confused...[SOLVED]

If it's not about a problem in the program
Post Reply
gascar
Posts: 3
Joined: Fri Sep 01, 2017 2:59 pm

confused...[SOLVED]

Post by gascar » Fri Sep 01, 2017 3:25 pm

I've been though "getting started" but am still confused, soz.

If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?

If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.

Sorry I don't get it!

JimC@invincea
Sandboxie Support
Sandboxie Support
Posts: 67
Joined: Mon Oct 20, 2014 12:58 pm

Re: confused...

Post by JimC@invincea » Tue Sep 05, 2017 12:10 pm

Hello-

Thank you for your interest in Sandboxie! Please reference the Help and FAQ section here: https://www.sandboxie.com/FrequentlyAskedQuestions

Specifically, the "How does Sandboxie protect me, technically?" question.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2809
Joined: Wed Apr 22, 2009 9:17 pm

Re: confused...

Post by bo.elam » Tue Sep 05, 2017 4:07 pm

gascar wrote:
Fri Sep 01, 2017 3:25 pm
I've been though "getting started" but am still confused, soz.

If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?

If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.

Sorry I don't get it!
In a short paragraph. Programs in the sandbox have Read only access to files outside the sandbox. This allows sandboxed programs to interact seamlessly with the system, files and programs outside the sandbox. So, sandboxed programs can read but can not write, can not make changes outside the sandbox unless you allow the changes. To prevent from getting your personal and sensitive files from being read or stolen by sandboxed programs, you can block programs in the sandbox from accessing sensitive files and folders via Sandbox settings.

Bo

gascar
Posts: 3
Joined: Fri Sep 01, 2017 2:59 pm

Re: confused...

Post by gascar » Wed Sep 06, 2017 5:31 am

bo.elam wrote:
Tue Sep 05, 2017 4:07 pm
gascar wrote:
Fri Sep 01, 2017 3:25 pm
I've been though "getting started" but am still confused, soz.

If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?

If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.

Sorry I don't get it!
In a short paragraph. Programs in the sandbox have Read only access to files outside the sandbox. This allows sandboxed programs to interact seamlessly with the system, files and programs outside the sandbox. So, sandboxed programs can read but can not write, can not make changes outside the sandbox unless you allow the changes. To prevent from getting your personal and sensitive files from being read or stolen by sandboxed programs, you can block programs in the sandbox from accessing sensitive files and folders via Sandbox settings.

Bo
I'd read the FAQ,, I don't understand all I'm reading.

Bo -
Thanks -the highlighted nugget clarifies it I think. If I'm not getting it wrong, the sandboxed program can read what it likes, unless I am knowledgeable enough to know what to prevent it accessing, (I'm not).
If no damage is apparent to me because I didn't see it or get an error message (I havent found examples) then I declare the program safe. Thereafter it can do whatever damage it wants to .
Is there a warning if the program attempts to write to default "inappropriate" areas?

RooJ
Posts: 82
Joined: Sun Dec 21, 2014 2:47 pm

Re: confused...

Post by RooJ » Wed Sep 06, 2017 1:16 pm

gascar wrote:
Wed Sep 06, 2017 5:31 am
If I'm not getting it wrong, the sandboxed program can read what it likes, unless I am knowledgeable enough to know what to prevent it accessing, (I'm not).
Correct,
You can prevent a program reading a directory using sandboxie control. Hit the sandbox drop down menu -> sandbox (for instance defaultbox) ->
sandbox settings. Then in the new window expand "resource access" -> "File access" and click "Blocked access". You can then click add and choose a path that you want to prevent the program accessing. There's also a Write-only setting in the same location which can be used to make a folder look empty to the program running in sandboxie instead of just denying access.
gascar wrote:
Wed Sep 06, 2017 5:31 am
If no damage is apparent to me because I didn't see it or get an error message (I havent found examples) then I declare the program safe. Thereafter it can do whatever damage it wants to .
Programs can tell if they're running within a sandbox. If the program is malicious it may avoid doing anything untoward in the hopes you'll declare it safe and run it outside the sandbox.
It's generally advised that if you don't trust the program in the first place then just leave it running in a sandbox for security. If you find it inconvenient to use within a sandbox then I, and others on here, can teach you a number of tweaks to make life easier without installing the software outside of sandboxie.
gascar wrote:
Wed Sep 06, 2017 5:31 am
Is there a warning if the program attempts to write to default "inappropriate" areas?
There's no warning with a default setup. When a program running in sandboxie attempts to write a file to the system the file is redirected to a sandbox folder instead. The sandbox folder can be found in "C:\sandbox", if you have a default setup. The program thinks it's saved to the system successfully but in actual fact sandboxie is just lying to it. If the program queries the contents of the same folder sandboxie will first check the contents of the sandbox and if it finds files it will display those along side (or instead of) the files in the actual location.

If you want to see where the program has written files to you can browse "C:\sandbox\username\sandboxname". You can also use sandboxie control for this by clicking the "View" drop down menu and clicking "Files and Folders". Once you select the sandbox on the right hand side you can browse files and folders created in the sandbox by expanding the tree view in the central window.

Hope this made sense.

gascar
Posts: 3
Joined: Fri Sep 01, 2017 2:59 pm

Re: confused...

Post by gascar » Wed Sep 06, 2017 3:27 pm

Great answer RooJ, thanks so much :)

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2809
Joined: Wed Apr 22, 2009 9:17 pm

Re: confused...

Post by bo.elam » Wed Sep 06, 2017 4:33 pm

gascar wrote:
Wed Sep 06, 2017 5:31 am
I'd read the FAQ,, I don't understand all I'm reading.
Thats OK. Some its going to stick, that's what matters. Eventually all about Sandboxie is going to make sense. When I first started using Sandboxie, all I wanted to know on day 1 was how to delete the sandbox, how to save bookmarks and downloads out of the sandbox. And how my antivirus interacted with Sandboxie. The rest came later (and still coming).
gascar wrote:
Wed Sep 06, 2017 5:31 am
If I'm not getting it wrong, the sandboxed program can read what it likes, unless I am knowledgeable enough to know what to prevent it accessing, (I'm not).
Sandboxie users block all type of files and folders. Personally, I only block personal and sensitive files and folders, nothing else. I dont block any system files, Program files, AppData, none. Some people get into I am going to block this and block that, for security. In my opinion, that's unnecessary. So really, its not that hard to figure what files to prevent sandboxed programs from having access to. Basically, files and folders where you keep files that if stolen, they ll cost you money, that can be used to identify you, your banking accounts, credit cards, your company files, social security, anything that can be used to steal your identity.
gascar wrote:
Wed Sep 06, 2017 5:31 am
If no damage is apparent to me because I didn't see it or get an error message (I havent found examples) then I declare the program safe. Thereafter it can do whatever damage it wants to .
Is there a warning if the program attempts to write to default "inappropriate" areas?
Like RooJ said, sandboxed programs can usually tell when they are running sandboxed, so dont get into the habit of using Sandboxie for telling if a program is clean or not, thats not the proper way of using Sandboxie. Personally, just about every file and program that runs in my computers, runs sandboxed every time they run. Files that I download, run sandboxed during their lifetime in my computer. They run sandboxed till the day they get deleted. There are exceptions but this are rare. I don't concern myself with files and programs that run in the sandbox, my only concern is with files that I recover and execute out of the sandbox.

Bo

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest