Sandboxie

Is there a way to get Sandboxie to force Internet Explorer and Outlook to run sandboxed?

Also, will my AV (AVG AM and SAS) be able to scan the contents of the sandbox?

Cheers

 

sure, click on tray icon, Sandbox, default box, sandbox settings,forced programs, then add by file or folder.

 

Yes you will need to pay the registration fee then follow trjam's instructions.

 

I thought you could force programs on the unregistered Sandboxie

 

only one. Why not frigging pay for it. Tzuk is a very nice guy, works hard to always make sure his software is as good as it needs. I mean this is one good story. Plus he is tired of eating Quaker Cheese Grits all the time.

 

I couldn't agree more.I paid for mine,Tzuk is very generous offering his program for free.I admire his devotion to a fantastic program.WTF is a chees grit

 

I registered so he could afford to supplement his grits with an occassional can of Spam.

 

Watch the film MY COUSIN VINNY and all will be revealed!!!

But you can read about them here if you can't wait. I've never tried them as i'm English and they're a Southern America breakfast dish. If any of our fellow Wilders members have ever tried them then please satisfy my curiosity and tell me what they taste like!

I'm a registered Sandboxie user so hopefully Tzuk will be able to put my registration fee towards a nice sirloin steak...

muf

 

In SandboxIE fully registered version, this topic has me puzzled ATM.

Where does and why "FORCE" ie browser or any other type of program mean exactly. Because it looks like if you want to single run any program you only need to use the added right click context menu to do so.

Is that considered forcing too?
I run IE sandboxed period but let suppose i didn't have that option enabled in it's menu, then so i would approach Program Files\Internet Explorer and choose to use the right click menu so it would spring up sandboxed.

Personally i've used like some of you SB ALERT PROGRAMS settings to notify when not sandboxed, and here again raises the "force into sandbox" concern.

Just what constitutes forcing any program into the sandbox on-the-fly? I dunno how or the why, but it is really nice to at will sandbox any app after it's already been lauched outside. Kool feature and useful to say the least.

 

Well I 'forced' a cookie monitoring app that i use to run sandboxed. When i originally installed it, it runs as normal in the system tray 'outside' of the sandbox. Therefore whenever i ran IE sandboxed my cookie monitoring app was not able to do any monitoring because it was monitoring the cookie folder on my real system. So by forcing it to run sandboxed whenever i booted up my pc my cookie app was already running inside sandboxie. Then when i go surfing my cookie app was functioning as it should.

That's one example of why that option was useful.

muf

 

If you were running an app outside the sandbox, and it made a call to an app you prefer to run sandboxed, then the Sandboxie software intercepts and runs it as sandboxed.

It's like the trusted and untrusted apps from things like Defense Wall. Then too, you might forget to sandbox something when you run it. Also, a visitor that sits down at your computer to access myspace or one of those type things won't likely right context initiate your software.

 

I put it on my daughters computer and created [default] sanboxied shortcuts easily from the sandboxie interface. I have myspace, yahoo messenger, Microsoft Messenger, etc. as an icon to click on and run inside the sandbox.
I just downloaded and installed it, and trying different things out at the moment. Wasn't too sure what was different about registered and unregistered version. Looks like you can add ANY program in the unregistered sandbox if you just look for it in the "shell" setup.

 

Thanks.

So with this SandboxIE on-the-fly tranporting at will any app into the sandbox, a user in session can avert consequences while even in the middle of something.

I too am learning more and more about the security features this latest version put in place, and all hats off to tzuk. Very attentitive to any suggestion that could place a user at risk and making proper adjustments accordingly.

 

I can get IE to be forced, but it wont add outloom to the list - very odd.

 

where it says add program by name, type in outlook.exe then press add.

 

cheers, that worked.

If I set it to run Outlook - will it mean that new diary appointments, contacts etc that I add will be lost when the sandbox empties? All I want it to do is protect me from any nasties that may be downloaded in am email.

I will probably set it up to cover my windows live shared folder, my shareaza download folder etc.

If I set it up to cover the CD drive - does this mean that anything i install from that drive will be lost once I empty the sandbox?

I purchased this some time back but never used it. I would like to start using it properly now.

all advice welcome as to how to use it to the full to protect my system.

Cheers.

 

To protect email don't forget NOD32 Anti Virus by ESET. Works exceptionally well.

 

Chris, for the best advice I would suggest you go here.

 

They have a flavour and texture very similar to polenta

 

I've eaten them (Grits) many times. Taste a lot like corn meal mush, only softer. It's a type of porridge... sort of. Some people eat it with beans, or butter or gravy, I like to pour milk and sugar on it and eat it like a hot cereal.

 

Some people that have eaten grits prefer they go into the sandbox as well. *grin*

 

How does one let the resident AV scan the contents of a Sandbox session?
For example, how can I actively use my AV (NOD32 2.7) when I am browsing with FF in a sandbox?

 

Well, I just openend up Sandboxie, choose Fire Fox to run, it did, now while running Fire Fox I went to: http://www.eicar.org/anti_virus_test_file.htm and tried to download one of their "TEST" signature viruses, and got a pop up. I'm not using NOD32 2.7, but it 'should' work the same. Try the link with the pound # sign at the top of both ends of your FF browser, and see if you also get a virus message "Eicar not virus". BTW, it is just a "looks like" virus, and not really anything but a test.
So with FF sandboxed, and trying to download a possible suspicious file, it showed that even in the sandbox the virus program still works. You don't have to re-configure anything.

 

Here at work we run AVG Free and AVG Free lets me download all those Eicar zipfiles in the sandbox without a pop up whatsoever. I get the 'Immediate Recovery' screen, that's it.
When I try the eicar.com files AVG does indeed come with a warning. Apparently it doesn't pre-scan Rar-archives.

So in conclusion, is it safe to say that AV's work inside the sandboxes (at least for non-packed files) without having to adjust any settings?

I will probably do only a bit of browsing in the sandboxes. Is there any need to adjust the 'Resource Access' settings? I'm not exactly sure what they all mean.