Hi,
I think it would be really helpful if the files in the sandbox would be categorized by the programs that modified them.
For example, if there are 2 programs - A and B - running in the same sandbox, and program A modified file x, and program B modified files y and z, then file x would be categorized "modified by A" and files y and z would be categorized "modified by B".
This feature can be expanded further-
You can add a button "Delete program files from sandbox", which will delete only the files that are categorized to a certain program that the user would choose.
You can add a button "Recover program files", which will show the quick recovery screen only for files that are categorized to a certain program that the user would choose. Maybe also add an option to recover ALL of the files of a certain program.
GUI-wise
If you decide to add this feature, you can merge the "Programs" view and the "Files and Folders" view together - The new view would show the programs like in the "Programs" view, and next to each program there will be a little [+] icon. Clicking the icon will reveal a list of all the files modified by that particular program.
All of the above also applies to Registry entries modified by different programs (I think you get the point by now).
I believe this feature could help organize the workflow with the SBIE tool. We would no longer have to create multiple Sandboxes that essentially serve the same purpose, but for different programs, because the separation would be built in.
I wouldn't mind helping in the development of some of these features. Maybe some of them can be implemented externally, as a helper-tool of some sort.
Sadly I have no idea where to begin... I am a programmer, but I don't have much experience in this type of system security.
Is there an API that allows communication between SBIE and an external program?
Or rather, could anyone point me in the right direction of how to start developing such a help tool? (I basically need to know what info I can get from SBIE that can be accessed by an external program, and how to get it).
Thanks,
Malkiz
Files per Program
This isn't strictly related to Sandboxie, so I don't think I will implement this feature.
You basically want to watch file operations and tag files according to which program touched them, and someone might find a utility like this equally useful even without using Sandboxie.
If you want, you can take advantage of Sandboxie features for developers, like injecting your DLL into sandboxed programs, and intercepting Windows APIs. These developer features are documented here and available for use by anyone. But my feeling is that it doesn't belong as a core Sandboxie feature.
http://www.sandboxie.com/index.php?SBIE_DLL_API
You basically want to watch file operations and tag files according to which program touched them, and someone might find a utility like this equally useful even without using Sandboxie.
If you want, you can take advantage of Sandboxie features for developers, like injecting your DLL into sandboxed programs, and intercepting Windows APIs. These developer features are documented here and available for use by anyone. But my feeling is that it doesn't belong as a core Sandboxie feature.
http://www.sandboxie.com/index.php?SBIE_DLL_API
tzuk
Who is online
Users browsing this forum: No registered users and 1 guest