4.17 Beta Available (Latest Version 4.17.8)

[BUCKAROO]

Thanks for working on it. Is there a simple description of the hole somewhere? I found the thread hard to follow.

InjectDll is not perfect, itself can be "worked around". A user-land hook/solution, the same. [Keep that in mind...]

It's the last slice of example code here.

Turn it into a more elegant enumeration, try each handle just erm handed to us... and do nasty (censored).

ASLR helps tremendously versus shellcode, but doesn't put a stop to anything.

We can best guess and/or bruteforce or, since we have been provided a HANDLE, ask Windows nicely for loaded module base addresses [I presume we can, because we have a process handle with memory write access granted of all things!].

Rooted and kitted. The worst of it, you'll never, never know it's happened!
Windows' user process security model sucks allowing such things by default.

[cornflake]

Rooted and kitted. The worst of it, you'll never, never know it's happened!
Windows' user process security model sucks allowing such things by default.

Sounds pretty bad, but that article seems to imply that you need the ability to write outside the sandbox first. Also the article focuses on Chrome specifically, is Sandboxie more or less restrictive in that regard? Is there anything else I can do to mitigate?

[BUCKAROO]

That's what's weird eh. And that warrants further analysis in user-land and beyond. [I'm so DONE with this.]

Sandboxied processes get passed privileged handles like an upper-class kid in a candy store on one of those mornings when they break into song and liberate the hard candy. # Who can take tomorrow ... #

I've tested AppGuard... though we can still "play around" with the unsandboxed process handles with who-knows-what exact level of access really, AppGuard can block writes to process memory...

[cornflake]

That's what's weird eh. And that warrants further analysis in user-land and beyond. [I'm so DONE with this.]

Some of the people like you and buster and dr pepper need to get on the invincea payroll and help to work on protecting everyone from stuff like this. How about it Curt.

[nanana1]

4.18 is now available.

http://forums.sandboxie.com/phpBB3/view ... =2&t=21204

Thanks, Curt, for Sandboxie 4.18 final version release !

It's working great here on my system especially being able to use my Chromium-based version 43 Opera browser for my internet surfing activities.

[kronckew]

still no sound in firefox / youtube vids.

[Mr.X]

still no sound in firefox / youtube vids.

No problem here. I started using Sandboxie about July 2013, ever since I never had such issue on any release of Sandboxie / Firefox combination. I think you have an isolated and very rare problem with your software config.

[nanana1]

still no sound in firefox / youtube vids.

No problem here. I started using Sandboxie about July 2013, ever since I never had such issue on any release of Sandboxie / Firefox combination. I think you have an isolated and very rare problem with your software config.

Also no problem here running Sandboxie 4.18 with my portable Firefox both 39 beta 1 and 38.0.1 stable versions surfing Youtube videos running smoothly with great sounds and music.

[Curt@invincea]

Thanks for the quick reply. I need the integrity of the clipboard at all costs. For example that text I copied from the command console was a private key in base64. It was missing all the forward slashes. That was really serious for me. Luckily I still had the open console. I copied again and no problem. I don't want to be an irritant but back to my question, is/was there something in sandboxie that can strip forward slashes out of text? I'd much prefer it until the clipboard issue is resolved that no copy take place or even fill it a short message saying the copy failed. What I cannot have is data that looks like the real data but isn't. This again assuming my problem has something to do with sandboxie, but I don't know. I will be sure to upgrade to 4.18 as soon as I can.

Sbie does not modify the contents of the clipboard. If the data type is unknown to Sbie, then you will lose all or part of the data in the clipboard. I will probably add an error msg when this occurs, so we can identify the type of data and determine how to support it. So no, the forward slash stripping does not sound like a Sbie issue.

[Domochevsky]

...
Sbie does not modify the contents of the clipboard. If the data type is unknown to Sbie, then you will lose all or part of the data in the clipboard. I will probably add an error msg when this occurs, so we can identify the type of data and determine how to support it. So no, the forward slash stripping does not sound like a Sbie issue.

So that's what's happening on my end, hm? (Eclipse copypasta being stripped of everything that isn't plain text.)
That has to be a new thing, since this was not the behavior a couple point versions ago.
An error message with potential fix is welcome then.

[cornflake]

An error message with potential fix is welcome then.

Yeah I agree. It will be good to know when I have a problem with the clipboard if it's due to Sandboxie. Actually, if Sandboxie offered an optional clipboard diagnostic that I could enable to keep a log that would also help.

[bjm]

An error message with potential fix is welcome then.

Yeah I agree. It will be good to know when I have a problem with the clipboard if it's due to Sandboxie. Actually, if Sandboxie offered an optional clipboard diagnostic that I could enable to keep a log that would also help.

For me 4.17.4 last version with functional as expected clipboard.

[Dun]

I upgraded to latest stable on XP PC. I didn't need to do anything to print PDF opened via Firefox in Firefox sandbox. There are no start/run restrictions but dropped rights is enabled. Printing just worked, didn't see any sandboxie message. Is it good/bad?

[bo.elam]

....didn't see any sandboxie message. Is it good/bad?

Hi Dun, maybe I am wrong here, I don't know. But I think printing works in XP exactly as it used to, before the change. In other words, the changes in printing do not apply to XP. I do all my printing in my XP, to this day, I haven't seen a message or had to do anything different than I am used to doing when printing something while running sandboxed.

Bo