Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by bo elam, Apr 22, 2020.
OK, let's stop the discussion because the thread will remain open.
I was waiting for Tom's Sandboxie fork but it seems nothing's happening with it. Even the https://www.sandboxie.com/ now points to David's Sandboxie Plus site. I will definetely look into the David's build when I have some more time and I'm very happy that he took Sandboxie developement seriously and is even keeping up the Classic version.
But for now I have just one question, as I haven't been following the Sandboxie story too closely for the last couple of months. I have Sophos' SBIE 5.33.3 build (which is supposed to be about the same as the 5.33.6, if I recall correctly). I'm still on Windows 10 Pro version 1909. If I update to the October 2020 Update (20H2), will Sandboxie 5.33.3 still work well? I think I've read about some problems a couple of months ago but can't remember exactly what was it.
No it will not, the last sophos build does not handle the NtContinueEx sys call correctly, resulting in various applications nto working and the driver getting blocked such that to uninstall it a reboot is required.
Also you will be missing many critical security fixes:
## [0.5.4d / 5.46.3] - 2021-01-11
- FIXED: the registry isolation could be bypassed, present since Windows 10 Creators Update
## [0.5.4 / 5.46.0] - 2021-01-06
- FIXED: Sandboxie now strips particularly problematic privileges from sandboxed system tokens
-- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok)
- FIXED: added print spooler filter to prevent printers from being set up outside the sandbox
- FIXED: processes could spawn processes outside the sandbox (thanks Diversenok)
- FIXED: bug in the dynamic IPC port handling allowed to bypass IPC isolation
- FIXED: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok)
-- this allowed some system options to be changed
## [0.3 / 5.42] - 2020-07-04
- FIXED: fixed permission issues with sandboxed system processes
- FIXED: fixed missing SCM access check for sandboxed services (thanks Diversenok)
## [0.2 / 5.41.0] - 2020-06-08
- FIXED: sandboxed processes could obtain a write handle on non sandboxed processes (thanks Diversenok)
-- this allowed to inject code in non sandboxed processes
If you like to keep using the old Sandboxie when you update to W10 20H2, you should update to version 5.33.6. Version 5.33.6 was developed by Curt, and works well in 20H2. FWIW, I am going to keep using it for as long as it continuous to work well. For me, there is no reason to move. Why?
Because I want stability, and that's what I have with version 5.33.6. I am happy David is developing SBIE but I am not happy reading about the bugs that are being introduced into SBIE, bugs that come along with the barrage of unnecessary changes that are being put in the software.
Also, I have a feeling that 5.33.6 will continue working beyond 20H2.
Read here so anyone who comes to this threads is clear. Sandboxie version 5.33.6 works well in W10 20H2, and without bugs. The only exception being what you heard a couple of months ago (the need for a workaround to open Chromium Edge in a sandbox).
David this is not so, I haven't experienced anything like that. FWIW, I am always using Sandboxie. The only time I am not using SBIE is when the computer is idle or I am doing updates and Sandboxie 5.33.6 gives me no complains whatsoever in W10 20H2. I dont have to tip toe my way around. This software works, as its supposed to.
You haven't. Doesn't mean others haven't too.
I am also running SB version 5.33.6 in W 10 20H2 64bit with browsers FF 85.0.1 my primary and Edge on occasion and both run flawlessly in 5.33.6. That is not to say others may have problems and might have to choose other SB versions. Also I agree with JR, do not close this thread. Post in the other threads but leave this one be.
That is true, but David's reply was pretty hard on 5.33.6, stating that this version doesn't work in W10 20H2, and that is just not so, at all.
The purpose for my reply was so people coming to this thread know that SBIE 5.33.6 is working great. To be clear cut on this is why I said that the only time I am not using SBE is when the computer is idle or doing updates. That means, whenever I open a program or file, it don't matter which program or file, if its gonna run, it runs sandboxed under 5.33.6. It runs without problem as it always has, no messages or anything. 5.33.6 is working pretty much as it did the day it was released. Not much better than that can it get.
Davids builds are great and for me working much better than Sophos builds by far. Besides @DavidXanatos needs more people using them so he gets feedback which could benefit all the sbie user base. I encourage to anyone to start using his latest build. Working great so far. If someone encounters a bug or incompatibility please report and go back to a Sophos build meanwhile.
Ahh! Smooth smooth browsing the Internet with them!!!
Then try this line messager about which I got an issue: https://github.com/sandboxie-plus/Sandboxie/issues/228
it works fine on 1909 but fails to start on 20H2 it just hands on start.
The issue is cause by it using a trick to find out if its being ran under a debugger.
Its quite simple really, it throws an exception, catches it and than resumes the thread, this is done using NtContinue on 1909 and before, while on 2004 and later there is a new sys call NtContinueEx, which is not handled correctly.
So applications that use any sort of advanced error handling may run into problems on win 10 2004 and later builds.
Bo, I appreciate all the extremely useful information and help that we always get from you (and always written in a clear, understandable way ). But concerning your loyalty with the last Sophos version, I have to disagree with you. And as there seem to be still other users who tend to remain with the Sophos build, I think that it is good to express as a sort of "warning" my dissent with your philosophy.
