Sandboxie setup

Discussion in 'sandboxing & virtualization' started by Boost, Feb 3, 2009.

Thread Status:
Not open for further replies.
  1. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Whats the most effective way to set it up protection-wise thanks!
     
  2. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    It depends on what you want.
    Just do a search, there a lots of topics about configuring SBIE.
     
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I'll give you one example. I use separate sandboxes for browsers and for Outlook.

    In my Firefox Sandbox, for example, I restrict Firefox, Foxit PDF Reader and Windows Media Player as the only apps that can run, and Firefox as the only app that can access the internet. I also block access to My Documents and my d: drive.

    Pete
     
  4. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
  5. Doodler

    Doodler Registered Member

    Joined:
    Dec 23, 2007
    Posts:
    219
    I don't think there's one best way. Your set-up should be tailored to your own particular needs and comfort level.
    Here's my set-up.
    1. Defaultbox: Used for "normal" browsing. The only change I made from the default settings is to block access to My Documents.
    2. Securebox: Used for browsing in choppy waters or banking. IE is the only program that can access the internet. Start/Run is restricted to IE, Adobe, and Java. Drop Rights is activated. Access blocked to My Documents.
    3. ForcedFoldersbox: I have my flash drives, cd and dvd drives, and backup drive identified in Forced folders so any program that runs from these sources does so sandboxed. That's the sole purpose of this sandbox. (Easy to temporarily disable by right-clicking the Sandboxie tray icon.) No internet access allowed. Drop Rights is activated. Access blocked to My Documents.
    4. Testbox1, 2, 3 etc: I have several of these used to store programs that I'm testing. No internet access, Drop Rights activated, Access blocked to My Documents.
    Secure delete set up for all sandboxes.
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I set mine like this.
    1.Invocation,Auto Delete contens when Sandboxie becomes inactive.
    2.Forced folders E drive-Cd/DVD run sanboxie
    3.Forced programs,Thunderbird email.
    4.Internet Access,Opera web browser and thunderbird mail.
    5.Start/run access opera,thunderbird mail,windows media player.
    6.Drop my rights.
    7.File Acess,Block to documents.
     
  7. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    I dont let sandboxie to write anywhere, only let it read
     
  8. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Only read only is not the best of choices,for example Opera and mailreaders need OpenFilePath in order to function properly ( bookmarks,mailboxes etc.).
     
  9. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i guess, but i only use sandboxie for risky surfing so i dont need bookmarks or any writing, if i download something i just recover it, and it seems to work fine with FF and Iron browsers.
     
  10. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    I thought that everything outside or the sandbox was allready blocked by Default?

    Can someone confrim this?
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    No. For example you are in your browser and want to upload a file. Those area's aren't blocked by default, but you can block them. Downside is if I want to upload something, I have to move it to the desktop.

    Pete
     
  12. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Write access is blocked by default - a ClosedFilePath also blocks Read access. An OpenFilePath opens Write access.
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Greetings Pete

    Is there a limit to how many single sandboxes Sandboxie is able to safely make for users?

    Thank You

    EASTER
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Hi Easter

    Don't know for sure. I use 5. One for each of my 3 browsers, one for Outlook, and the default box for testing stuff that I don't want to reach the internet.

    Pete
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Thanks Pete

    Probably a question better posed to it's developer then, wouldn't you agree? 5 boxes is good though!!!

    EASTER
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I would just post the question on the Sandboxie forum.

    But I agree 5 is pretty adequate.
     
  17. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    well I have about 7 and have no problems.

    1 for each of my 3 browsers.
    1 for msn messenger
    1 for vlc movies
    1 for jpg images
    1 for warcraft3

    Thats about all most people would need really. I sandbox movies and image files incase they have viruses attached to them. I also extract downloaded zip files in a sandbox as well.
     
Loading...
Thread Status:
Not open for further replies.