sandboxie

Discussion in 'sandboxing & virtualization' started by Long View, Dec 11, 2007.

Thread Status:
Not open for further replies.
  1. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I would like to use sandboxie but have come across a couple of problems:

    using Firefox with add ons - no scripts, cslite I can not see how Firefox can both work within sandboxie and allow changes to no scripts and cslite. It appears that to make changes permanent I would have to come out of the sandboxed FF and go in again to the normal FF and make the changes ? is there an easier way ?
     
  2. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    I just tried it. Went to a site with in Sandboxie, No Script popped up and I allowed the page. Closed Firefox. Opened Firefox again in sandboxie and went back to the same site and there was no pop up from No Script.

    Weird, tried it again twice and now it's not remembering it.
     
  3. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Found this over at Sandboxie forums.

    -----------------------

    The only extensions that I would recommend allowing access to the real system are those that auto-update regularly. On my system I allow AdblockPlus to update. I also allow access to the firefox prefs.js file. Now this is not ideal for most, but the NoScript extension writes changes to this file and I use it all the time, so closing that off is really annoying.

    ------------------------

    You can follow the instructions in other posts, to add Direct File Access for Firefox to these files, and it will work just fine.
    You can also make good use of Sandboxie's wild card character to shorten the process considerably, when it comes to specifying access to specific files. For example, using the Sandboxie V 3.20 GUI:

    Open the Main Window by double-clicking the tray icon.
    Right-click the sandbox and choose Sandbox Settings.
    Open Resource Access > File Access > Direct Access

    In the box "The list above applies to" click the drop-down arrow and select firefox.exe from the list.
    If firefox.exe is not listed, close the drop-down list and type
    firefox.exe
    in the box, but do not press Enter

    Here's where the wild card character can be of use:
    Click the "Edit" button (don't have anything selected in the large box!)

    Type in the box
    *\bookmark*
    and click OK

    That line will allow firefox.exe direct access to the bookmarks file, and the backup copies of the bookmarks that Firefox makes, no matter where the profile is located.

    For history, use the "Edit" button to enter
    *\history.dat

    For adblock patterns
    *\patterns*

    For the personal spelling dictionary
    *\persdict.dat

    For cookies:
    *\cookies.txt


    ----------------------------

    I'm not sure what file to add to Sandboxie's configuration to allow No Script to write changes permanently but have asked a question in the No Script forum. I'll post back when he replies.

    JJ
     
    Last edited: Dec 11, 2007
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    It is possible to allow direct access to parts of FF but I usually update outside the sandbox.

    The sandbox has to be deleted and FF resandboxed to reflect the changes/updates.
    More info

    Edit:
    Joliet beat me to it.
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    For NoScript, iirc, it would be *\prefs.js
     
  6. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    I allow Direct File Access myself mainly because of NoScript, CookieSafe, and Firefox remembering passwords.
     
  7. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Thanks everyone - a lot more complicated than it first appeared. Looks like the idea is to keep as much in the box as possible ? I can't see it being practical to use No scripts, cslite and possibly other add ons unless they are excluded.

    I'm certain I don't fully understand this ? could the whole Fire fox profile be excluded ? and if so would that make any sense or be too risky ?
     
Loading...
Thread Status:
Not open for further replies.