Sandboxie

Discussion in 'sandboxing & virtualization' started by ChrisP, Feb 9, 2008.

Thread Status:
Not open for further replies.
  1. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Is there a way to get Sandboxie to force Internet Explorer and Outlook to run sandboxed?

    Also, will my AV (AVG AM and SAS) be able to scan the contents of the sandbox?

    Cheers
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    sure, click on tray icon, Sandbox, default box, sandbox settings,forced programs, then add by file or folder.
     
  3. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    Yes you will need to pay the registration fee then follow trjam's instructions.
     
  4. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    I thought you could force programs on the unregistered Sandboxie
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    only one. Why not frigging pay for it. Tzuk is a very nice guy, works hard to always make sure his software is as good as it needs. I mean this is one good story. Plus he is tired of eating Quaker Cheese Grits all the time.;)
     
  6. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    I couldn't agree more.I paid for mine,Tzuk is very generous offering his program for free.I admire his devotion to a fantastic program.WTF is a chees grit
     
  7. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    I registered so he could afford to supplement his grits with an occassional can of Spam.
     
  8. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Watch the film MY COUSIN VINNY and all will be revealed!!!

    But you can read about them here if you can't wait. I've never tried them as i'm English and they're a Southern America breakfast dish. If any of our fellow Wilders members have ever tried them then please satisfy my curiosity and tell me what they taste like!

    I'm a registered Sandboxie user so hopefully Tzuk will be able to put my registration fee towards a nice sirloin steak...

    muf
     
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    In SandboxIE fully registered version, this topic has me puzzled ATM.

    Where does and why "FORCE" ie browser or any other type of program mean exactly. Because it looks like if you want to single run any program you only need to use the added right click context menu to do so.

    Is that considered forcing too?
    I run IE sandboxed period but let suppose i didn't have that option enabled in it's menu, then so i would approach Program Files\Internet Explorer and choose to use the right click menu so it would spring up sandboxed.

    Personally i've used like some of you SB ALERT PROGRAMS settings to notify when not sandboxed, and here again raises the "force into sandbox" concern.

    Just what constitutes forcing any program into the sandbox on-the-fly? I dunno how or the why, but it is really nice to at will sandbox any app after it's already been lauched outside. Kool feature and useful to say the least.
     
    Last edited: Feb 9, 2008
  10. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Well I 'forced' a cookie monitoring app that i use to run sandboxed. When i originally installed it, it runs as normal in the system tray 'outside' of the sandbox. Therefore whenever i ran IE sandboxed my cookie monitoring app was not able to do any monitoring because it was monitoring the cookie folder on my real system. So by forcing it to run sandboxed whenever i booted up my pc my cookie app was already running inside sandboxie. Then when i go surfing my cookie app was functioning as it should.

    That's one example of why that option was useful.

    muf
     
  11. Empath

    Empath Registered Member

    Joined:
    Nov 13, 2002
    Posts:
    178
    If you were running an app outside the sandbox, and it made a call to an app you prefer to run sandboxed, then the Sandboxie software intercepts and runs it as sandboxed.

    It's like the trusted and untrusted apps from things like Defense Wall. Then too, you might forget to sandbox something when you run it. Also, a visitor that sits down at your computer to access myspace or one of those type things won't likely right context initiate your software.
     
  12. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    I put it on my daughters computer and created [default] sanboxied shortcuts easily from the sandboxie interface. I have myspace, yahoo messenger, Microsoft Messenger, etc. as an icon to click on and run inside the sandbox.
    I just downloaded and installed it, and trying different things out at the moment. Wasn't too sure what was different about registered and unregistered version. Looks like you can add ANY program in the unregistered sandbox if you just look for it in the "shell" setup.
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Thanks.

    So with this SandboxIE on-the-fly tranporting at will any app into the sandbox, a user in session can avert consequences while even in the middle of something.

    I too am learning more and more about the security features this latest version put in place, and all hats off to tzuk. Very attentitive to any suggestion that could place a user at risk and making proper adjustments accordingly.
     
  14. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    I can get IE to be forced, but it wont add outloom to the list - very odd.
     
  15. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    where it says add program by name, type in outlook.exe then press add.
     
  16. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    cheers, that worked.

    If I set it to run Outlook - will it mean that new diary appointments, contacts etc that I add will be lost when the sandbox empties? All I want it to do is protect me from any nasties that may be downloaded in am email.

    I will probably set it up to cover my windows live shared folder, my shareaza download folder etc.

    If I set it up to cover the CD drive - does this mean that anything i install from that drive will be lost once I empty the sandbox?

    I purchased this some time back but never used it. I would like to start using it properly now.

    all advice welcome as to how to use it to the full to protect my system.

    Cheers.
     
  17. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    To protect email don't forget NOD32 Anti Virus by ESET. Works exceptionally well. :D
     
  18. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Chris, for the best advice I would suggest you go here.
     
  19. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    They have a flavour and texture very similar to polenta
     
  20. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    I've eaten them (Grits) many times. Taste a lot like corn meal mush, only softer. It's a type of porridge... sort of. Some people eat it with beans, or butter or gravy, I like to pour milk and sugar on it and eat it like a hot cereal.
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,055
    Okay folks, lets get back to Sandboxie, and leave the grits for a while.

    Pete
     
  22. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    Some people that have eaten grits prefer they go into the sandbox as well. *grin*
     
  23. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    How does one let the resident AV scan the contents of a Sandbox session?
    For example, how can I actively use my AV (NOD32 2.7) when I am browsing with FF in a sandbox?
     
  24. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    Well, I just openend up Sandboxie, choose Fire Fox to run, it did, now while running Fire Fox I went to: http://www.eicar.org/anti_virus_test_file.htm and tried to download one of their "TEST" signature viruses, and got a pop up. I'm not using NOD32 2.7, but it 'should' work the same. Try the link with the pound # sign at the top of both ends of your FF browser, and see if you also get a virus message "Eicar not virus". BTW, it is just a "looks like" virus, and not really anything but a test.
    So with FF sandboxed, and trying to download a possible suspicious file, it showed that even in the sandbox the virus program still works. You don't have to re-configure anything.
     
  25. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    Here at work we run AVG Free and AVG Free lets me download all those Eicar zipfiles in the sandbox without a pop up whatsoever. I get the 'Immediate Recovery' screen, that's it.
    When I try the eicar.com files AVG does indeed come with a warning. Apparently it doesn't pre-scan Rar-archives.

    So in conclusion, is it safe to say that AV's work inside the sandboxes (at least for non-packed files) without having to adjust any settings?

    I will probably do only a bit of browsing in the sandboxes. Is there any need to adjust the 'Resource Access' settings? I'm not exactly sure what they all mean.
     
Loading...
Thread Status:
Not open for further replies.