SBIE 3.31.02 Questions

Discussion in 'sandboxing & virtualization' started by n8chavez, Oct 17, 2008.

Thread Status:
Not open for further replies.
  1. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Does anyone have any idea how I can configure SBIE to allow spawned WinPatrol processes to use IE? The new version of SBIE allows the user to control what can be run inside the sandbox, and I think that might be what the problem is. As it is now WinPatrol cannot launch IE and use it to look up "plus" info. My IE config is below. Any help would be greatly appreciated.

     
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    From MitchE323 from over at SB's forum:

    For any future issues it would be better to post over there maybe?
     
  3. rolarocka

    rolarocka Guest

    I suggest that you create a new sandbox and compare it to the sandboxes created with old sandboxie.ini. Some settings arent needed anymore because the new beta comes with the new "Restrictions" feature for example ClosedFilePath=!<restricted>,* is not needed. Now it looks like this: ProcessGroup=<StartRunAccess_Firefox>,firefox.exe for Firefox
     
  4. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Thanks. I've gotten WinPatrol to work; I just deleted the sandbox and re-created it. But I have another concern. I've been able to succesfully terminate process that are (or should be) protected. I ran APT in a sandbox and kill method 07 was able to terminate. I've put my SBIE configuration below because I have a feeling this is due to errors, or 'unoptimizations' or the file. If anyone can help me get it 'correct' I would appreciate it.
     

    Attached Files:

    Last edited by a moderator: Oct 19, 2008
  5. MitchE323

    MitchE323 Registered Member

    Joined:
    Nov 22, 2007
    Posts:
    156
  6. MitchE323

    MitchE323 Registered Member

    Joined:
    Nov 22, 2007
    Posts:
    156
    Just a couple of minor things on the ini while we wait on an answer at Sandboxie;
    The Miranda - Opera - System sandboxes do not have the full amount of Internet Access lines (Like the IE box does);
    ClosedFilePath=!<InternetAccess_IE>,\Device\RawIp6
    ClosedFilePath=!<InternetAccess_IE>,\Device\Udp6
    ClosedFilePath=!<InternetAccess_IE>,\Device\Tcp6
    ClosedFilePath=!<InternetAccess_IE>,\Device\Ip6
    ClosedFilePath=!<InternetAccess_IE>,\Device\RawIp
    ClosedFilePath=!<InternetAccess_IE>,\Device\Udp
    ClosedFilePath=!<InternetAccess_IE>,\Device\Tcp
    ClosedFilePath=!<InternetAccess_IE>,\Device\Ip
    ClosedFilePath=!<InternetAccess_IE>,\Device\Afd*

    So they are missing the Udp lines.

    In the User settings;

    SbieCtrl_BoxExpandedView_Main=Y
    SbieCtrl_BoxExpandedView_JRiver=Y
    SbieCtrl_BoxExpandedView_Amazon=Y
    SbieCtrl_BoxExpandedView_removeable=Y
    SbieCtrl_BoxExpandedView_Removable=Y
    SbieCtrl_BoxExpandedView_VideoGet=Y

    These are from sandboxes of the past and can be deleted.
     
  7. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    You're right. Thanks for that. Also, there's a little more to it than the termination of unprotected processes I'm afraid. I'm running the beta version of SBIE and I was able to terminate processes that were supposed to have been protected (sandboxed); Kerio, MBAM, and Anvir were all terminated while sandboxed. APT was also run in my "system" sandbox.
     
  8. MitchE323

    MitchE323 Registered Member

    Joined:
    Nov 22, 2007
    Posts:
    156
    I understand that. Are we going to have two threads on this? I posted the link to this thread in the very first sentence of my post at Sandboxie. You spotted the issue (Good Job). I thought it would be better to get an answer from Tzuk as quickly as possible so I posted there.
     
  9. MitchE323

    MitchE323 Registered Member

    Joined:
    Nov 22, 2007
    Posts:
    156
    You are alarmed backwards. I think it is far more understandable if the APT.exe is running in a sandbox, and terminates programs running in that same sandbox. That may or may not be preventable with ClosedFilePaths and such. What it should not be able to do, IMO, is terminate programs running in other sandboxes (I cant get it to do that) but big-time especially should not be able to terminate a non-sandboxed app - like an AV or other security program (or really any program).
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    there is a new beta 3.31.06 download at sandboxie's website,maybe the new one will fix this isue:thumb:
     
  11. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    No, that does not fix the issue. However, there was a version just released today that fixes every process ternination issue I have. Now processes that are sandboxed cannot terminate any other process. This is great news; AVs, firewalls, and other secirity software cannot be rendered useless now. For more information see this thread at the SBIE forum.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    ok and thanks for the link and info:thumb:
     
  13. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Of course. I think it worth mentioning 'tzuk' fixed all my issues with process termination is literally two days (at the most). Service like this is extremely rare. If you can afford it, I recommend everyone purchase an SBIE license based on that fact alone. It's nice to see someone that actually cares about user protection. Tzuk certainly suts that description.
     
    Last edited: Oct 22, 2008
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i got my self a life time licence last year:thumb:
     
  15. rolarocka

    rolarocka Guest

    Does this mean that i dont need to block paths to my security apps anymore because the process termination is blocked by default?
     
  16. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Theoretically, yes. But, given that this is a beta there still vould be changed made to SBIE. What would be the harm in keeping those entries listed? I think this is a case where it is better to be safe than sorry.
     
  17. rolarocka

    rolarocka Guest

    That would be very nice. My sandboxie.ini is getting a bit chaotic with the amount of blocked paths :)
     
  18. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Send me you config file and I'll see if I can help you make sense of it.
     
  19. rolarocka

    rolarocka Guest

    Thx for your help :thumb:. I know what is in the .ini. The problem is that the .ini is not sorted and therefore it takes some time searching things (my fault) :). But its no biggie at all.
     
Loading...
Similar Threads
  1. syrinx
    Replies:
    44
    Views:
    2,509
Thread Status:
Not open for further replies.