Sandboxie Settings

Discussion in 'sandboxing & virtualization' started by MikeNAS, Feb 6, 2008.

Thread Status:
Not open for further replies.
  1. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Hello!

    I'm trying to build as secure as possible settings to run only single program in Sandboxie. I have done these already and I want some comments. I have also couple of questions.

    Settings (Opera)

    Appearance:
    Show sandbox name in window title

    Recovery:
    Quick Recovery -
    Immediate Recovery -

    Delete:
    Invocation - Automatically delete contents of sandbox
    Command - "c:\Program Files\Eraser\eraserl.exe" -folder "%SANDBOX%" -subfolders -method Gutmann -results -queue

    File Migration:
    51200

    Forced Folders:
    -

    Forced Programs:
    opera.exe

    Lingering Programs:
    -

    Resource Access:
    Internet Access - opera.exe
    File Access - Direct Access - , All Programs
    File Access - Full Access - , All Programs
    !!!File Access - Blocked Access - D: E: ( All Except System Drive C: ), All Programs
    File Access - Read-Only Access - , All Programs
    Registry Access - Direct Access - , All Programs
    Registry Access - Blocked Access - , All Programs
    Registry Access - Read-Only Access - HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG ( All Registry Locations ), All Programs
    !!!IPC Access - Direct Access - , All Programs
    !!!IPC Access - Blocked Access - , All Programs
    Window Access - , All Programs
    Low-Level Access -

    Applications:
    Web Browser -
    Email Reader -

    - = all disabled.

    So now some questions (I have set !!! in those settings):

    1. Is there any way to disable ALL File Access? I can't add drive where opera.exe is. I haven't tried to add all folders and files except Opera folder because that is quite slow process. Any other ideas?

    2. What is IPC Access?

    3. In this thread https://www.wilderssecurity.com/showthread.php?t=196864 I found this:

    How I can set that kind of settings?

    4. I open ini file and see these:

    ClosedFilePath=!opera.exe,\Device\RawIp
    ClosedFilePath=!opera.exe,\Device\Ip*
    ClosedFilePath=!opera.exe,\Device\Tcp*
    ClosedFilePath=!opera.exe,\Device\Afd*

    Are those this one, Internet Access - opera.exe?

    -MikeNAS

    EDIT: I posted this on Sandboxie forums too.
     
    Last edited: Feb 7, 2008
  2. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    interesting..got any reply from them?
     
  3. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    1. I don't know the easy way.

    2. I found that on manual.

    3. ClosedIpcPath=!opera.exe,* <- Only Opera can run.

    4. Yes those are Internet Access rules.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.