When I right click my Sandboxie tray icon, goto Contents of Sandbox->Explore Contents, Windows explorer opens to C:\Documents and Settings\Administrator\Application Data\Sandbox\DefaultBox\Device. Within there is HarddiskVolume1 then my folder structure that would usually hang directly off C:\ i.e. theres a 'documents and settings' folder, theres a 'windows' folder. etc. (only 1 more. i.e. only folders that you save files or have filed placed into will appear under hear obviously)
Now my quarm.. I don't see how anything in here is protected from my OS??
I can easily copy/delete/execute any file from this (deep be it) folder level to any other directory on my hdd. My point, if I received something malicious, whats to stop it easily execute a script to delete files from my hdd?
For interest I just tried soemthing. created a quick test1.bat file that would change to c:\temp and deleted a specific file (which i created first off). I created the test1.bat file at work, and uploaded it to my works webserver, then via vpn and vnc downloaded the test1.bat via the web 'so it truely passed thru the sandbox). Now I explore my sandbox contents and run the test1.bat from (windows) explorer and what do you know! the file i created and placed in c:\temp has been deleted...!!?!
Is there something I'm missing here guys, cause I've read thru the theory of the sandbox and it sounds good, yet.. per above, it just seems to placing any file downloaded into a deeper structure on the hard drive.
Thanks in advance for replies.
Windows explorer can see the sandbox contents.. can it not?
-
SBIE User
lulchul,
I'm not sure you understand what SandboxIE is able to do and is not able to do.
Basically, Sandboxie allows you to limit access to your system from programs that you specifically run in a sandbox -- not from all programs. So if you don't want Internet Explorer or Firefox to have direct write access to your system, you would run them in a sandbox. You can also run them with some limited access, allowing them to write directly to some specific folders (like %Favorites%) but not others.
Because Windows Explorer is actually part of the Windows Operating system (in addition to providing a shell), it cannot be sandboxed. So you will always be able to use Windows Explorer to move, copy, delete or rename files on your system whether you are running SandboxIE or not.
In short, SandboxIE provides an extra layer of control from programs that directly access the internet (browsers, email clients, MS Word, etc.) and which pose an especially high threat to security or privacy. It does not provide complete protection to your system and should be used in combination with other security and privacy programs (like anti-virus, anti-spyware, firewall, etc.).
Hope that clarifies the use of SandboxIE a little.
Others here will have other insights to offer.
SBIE (Happy) User
I'm not sure you understand what SandboxIE is able to do and is not able to do.
Basically, Sandboxie allows you to limit access to your system from programs that you specifically run in a sandbox -- not from all programs. So if you don't want Internet Explorer or Firefox to have direct write access to your system, you would run them in a sandbox. You can also run them with some limited access, allowing them to write directly to some specific folders (like %Favorites%) but not others.
Because Windows Explorer is actually part of the Windows Operating system (in addition to providing a shell), it cannot be sandboxed. So you will always be able to use Windows Explorer to move, copy, delete or rename files on your system whether you are running SandboxIE or not.
In short, SandboxIE provides an extra layer of control from programs that directly access the internet (browsers, email clients, MS Word, etc.) and which pose an especially high threat to security or privacy. It does not provide complete protection to your system and should be used in combination with other security and privacy programs (like anti-virus, anti-spyware, firewall, etc.).
Hope that clarifies the use of SandboxIE a little.
Others here will have other insights to offer.
SBIE (Happy) User
-
AgentX
I'm also new to Sanboxie, and have yet to explore the program to its true
potential. I have a few questions that are in sync with the motto of this thread.
1. Sandboxie "contents" are not hidden from Windows, so we can cut/copy/paste to and from the Sandboxed directory. Correct?
2. What's the real use of the "Sandboxie Explorer"? I tried navigating to the sandboxed folder using this explorer and it just barfed. It couldn't access the sandboxed folder, so what's its real use? I have admin rights, and I'm running XP Pro if that matters.
