get your details stolen.

    You judge how likely that is to happen to you and balance the convenience v. security sides and make a decision. I use a different browser for my "sensitive" stuff (including webmail) anyway, so I allow Firefox access to my general surfing bookmarks for my convenience.
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Intriguing theory. Unlikely though, especially if you have other layers of security.
     
Loading...
Thread Status:
Not open for further replies.