Essentially your philosophy (concerning Sandboxie) is: "Never change a running system". I also often sympathize with this principle - but not when security matters are playing a role!
And this is here the case, as David explained:
Stability and working well is not identical with security! Do you stay also with old versions e.g. of Windows or of your browser only because they work fine? I think no. I assume that you make all security updates.
I can tell you by my own experience that at least David's Sandboxie Classic (I have no experience with Sandboxie Plus) offers stability. The (relatively) biggest "issue" was the one with the drivers but this is fixed in the meantime.
O.k. - you can object that I use Sandboxie more or less only for browsing wheras you use it in a much more extensive way. But in case that there should occur some instability or bug, you know that David is here and that he strives to fix any problem either reported by other users or discovered by himself.
And "unnecessary changes" surely do not happen in the classical build. New features are added in the Plus build. With the classical version you have the pleasant situation that you can use Sandboxie as it was during the Sophos times (respectively even earlier) - but additionally with all security fixes.
What could you expect more? I see absolutely no reason to stay with an old, unsecure version.
One thing to remember about bo elam, is while he's an extremely helpful person, he's no coder, or has any coding experience, he's just a end user who knows what's on the surface of Sandboxie, all the technical aspects of any of it to him are completely unknown, so take what he says with a grain of salt.
David said "last sophos build does not handle the NtContinueEx sys call correctly".
bo elam, can you tell me what this is?
Sbie users should be looking forward not back IMO. I, for one, am so grateful that there is a future.
David's Classic seems super stable on my systems, and while i have switched to Pro it is only to keep up with any progress; and I can always call up Classic if I feel the need.
And Bo, this is not intended to criticise you. I have always valued your help and advice, but I do feel that Sandboxie users should to move on (where possible).
To all that are speculating on using outdated builds indefinitely:
A recent windows insider build 21286 changed some offsets in the PETHREAD structure making it entirely incompatible with Sbie builds prior to 0.6.0 / 5.46.5
Now MSFT may roll that change back, before final release, but I would not count on it, if it made its way to a public test build it probably will stay in for the broad roll out.
I don't use the Sophos version but I understand Bo's wariness. Like most of the posters on this forum he's an enthusiast not a coder. I don't think anyone is in any doubt about that and he's never tried to suggest otherwise. I'm therefore not sure the reason for the enquiry but hey ho.
Anyway, the reason for my particular wariness is precisely because I'm not a coder and have no idea whether some of the internal changes made are positive or not. The addition of RpcMgmtSetComTimeout=n t the ini to allow some apps to work for example. I think by David's own admission there are likely more granular solutions. So is that opening holes to make apps work? I've no idea. You'd be right to say I wouldn't have known with Sophos changes either but I would have had some previous comfort and trust in the development team and a track record to fall back on.
Most significantly for me the Plus versions have lacked a bit of quality control with seemingly cosmetic or minor issues to the developer causing some hassles for users. I'm just one of those people who think these things should be right before moving into production versions. My issues I now believe were caused by flip-flopping between versions of plus and Classic. For info Classic runs fine after rolling back to a pre-Plus install snap-shot and starting again.
I'm not soliciting OT (for this thread) answers to those points just putting across an opinion on why there are legitimate reasons some may stick to the Sophos version for now and noting I understand that.
At any rate David is for now the only show in town and as many (including Bo) have already noted we're all extremely grateful for him keeping things going. For me it s his baby now. He can do what he wants with it. It is also a users right to dislike that direction and stick with a pre-DX version while it works for them, security fixes or not.
As noted there may be no choice in the matter at some point anyway as the OS and/or the sandboxed apps will introduce incompatibilities with the Sophos version soon enough. SBIE's history has taught us that already. The need to constantly firefight that is likely why Tzuk moved the product onto a company with the resources to manage that. I wish David all the best with that and hope his pool of contributors grows to help with it.
RpcMgmtSetComTimeout has no impact on security eider way.
@Peter 123 @Special
I replied to David only because he said Version 5.33.6 does not work in W10 20H2. Sorry guys but I had to clarify that statement. Sandboxie users deserve to know the truth, and the truth is that 5.33.6 works great in 20H2.
At no time I have campaigned against using David's builds and even have said that I support him. But now with your criticism and pushing you are making me have to open up about my hesitation in using his builds and what turns me off in his builds. This is something I haven't want to do but you are pushing and poking.
Read Elwe Singollo's post. What he wrote is how I feel. What else can I add is little but here it goes. I am not a User interface guy, but I can't stand the colors that have been added to Sandboxie, Sandboxie doesn't look like a serious program anymore. It looks more like a toy for 5 year's old (Sorry guys but you are asking me to open up a bit). And changing the names or labels that have been used for settings since the beginning of SBIE, Why? Why do this? It makes no sense. I mean, if you are going to change, change what's worth changing and dont make changes just for the sake of making changes and put your mark on the product. Dont forget, this changes bring bugs. The more things change, the greater the chances for more bugs to popup. And David is alone. Tzuk couldnt handle Sandboxie alone after a while, is David going to be able to? His chances (and SBIE's) for longevity and success would be better if he maintained and made some changes but not changing SBIE at the pace he is carrying on right now. It is impossible. In the end, for me personally, as long as SBIE 5.33.6 works great in W10 and it has my confidence, I will not move.