3. I understand that I can both - run a normally installed program under sandbox, and install a program inside the sandbox and run them. I can easily run IE, Firefox, Yahoo Msgr etc that were installed normally (not under sandbox) under Windows. But how do I run the programs installed inside the sandbox (using "Run Sandboxed" menu), if the Sandboxie Explorer is not able to access sandboxed folder? Should I manually navigate to the installed folder - such as C:\Sandbox\S-x-x-xx-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxxx\Sandbox\DefaultBox\Device\HarddiskVolume1\Program Files\Google\Google Talk - and run the program sandboxed?
4. How do I configure it such that large files are saved to a desired location rather than in sandboxed folder? The setting should work correctly regardless of what browser, download manager of FTP programs are used. Is this possible, or do I have to manually configure each program? Please show me an example.
5. How to uninstall programs installed inside the sandbox using the "Run Sandboxed" right-click menu?
That'll do for now. More questions to come as the usage hours increase.
Thanks for a really good program, which is a must-have for most Internet users.
PS - Image codes are hardly readable. Consider a better replacement.
- AgentX
potential. I have a few questions that are in sync with the motto of this thread.
1. Sandboxie "contents" are not hidden from Windows, so we can cut/copy/paste to and from the Sandboxed directory. Correct?
2. What's the real use of the "Sandboxie Explorer"? I tried navigating to the sandboxed folder using this explorer and it just barfed. It couldn't access the sandboxed folder, so what's its real use? I have admin rights, and I'm running XP Pro if that matters.
3. I understand that I can both - run a normally installed program under sandbox, and install a program inside the sandbox and run them. I can easily run IE, Firefox, Yahoo Msgr etc that were installed normally (not under sandbox) under Windows. But how do I run the programs installed inside the sandbox (using "Run Sandboxed" menu), if the Sandboxie Explorer is not able to access sandboxed folder? Should I manually navigate to the installed folder - such as C:\Sandbox\S-x-x-xx-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxxx\Sandbox\DefaultBox\Device\HarddiskVolume1\Program Files\Google\Google Talk - and run the program sandboxed?
4. How do I configure it such that large files are saved to a desired location rather than in sandboxed folder? The setting should work correctly regardless of what browser, download manager of FTP programs are used. Is this possible, or do I have to manually configure each program? Please show me an example.
5. How to uninstall programs installed inside the sandbox using the "Run Sandboxed" right-click menu?
That'll do for now. More questions to come as the usage hours increase.
Thanks for a really good program, which is a must-have for most Internet users.
PS - Image codes are hardly readable. Consider a better replacement.
- AgentX
-
SBIE User
AgentX,
For example, assume you have a folder called c:\downloads and that it contains a file called something.doc. If you run your browser under Sandboxie and download a file called somemusic.mp3 into d:\downloads, that downloaded file will actually only be placed in the virtual copy of d:\downloads -- but you will see both something.doc and somemusic.mp3 in d:\downloads if you navigate to that folder in Sandboxie Explorer. (If you navigate to the real d:\downloads folder with Windows Explorer, you'll only see something.doc -- because the somemusic.mp3 is really in a sanboxed, virtual version of that folder and is not directly accessible in the real folder.
If you use Sandboxie Explorer to navigate to d:\downloads and then double-click on somemusic.mp3, your mp3 player (Windows Media Player, WinAmp, Nero, etc.) will open in sandboxed mode and play the song.
Any files in the virtual sandboxed folders will be lost when you empty sandboxes, unless you have specified that the files in specific folders should be "recovered" or unless you have told Sandboxie to give direct write access to the sandboxed program that either downloaded or created the file.
Note that there is no trailing slash at the end of that directory name!
You can also allow any program to write to a folder like d:\downloads -- but most of us strong recommend against that, as it opens a security hole in your system. Nevertheless if you want to do that, you would use the following code:
Hope that helps.
SBIE (Happy) User
Yes, if you use the regular Windows Files Explorer or My Computer to access the Sandboxed directory, you can perform any normal file operations on the Sandboxed directory.1. Sandboxie "contents" are not hidden from Windows, so we can cut/copy/paste to and from the Sandboxed directory. Correct?
The folder structure you see in th e Sandboxie Explorer (as different from Windows Files Explorer) is a virtualization of the folders on your system. So the contents of any folder you see with Sandboxie Explorer will include those files that are actually in the real, non-virtual folder plus the files that are in a sandboxed virtual folder of the same name.2. What's the real use of the "Sandboxie Explorer"? I tried navigating to the sandboxed folder using this explorer and it just barfed. It couldn't access the sandboxed folder, so what's its real use? I have admin rights, and I'm running XP Pro if that matters.
