Sandboxie recovery/safety question

Discussion in 'sandboxing & virtualization' started by Palancar, Jun 16, 2013.

Thread Status:
Not open for further replies.
  1. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    I wanted to ask you guys what you thought about how I have configured Sandboxie. I am testing this configuration and wondered if I am missing something. This isn't Rocket science but I have only been using Sandboxie for a couple of weeks having left another sandbox product.

    I have many multiple sandboxes and I am questioning the ones where I want to fully delete contents upon closing my browser session. In order to avoid recovering/saving something by accident I have setup the following plan: I removed the default folders from the quick recovery box and replaced them with a folder I'll call "Keep" on the desktop. My sandboxes are set to delete contents automatically. When I am browsing if I want to actually save something I click download and then select "Keep" as the location. Now when I close the browser it will pop up and ask me if I want to recover etc.... By using this folder Sandboxie never questions me at all unless I have intentionally saved something to "Keep". This is working slick and I never see anything get into my system at all. Firefox is locked to Sandboxie only.

    This approach sure seems to be bullet proof. Am I missing something or have I overlooked anything by using this one folder as my "holding pen" for potential files for the actual system?
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Hi Palancar, I am also using one folder for my downloads. If you are using the registered version, you can make it a Forced folder. In my case, I created a sandbox for that purpose. I call it Downloads and is restricted, forbidding all program to have internet access and only certain programs are allowed to run. I usually keep files in there for a while and later, either I delete the file or move it somewhere else.

    Bo
     
  3. Krysis

    Krysis Registered Member

    Joined:
    Dec 28, 2012
    Posts:
    366
    Location:
    DownUnder
    I do same as Bo – I use my 'Downloads' folder for everything\anything downloaded from the net.
    Before I move stuff out of the folder into my 'real' system – I scan it with MBAM\Hitman Pro as added security. (I don't use an AV)
    Cheers! :thumb:
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    Thanks guys.

    Bo and Krysis,

    Are you saying that you created a separate folder and placed it in a special sandbox of its own? Then when you intentionally download something to keep, it goes "forced" into that sandbox (for your later review/approval to the real system)? If so I like that idea. I am on a fully paid version and now I am running the new 4.02, which is slick on 7 Pro.

    I may try this when I get home. Let me know if I misunderstood you guys. The additional sandbox would be another layer and a place for pointing AV specifically at files before cutting them loose in your system.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Hey Palancar, since you are using the paid version, it is a good idea to "Force" your Keep/Download folder to open sandboxed. You don't need to create a new folder, just use the one you are using now but create a new sandbox and name it "Keep". After you create the new sandbox, enable Forced folders in:

    Sandboxie Control>Sandbox>Keep>Sandbox settings>Program start>Forced folder.

    After you do that, in theory, all programs that run out of that folder, should run sandboxed. It works great (in my opinion).

    Bo
     
  6. Krysis

    Krysis Registered Member

    Joined:
    Dec 28, 2012
    Posts:
    366
    Location:
    DownUnder
    Hi Palancar! You got it right – and go with what Bo says.

    I use the Downloads folder (from my Appdata folder) purely for convenience, but it really doesn't matter what folder you use.
    I do use separate sandboxes for each sandboxed program – as this allows you to configure what you want to run (or restrict) in each sandbox - but again, it's not strictly necessary.
     
  7. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    :thumb: To get the most out Sandboxie, I do that as well.

    Bo
     
  8. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592


    Bo,

    A little head scratching here trying to visualize what is happening under the hood with SB. I love the idea of using the forced folder, which I already turned on with all my sandboxes. Thanks.

    I set mine differently than you but I can't see a difference in security. On mine I still use the specific KEEP folder, although that folder is now forced to run in a sandbox. When I save downloads to that folder it is sandboxed in the same box being used by my browser to download the files in question. Now when the browser/SB is closed the delete option pops up and asks for recovery, which is perfectly what I want to happen. If I haven't downloaded anything to KEEP it simply closes and clears the sandbox contents.

    So, my question is what extra security are you feeling you get with using a separate sandbox specifically for KEEP files? It seems that with either method the downloaded files are contained in a sandbox environment until the operator makes a recovery decision later.

    This paid version of SB has so many options and controls its really the "sky is the limit" on how many variations you can configure. Its fun to play with and so far I haven't seen one single item slip by this program.
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    By using a separate sandbox for my downloads, I can restrict programs from having access to the internet.

    Bo
     
    Last edited: Jun 18, 2013
Loading...
Thread Status:
Not open for further replies.