What are you talking about? Sandboxie 5.46.x looks the same than tzuk's releases. Exactly the same.
@bo_elam: There are two different aspects we have to distinguish:
1. (the most important one): Security.
And David's build is obviously more secure than the Sophos build.
I say "obviously" because as a complete amateur I have to rely on what the experts say. And expert No. 1 at the moment is David himself. If he says that he made various security fixes (compared with the Sophos build) I trust him.
Could anyone show (or at least give indications) that David's builds possibly caused new security risks? As far as I know: No.
2. New features (plus possible bugs or instability) and various matters of taste (like colors, names etc.):
Even if you give such things priority over security (what you should not do): By staying with David's classic build this aspect is no problem: no additional features, no changes in the user interface etc.etc. (I just see that Buster_BSA already mentioned the same in his comment above.)
And reading Elwe Singollo's post I got the impression that his objections also refer primarily to the Plus version and not to the classic one:
What is obvious to you, is not necessarily obvious to everyone else. You are assuming David's builds are more secure than the last build developed by a professional (Curt) because they have security enhancements that have been integrated into his builds.
I don't think it is that clear cut. Let me explain.
The changes in the UI are causing many issues and bugs. We agree on that, right? This happens for 2 reasons I can think of. One, too many changes. Huge amount of changes that are unnecessary. And two, coding. You and I , Special and most of us here are amateurs. We don't code, but we ought know that changes in programs are done by changing the code here and there. Good clean code gives nice results. Dirty code gives bugs and issues, and open holes.
I take no pleasure in saying this, but David's coding in the UI could be a lot better, that's what I gather by the results and what users are telling in their posts.. So, if you are going to assume how good or bad the changes related to security that he has implemented under the hood are, you better base your assumption on what we know. And since we are not professional, all we know is his work in the UI. Putting it in another way. ask yourself, is his work under the hood as good or better than what has been done to the UI?
Again, I wish I was not forced into having to write this things (I would be very pleased if all posts since 856 were deleted). FWIW Pete. I trust the security in 5.33.6. Does it have holes? I am sure it does. Has Sandboxie always had holes? Yes, I am sure this is so. Am I afraid because of the problem discovered by Driver? No. Should I be concerned? The chances of getting hurt are so little, that the answer to that is also a No.
Myself, I truly love SandBoxie......
You would be a fool to leave home
But it is your choice.....
Yeey, agree on all that....
Also, you can call me fanboy of SandBoxie......
I will just laugh.......
This would truly make my day......
I agree with a lot of this too, as much as I love David, he helped me with a problem I had in PM's, so a big shout out for that! His heart is right place with this project for sure, and well, just a super chill dude to talk to and I'm happy to be a patreon of his, but he needs to seriously slow down with releases and new features, I've honestly had to deal with so much jank and new issues/regressions when updating to a newer build it's really quite disheartening at this point really, I wish he played it more conservative.
I guess some of this comes from that fact the old Sandboxie was a payed/commercial thing that businesses and customers used, etc. and with that you do not want to ever cause inconveniences for them, like all of a sudden "browsers" not working. But now with Open Source it seems to be a things left in a dust, it's always "fixed in next build", "Hotfix 1", "Hotfix 2"...
I feel like David needs to get some priorities straight and consider what is most important to Sandboxie, if you keep chasing literally every software incompatibly issue under the sun that's being reported, then try and make it work, you're just opening more and more holes and/or putting more and more band-aid fixes on unnecessary things. For example old Sandboxie never prioritized "video games" over something like one of the major browsers. But then I see posts on GitHub saying "Help my Repack GameX don't work!" "Ask FitGirl ", Unity this, Steam that, etc. again this is just disheartening to see how chasing "Piracy stuff" is now weakening my Sandboxie no doubt with "extra exceptions" to make these things work.
I also always remember this post made by Tom, who basically told David his way was wrong, I wonder how many other examples of this sort there would be pointed out if Tom or Curt was around helping/guiding him? The most obvious, and quickest solution isn't always the correct one David .
No reason at all, Bo, to regret or to delete anything. It is always important to hear critics and objections (not only concerning Sandboxie, but in general). Now you started to present specific arguments why you prefer the Sophos build. And this is by far more helpful than a diplomatic but misleading "I will stay with the Sophos version because it works fine." I cannot judge if your arguments are well-founded or not (finally David himself would have to comment on them). But I understand now much better your point of view.
The same applies to the objections stated by Special in his last post.
And for "conservative" users of Sandboxie (like me) it would be of interest to learn if Bo's and Special's critical remarks (= possible opening of new security holes by exceptions, new features etc.) could affect only the Plus version or also the Classic version. At least for me this is not really clear.
Separate names with a comma.