For example, assume you have a folder called c:\downloads and that it contains a file called something.doc. If you run your browser under Sandboxie and download a file called somemusic.mp3 into d:\downloads, that downloaded file will actually only be placed in the virtual copy of d:\downloads -- but you will see both something.doc and somemusic.mp3 in d:\downloads if you navigate to that folder in Sandboxie Explorer. (If you navigate to the real d:\downloads folder with Windows Explorer, you'll only see something.doc -- because the somemusic.mp3 is really in a sanboxed, virtual version of that folder and is not directly accessible in the real folder.
If you use Sandboxie Explorer to navigate to d:\downloads and then double-click on somemusic.mp3, your mp3 player (Windows Media Player, WinAmp, Nero, etc.) will open in sandboxed mode and play the song.
Any files in the virtual sandboxed folders will be lost when you empty sandboxes, unless you have specified that the files in specific folders should be "recovered" or unless you have told Sandboxie to give direct write access to the sandboxed program that either downloaded or created the file.
You do not need to access the Sandbox folder within Sandboxie Explorer, because the file structure you see there includes all the virtual sandboxed versions of the folders. You would use the regular Windows Files Explorer if you need to perform operations on the actual Sandbox -- but I'd recommend you not do that until you have a little experience with Sandboxie, because you can defeat the safety barrier provided by Sandboxie if you do that without knowing what not to do.3. I understand that I can both - run a normally installed program under sandbox, and install a program inside the sandbox and run them. I can easily run IE, Firefox, Yahoo Msgr etc that were installed normally (not under sandbox) under Windows. But how do I run the programs installed inside the sandbox (using "Run Sandboxed" menu), if the Sandboxie Explorer is not able to access sandboxed folder? Should I manually navigate to the installed folder - such as C:\Sandbox\S-x-x-xx-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-xxxx\Sandbox\DefaultBox\Device\HarddiskVolume1\Program Files\Google\Google Talk - and run the program sandboxed?
To allow a specific program to write directly to a regular folder (not the sandboxed, virtual version of it), add an OpenFilePath setting to the Sandboxie config file. For example, if you want to allow Internet Explorer to write (including saving downloaded files) directly to d:\downloads, you would would add the following line in the Sandboxie config file:4. How do I configure it such that large files are saved to a desired location rather than in sandboxed folder? The setting should work correctly regardless of what browser, download manager of FTP programs are used. Is this possible, or do I have to manually configure each program? Please show me an example.
Code: Select all
OpenFilePath=iexplore.exe,d:\downloads
You can also allow any program to write to a folder like d:\downloads -- but most of us strong recommend against that, as it opens a security hole in your system. Nevertheless if you want to do that, you would use the following code:
Code: Select all
OpenFilePath=d:\downloads
I just delete the sandbox, which removes the program itself and all temporary registry changes that were trapped in the sandbox. Your system will be just like it was before you tested the program by installing it in a sandbox.5. How to uninstall programs installed inside the sandbox using the "Run Sandboxed" right-click menu?
Hope that helps.
SBIE (Happy) User
-
AgentX
Thanks for the clarification. I was really puzzled as to why the Sandboxie Explorer wouldn't access it's own directories.SBIE User wrote:The folder structure you see in th e Sandboxie Explorer (as different from Windows Files Explorer) is a virtualization of the folders on your system. So the contents of any folder you see with Sandboxie Explorer will include those files that are actually in the real, non-virtual folder plus the files that are in a sandboxed virtual folder of the same name.
But one thing remains muddy. Should I install programs under the sandbox? From what I know now, the Sandboxie Explorer cannot access the sandboxed folders, thus making it impossible to execute the programs installed in the "Program Files" folder inside the sandbox, from within the explorer.
And if I wanted any program to run inside sandbox, I would simply right click onto it and select "Run Sandboxed", or select it from the "Any Program" menu. Doesn't it defeat the purpose of installing a program inside the sandbox itself?
