[SECURITY] Sandboxes leaking information to each other?

If it's not about a problem in the program
Post Reply
coarse
Posts: 2
Joined: Sun Jan 14, 2018 11:29 am

[SECURITY] Sandboxes leaking information to each other?

Post by coarse » Sun Jan 14, 2018 11:33 am

SETUP:
I'm connected to the Internet via a VPN.
I have Firefox running in one sandbox; all history and cookies cleared.
I have MEGASync (a download manager for mega.nz) running in a separate sandbox, logged in.

PROBLEM:
In Firefox, I go to mega.nz (not logged in) and try to download a file via the browser.
The site says 'download added to MEGASync'.
MEGASync starts downloading the file.

DISCUSSION:
How does the browser know that I have MEGASync installed?
How does MEGASync capture the link from my browser?
As they are in separate sandboxes, shouldn't these programs be isolated from each other? Do I need to activate a specific setting to make this so?

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2337
Joined: Mon Nov 07, 2016 3:10 pm

Re: [SECURITY] Sandboxes leaking information to each other?

Post by Barb@Invincea » Mon Jan 15, 2018 3:39 pm

Hello coarse,

What are your Sandboxie settings? (Configure --> Edit configuration. Copy/paste the output here, highlight it and click on the "</>" button to format it).

Are you using any templates at all for your Sandbox?
Is Firefox (outside Sandboxie) holding a session for this particular application? (Not sure how that app works).

How are you running the application, and is it an extension or a full application? Is there anything running in the system tray, that may be outside Sandboxie?

Please provide this info so that I can test the behavior:
viewtopic.php?f=11&t=19746

Regards,
Barb.-

coarse
Posts: 2
Joined: Sun Jan 14, 2018 11:29 am

Re: [SECURITY] Sandboxes leaking information to each other?

Post by coarse » Tue Jan 23, 2018 2:27 pm

Thank you for your reply, Barb. My Sandboxie settings are as follows:

Code: Select all

[Firefox]

Enabled=y
ConfigLevel=7
BlockNetworkFiles=y
Template=PaleMoon_Force
Template=Waterfox_Force
Template=Firefox_Force
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=AutoRecoverIgnore
BorderColor=#00FFFF,off
NeverDelete=n
BoxNameTitle=n
AutoRecover=y

[Mega]

Enabled=y
ConfigLevel=7
BlockNetworkFiles=y
Template=AutoRecoverIgnore
Template=Firefox_Phishing_DirectAccess
Template=Chrome_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
Template=WindowsFontCache
BorderColor=#00FFFF,off
NeverDelete=n
BoxNameTitle=n
WriteFilePath=C:\Users\coarse\
I'm running Sandboxie v5.22 (64-bit) on Windows 10.

Firefox v57.0.4 is installed outside the Sandbox, but is forced to always run inside sandbox [Firefox].

Megasync is installed inside sandbox [Mega]. It is a standalone application, not a browser extension.

Looking at Task Manager, or Sandboxie Control, both applications appear to be running within their own sandboxes. Please let me know if you need any more information to diagnose this issue.

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2337
Joined: Mon Nov 07, 2016 3:10 pm

Re: [SECURITY] Sandboxes leaking information to each other?

Post by Barb@Invincea » Wed Jan 24, 2018 11:09 am

Hello coarse,

I was able to test it and the application (MegaSync) always started Sandboxed, even when the links were accessed from a non-Sandboxed browser. This is not an issue with your sandboxes, there is no information leaking.
Applications installed inside a Sandbox are not allowed to modify your host (unless explicitly set to do so), however, they are visible to other programs on your host (sandboxed or non-sandboxed).

Regards,
Barb.-

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest