On my computer I have been testing if it is possible for a useraccount to read information which is written on one other useraccount, if that information is stored sandboxed. Both accounts don't have administratorrights. And it is, so I thought that I could better ask on this forum if this is meant to be so.
I made on my computer (Windows 10), two useraccounts, named Skip2 and Skip3. Both are protected with a different code, so you can't see the files of the other account.
In Skip2 I made a sandboxed document, and kept it sandboxed, (so it is invisible when you are out of the sandbox).
When I leave this account and use account Skip3, then it is possible to read and write in the Sandboxed document by following Explorer.
This path: C:\Sandbox\Skip2\DefaultBox\user\current\Documents\Topsecretveryconfidential.txt
Also it is by this way possible to copy the document from Skip2 (where it is stored sandboxed) to Skip3 (now unsandboxed).
So Sandboxie seems less (privacy)safe than I thought, but perhaps I haven't configured it well enough?
Makes Sandboxie pc-accounts less private or am I wrong?
-
- Sandboxie Support
- Posts: 2337
- Joined: Mon Nov 07, 2016 3:10 pm
Re: Makes Sandboxie pc-accounts less private or am I wrong?
Hello Wikkie,
Please have a look at these:
https://www.sandboxie.com/index.php?Use ... tsSettings
http://forums.sandboxie.com/phpBB3/view ... nt#p109558
As for navigating to the files outside Sandboxie, it depends on what type of permissions does that user have.
You can set Windows permissions to restrict a user to access a location.
Regards,
Barb.-
Please have a look at these:
https://www.sandboxie.com/index.php?Use ... tsSettings
http://forums.sandboxie.com/phpBB3/view ... nt#p109558
As for navigating to the files outside Sandboxie, it depends on what type of permissions does that user have.
You can set Windows permissions to restrict a user to access a location.
Regards,
Barb.-
Re: Makes Sandboxie pc-accounts less private or am I wrong?
The settings don't change the fact that Sandboxie stores user data in its own root directory using basic access permissions. Even a standard user has access to the Sandbox folder in the root. On top of this, a user should not be asked to have to change access permissions of directories that should be secure by design. This is not good. Windows has user profile folders for this purpose. The user profile folders are set up with the correct permissions to disallow any other user access to sensitive data. These are the folders Sandboxie should be using. Personally I'm highly disappointed by this discovery. I've ditched software for just this reason in the past.
I can think of a simple workaround that may temporarily solve this issue, but it all depends on if the Sandboxie service (if there's such a thing) has the right permissions following this change:
1) For each user directory in C:\Sandbox...
1.2) Create a Sandbox directory under %userprofile%\AppData\Local
1.3) Move the user data (not the user folder) from C:\Sandbox\<User> into %userprofile%\AppData\Local\Sandbox
1.4) Create a symbolic link mapping C:\Sandbox\<User> to %userprofile%\AppData\Local\Sandbox
2) [Optional] Similarly, C:\Sandbox should live under C:\ProgramData. As with the user folders, this can be moved and mapped the same way. However, at the end of the day, the folder shouldn't even exist under the root.
NOTE: I have not yet tested if these changes will work!
---------------- UPDATE ---------------------------------------
Just tested part one of my solution and it works. The problem with my solution will be that paths may exceed the 256 character limit and fail. I haven't yet had this issue, but I can see it being an issue. However, I understand Microsoft plans to lift this restriction, not sure if that's on NTFS or ReFS, though.
Perhaps, what's needed is to create a virtual disk for each user and write to this instead. However, the virtual disks still need to reside under the respective user profile for security.
I can think of a simple workaround that may temporarily solve this issue, but it all depends on if the Sandboxie service (if there's such a thing) has the right permissions following this change:
1) For each user directory in C:\Sandbox...
1.2) Create a Sandbox directory under %userprofile%\AppData\Local
1.3) Move the user data (not the user folder) from C:\Sandbox\<User> into %userprofile%\AppData\Local\Sandbox
1.4) Create a symbolic link mapping C:\Sandbox\<User> to %userprofile%\AppData\Local\Sandbox
2) [Optional] Similarly, C:\Sandbox should live under C:\ProgramData. As with the user folders, this can be moved and mapped the same way. However, at the end of the day, the folder shouldn't even exist under the root.
NOTE: I have not yet tested if these changes will work!
---------------- UPDATE ---------------------------------------
Just tested part one of my solution and it works. The problem with my solution will be that paths may exceed the 256 character limit and fail. I haven't yet had this issue, but I can see it being an issue. However, I understand Microsoft plans to lift this restriction, not sure if that's on NTFS or ReFS, though.
Perhaps, what's needed is to create a virtual disk for each user and write to this instead. However, the virtual disks still need to reside under the respective user profile for security.
Last edited by Barb@Invincea on Mon Jun 26, 2017 11:21 am, edited 1 time in total.
Reason: Merged posts.
Reason: Merged posts.
-
- Sandboxie Support
- Posts: 2337
- Joined: Mon Nov 07, 2016 3:10 pm
Re: Makes Sandboxie pc-accounts less private or am I wrong?
Hello MrAndreas,
I have moved the topic to Features Requests.
Thank you for the feedback and the steps.
Regards,
Barb.-
I have moved the topic to Features Requests.
Thank you for the feedback and the steps.
Regards,
Barb.-
Re: Makes Sandboxie pc-accounts less private or am I wrong?
I'm probably missing something but can you not just change the FileRootPath in sandboxie.ini? E.g.:
FileRootPath=C:\Users\%USER%\Documents\sandbox\%USER%\%SANDBOX%
or even,
FileRootPath=C:\Users\%USER%\Documents\sandbox\%SANDBOX%
Edit: I see this was already suggested by BUCKAROO in the link Barb provided:
# change the following line (which is your Set Container Folder setting)
FileRootPath=C:\Sandbox\%USER%\%SANDBOX%
# change it to exactly this next line
FileRootPath=%USERPROFILE%\Sandbox\%SANDBOX%
FileRootPath=C:\Users\%USER%\Documents\sandbox\%USER%\%SANDBOX%
or even,
FileRootPath=C:\Users\%USER%\Documents\sandbox\%SANDBOX%
Edit: I see this was already suggested by BUCKAROO in the link Barb provided:
# change the following line (which is your Set Container Folder setting)
FileRootPath=C:\Sandbox\%USER%\%SANDBOX%
# change it to exactly this next line
FileRootPath=%USERPROFILE%\Sandbox\%SANDBOX%
Who is online
Users browsing this forum: No registered users and 1 guest