Trust No Program

Closed Key Path

ClosedKeyPath is a sandbox setting in Sandboxie Ini. It specifies path patterns for which Sandboxie will deny all access by sandboxed progams, including read access. This setting essentially blocks registry keys from being accessed by sandboxed programs.

Program Name Prefix may be specified.


   ClosedKeyPath=!msimn.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager

The example blocks any program other than Outlook Express (msimn.exe) from accessing the registry key containing configured email accounts for the active user account.

The value specified for ClosedKeyPath can include wildcards, although for registry keys, the use of wildcards is rarely needed. For more information on this, including examples that show the use of wildcards, see OpenFilePath. (OpenFilePath deals with files, not registry keys, but the principle of using wildcards remains the same.)

Note: this setting does not apply to sandboxed items. It only blocks access to items outside the sandbox, that have not yet been copied into (or created) in the sandbox.

Note: Unlike the corresponding OpenKeyPath setting, the ClosedKeyPath settings always applies to sandboxed programs, whether the program executable file resides within the sandbox, or out of it.

Related Sandboxie Control setting: Sandbox Settings > Resource Access > Registry Access > Blocked Access

Go to Sandboxie Ini.

Sandboxie is Copyright © 2004-2019 by Sandboxie Holdings, LLC.  All rights reserved. | Contact Author