Sandboxie Triggers User-Account-Control Requests

Discussion in 'Sandboxie (SBIE Open Source) Plus & Classic' started by jclarkw, Jun 18, 2020.

  1. jclarkw

    jclarkw Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    103
    Location:
    USA
    Recently (last few weeks) I'm occasionally getting UAC requests when I open a browser with a pre-configured shortcut into its own sandbox. Sometimes this even happens when I close the program (thereby emptying its sandbox but not deleting it). What I see is a request to provide administrator credentials for the action by Sandboxie to the open (or close). [I'll try to take a screen shot next time I see it -- not sure how that works out with UAC...] The result, however, doesn't seem to depend on whether I do or don't -- the action is apparently completed anyhow. If I restart Windows, I can open the same browser without comment at least once, but eventually this happens again. The only other program besides Chrome and Firefox (default box) that I have set up this way is Outlook 2019, but I've never seen it there.

    I had never seen this before the last few weeks -- something has changed, but I've no idea what to look for.

    Details:

    Windows 10 Pro 64-bit with latest Windows updates.
    Running in a Standard User account (my habit when not performing intrinsically administrator tasks).
    Sandboxie 5.33.1 64-bit (haven't updated to 5.33.3 because the change seemed very minor; checking for updates always tells me there aren't any).
    Chrome is the usual culprit, though I'm pretty sure I've seen this with Firefox too.

    Anybody else seen this? Any suggestions? -- jclarkw
     
    Last edited: Jun 18, 2020
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,195
    Location:
    Nicaragua
  3. jclarkw

    jclarkw Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    103
    Location:
    USA
    Bo -- I don't think so, unless I'm misunderstanding you. Perhaps I wasn't clear. I'm not installing anything within a sandbox. A few steps were involved:

    1) I had previously (several months ago) set up a separate sandbox specifically for Chrome (there's also one for Outlook) so that I could run Firefox (in the Default box), Outlook, and Chrome simultaneously in their own sandboxes.

    2) I then set up shortcuts to start Outlook and Chrome in their respective sandboxes. (For Firefox I just use the automatic one for the Default box, of course.)

    3) I've been opening these three programs as needed without anything untoward ever since until a few weeks ago. (Opening Chrome has always thrown SBIE2327 errors, but that's another issue that I've been ignoring.) Now when I start Chrome (through this shortcut into its own sandbox), I occasionally get this unexpected UAC warning that I really must screen-capture and post here next time it happens -- jclarkw
     
  4. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,444
    Location:
    Viena
    I will just widely speculate, but probably chrome want's to force an update on you and needs admin privileges for that.
     
  5. jclarkw

    jclarkw Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    103
    Location:
    USA
    David -- Thanks very much! I believe you are correct for the following reasons:

    Although "Print Screen" doesn't work when the UAC has control, the message says, "Do you want to allow this app to make changes to your device?
    Sandboxie Start"

    I've attached a screen shot of what happens when I start Chrome in the sandbox and then click Menu/Help/About. It is indeed complaining about failure to update. So I think I've learned that, whenever I see that UAC alert after opening Chrome, I should open it outside the sandbox long enough to allow the update. (Perhaps there's an easier way involving the sandbox settings, but my alternative is easy enough.)

    Good speculation! -- jclarkw
     

    Attached Files:

  6. jclarkw

    jclarkw Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    103
    Location:
    USA
    I never got around to attaching an image of the UAC message for this case, so here's one now (forced by going to Help/About Google Chrome inside the sandbox with in Sandboxie 5.43.6 and after several Windows updates but still using W10Pro 1909).
    Sandboxie Chrome-Update UAC Msg Reduced.jpg
    Note that this message (which I think we now understand) is not identical to that posted at https://www.wilderssecurity.com/threads/sandboxie-plus-sbie-fork.427755/page-16#post-2941335 for an apparently different kind of UAC problem that has never fully explained to my knowledge.

    An interesting question here is why Windows always reports Start.exe as the culprit, even though it manifestly is not. Survivor recently suggested to me privately, "Start.exe doesn't trigger the message for UAC, it is the program you start with start.exe. So if you use a setup which is using Admin, UAC will come up for START.EXE, however it is, due to the demand of admin for the program you try to run in the sandbox."

    Any thoughts about that earlier UAC message referenced above? I eventually got rid of the problem with a Windows restart, but it recurred after some time. At this point I have not seen in a while, perhaps because I'm now running a newer version of Sandboxie or because of some Windows update? -- jclarkw
     
    Last edited: Nov 29, 2020
  7. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    144
    Location:
    Land of Oz
    Just realized this was another thread ;)
    The explanation of David, would exactly concur to what I mentioned. Start.exe needs to ask for admin right, if the about, which is similar in FF, checks and wants to apply updates. However FF is asking if you want to do and it does't need admin rights. The standard FF even installs in the profile instead of Program Files. Suppose this is because usualy users have full rights in their profile.
    Now Chrome might not be polite asking but direct triggering the update and if that is done with the request of admin rights the updated will be triggering the start.exe to ask for admin rights.
    At least this would make sense for me. On the other hand if no update is needed it will not trigger it, which might explain the occasional UAC.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.