What should I sandbox and how? (especially on CIS)

Discussion in 'sandboxing & virtualization' started by zakazak, Jan 15, 2012.

Thread Status:
Not open for further replies.
  1. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    Hi, I'm really new to sandboxing. I thought about if for a long time but never really liked the fact that half of my programm was on my C: drive and another half (or a dupilcated half) was also in the "sandbox" folder.

    So I thought I could just sandbox stuff like java/flash/apps I will never use (WMP,Winmail,...). With Comodo it is really weird anyway. E.g. I set "foobar.exe" to always get virtualized (registry & files) but in the C:/Virtualroot folder (so the sandbox folder of CIS) I just see the stuff which normally is located in "AppData".

    Which files are a must-sandbox for you? And with what restrictions should I sandbox them in CIS?

    Thanks
     
  2. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    I think it's not really meaningful to make foobar sandboxed.

    Obviously the more you add to sandbox, the more you protected.
    But as long as you are concerned with foobar's security, you have to make virtually anything to be sandboxed.
    That's not convenient.
    So, I would add browser or something like that only.
     
    Last edited: Jan 15, 2012
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I would add Java to the sandbox.
     
  4. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    Hmm I just thought that all movie/music player in general are security threats. Wasn't long time ago when a .mov file could be modified to execute/download a .exe file.

    + pdf reader, browser, java (which files?).

    @HungryMan: With which restriction level?
     
  5. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    It seems like some sort of potential security issue exists for media files.
    Though malicious media files must be those obtained from P2P or free music file download type of site.

    I changed my mind that if you are concerned with media files security, you should play them within the sandbox.

    Though I still believe it's bit overkill.:)

    As for Java, "java.exe" is a file used for browser plug-in.
     
  6. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,248
    Location:
    Chaotic Land
    As limited, otherwise you will have issues running java with any higher restriction level.
     
    Last edited: Jan 16, 2012
  7. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    So just:

    C:\Program Files (x86)\Java\jre6\bin\java.exe

    or any other files as well?
     
  8. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,248
    Location:
    Chaotic Land
    javaw.exe and javaws.exe
     
  9. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    If you include javaw.exe as well, Java based apps like jEdit will also be sandboxed.
    Maybe it's just me who are using a editor written in Java here.:p
     
  10. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    I also added them from C:/Windows/SysWOW64

    I won't use any java editors so noproblem :)

    Hmm I guess it will only be java & IE for now.. I'm not even sure if Media Player Classic will work with all the codecs and everything.
     
  11. id8

    id8 Registered Member

    Joined:
    Dec 22, 2011
    Posts:
    26
    Location:
    .jp
    I think MPC will work.

    Other programs worth to consider:
    Adobe Reader
    Windows Media Player
    messenger programs like Skype

    I can't imagine any more to add.:)
     
  12. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    Why not install this application and sandbox everything..Sandboxie.. just right click on an application to have it run in the sandbox? I run everything there what launches in the sandbox stays in the sandbox then when your finished close out of everything and poof! its deleted, your machine is clean as a whistle.. ;)
     
  13. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    I don't really want another app running in the backround.. + It didn't really work for me... they seemed to have fixed the bug but now I can't use the trial anymore :S
     
  14. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    That's the only application i have running got rid of my Comodo firewall. How do you mean trial? Sandboxie is free..:argh:
     
Loading...
Thread Status:
Not open for further replies.