The question is - is it possible to install a program inside sandbox and run it sandboxed everytime (considering that it's impossible to do so from within Sandboxie Explorer)? Is there any benefit in doing so, if it's possible?
- AgentX
-
SBIE User
AgentX,
There are two different circumstances that you need to distinguish. You handle programs differently depending on whether they are installed outside the sandbox or inside the sandbox.
If you have installed a program outside the sandbox and you want to run it in a sandbox, then you can either enter that program in your list of "forced" programs or you can run it using the "Run Sandboxed" approach.
If you have installed a program inside the sandbox, then you use Sandboxie Explorer (not Windows Files Explorer or My Computer) to navigate to its directory under Program Files (or wherever you installed it) and then you just double-click on the program filename. If you are navigating with Sandboxie Explorer, any program you execute by double-clicking will run in the sandbox.
Of course, if you install a program in the sandbox and then empty your sandbox at the end of the session, that program will not be there the next time you open a sandbox -- because all sandboxed contents are deleted unless you take specific action to recover them.
I often install programs in the sandbox just to test them. If I like them, I then install them outside the sandbox and then run them using "Run Sandoxed" if I want to run them with Sandboxie protection.
I also sometimes install programs in the sandbox in order to extract files to use in creating portable versions.
Does that clearify it?
SBIE (Happy) User
There are two different circumstances that you need to distinguish. You handle programs differently depending on whether they are installed outside the sandbox or inside the sandbox.
If you have installed a program outside the sandbox and you want to run it in a sandbox, then you can either enter that program in your list of "forced" programs or you can run it using the "Run Sandboxed" approach.
If you have installed a program inside the sandbox, then you use Sandboxie Explorer (not Windows Files Explorer or My Computer) to navigate to its directory under Program Files (or wherever you installed it) and then you just double-click on the program filename. If you are navigating with Sandboxie Explorer, any program you execute by double-clicking will run in the sandbox.
Of course, if you install a program in the sandbox and then empty your sandbox at the end of the session, that program will not be there the next time you open a sandbox -- because all sandboxed contents are deleted unless you take specific action to recover them.
I often install programs in the sandbox just to test them. If I like them, I then install them outside the sandbox and then run them using "Run Sandoxed" if I want to run them with Sandboxie protection.
I also sometimes install programs in the sandbox in order to extract files to use in creating portable versions.
Does that clearify it?
SBIE (Happy) User
-
AgentX
It does, to some extent. Still, there is still some confusion. What if I have the same program installed both outside and inside the sandbox? In this case, the Sandboxie Explorer will see the sandboxed version of the install program in C:\Program Files\*, thus masking the native Windows version of the program with the sandboxed version?SBIE User wrote:If you have installed a program inside the sandbox, then you use Sandboxie Explorer (not Windows Files Explorer or My Computer) to navigate to its directory under Program Files (or wherever you installed it) and then you just double-click on the program filename. If you are navigating with Sandboxie Explorer, any program you execute by double-clicking will run in the sandbox.
Does that clearify it?
Wow, I'm really beginning to like this little, but powerful, program. Thanks for answering my questions with patience.
- AgentX
-
SBIE User
AgentX,AgentX wrote:What if I have the same program installed both outside and inside the sandbox? In this case, the Sandboxie Explorer will see the sandboxed version of the install program in C:\Program Files\*, thus masking the native Windows version of the program with the sandboxed version?
I have never run a program that is installed both inside and outside the sandbox, but I think that would possibly cause some problems. Let me explain why I think it would be problematic.
When a program is installed in the sandbox it creates it registry entries it needs inside a sandboxed version of the registry. Actually, that sandboxed version uses a combination of real registry keys and sandboxed registry keys. If a program is already installed, Sandboxie would find the existing key and probably not create a sandboxed version of the key -- or perhaps it would create another key, which could be confusing.
Anyway, I'm not sure why you would want to install the same program in the sandbox and outside the sandbox. Any program that is already installed outside the sandbox can still be run in a sandbox by using the "Run Sandboxed" procedure -- so you only have one installation, but you can run the program outside or inside the sandbox, whichever you need.
Hope that helps a little more.
SBIE (Happy) User
Who is online
Users browsing this forum: No registered users and 1 guest
