Sandboxie Support

Corrected 64-bit support... (for fun...) I hope I am not forgetting something this time (apart from the doctor's approved implementation - not happening). ; Toggle build architecture PtrSize fix 4 ; 32-bit ;PtrSize fix 8 ; 64-bit ; Toggle OutputDebug equ 0 ;OutputDebug equ 1 PtrSizeAsc='0'+PtrSize S...

that's specifically the one i was trying to install. Specifically, are you sure... because there are two Offline installers (standalone). And one or more online setups (non-standalone). they all give the same error as in my screenshot, though. I don't know how to explain that. Only the "all users" ...

The print spooler security hole is blocked -- no one needs to do anything unless ... Before Release, maybe want to address printer driver installation hole - tested. Adding drivers existing outside system directory may or may not be possible - untested. You are going to have to install Chrome outsi...

As an example ... (you're severely restricting Sandboxie to sandboxing Chrome only, using GlobalSettings like that, what if you want to sandbox other stuff? I suppose you'll add it to StartRunAccess (which would be time consuming especially for setup programs), or comment out the Template= or restri...

Yeah, Sandboxie renames then deletes. I wouldn't be surprised if Google Chrome outside the Sandbox had a lock on a file inside the Sandbox. If you can't delete those folders from Explorer right now AND immediately after initiating Sandbox Delete Contents (when it fails to delete), then that does rai...

Most settings, yes, you can. but ChromePrograms is defined within Template=Chrome_Phishing_DirectAccess so you should bring that into GlobalSettings as well but I don't use ANY Templates from Templates.ini in fact I TemplateReject= any detected software compatibility templates. Instead, I would (re)...

A fully portable browser shouldn't write outside of its own directory tree, and it shouldn't talk to other instances of itself. For exceptions to the portable guideline, there is a job for Sandboxie. Aside, Sandboxie Contains exploits from escaping unless an exploit targets a critical OS vulnerabili...

By user-agent I mean the browser/client version string (which includes operating system info) that a browser is obligated to send in every http action/request (along with your IP address in every packet), but you're not concerned about the fact that a host of generic website elements that may be sha...

Keep unsandboxed Chrome/browser clean and you won't need to use WriteFilePath nor WriteKeyPath. (ClosedFilePath means the Sandbox won't be able to use that path at all and it'll break stuff.) To be on the safer side, install a different engine browser sandboxed than the one unsandboxed. And maybe as...

Curt your enthusiasm, whitelist specifically is not currently possible.

But this setting prevents software setup... There, I learned something new. I didn't test the installer but the main program exe to notice that "The system cannot open the device or file specified." during setup... Solution: Make 'em portable, or, and I am thinking out loud again, create an InjectD...

nah. Sbie well and truly sandboxes the registry by now, I would say. But here, lsass.exe (unsandboxed SYSTEM process) was marshalling. :/ [GlobalSettings] ClosedIpcPath=\RPC Control\LSARPC_ENDPOINT Comment= or under [DefaultBox] No idea what else it will block/break, probably browsery things heh. Sb...

They probably use LsaStorePrivateData function storing a local object with prefix "L$". Hint! :wink: So how to clear this area if it is spammed...? Can it be exploited otherwise? Don't think so. REM https://technet.microsoft.com/en-us/sysinternals/bb897553.aspx psexec -i -s cmd.exe REM from an Admin...

Something is stored only while Elevated. That something is read back by NoiseBuster.exe only while Elevated. Once set, it is not set again. It survives a Restart. Afaik it is not USN journal, Prefetch, AppCompatFlags, or Spooler. It may phone home a HWID, but net can be blocked. You can take the mai...