I've been though "getting started" but am still confused, soz.
If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?
If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.
Sorry I don't get it!
confused...[SOLVED]
-
- Sandboxie Support
- Posts: 67
- Joined: Mon Oct 20, 2014 12:58 pm
Re: confused...
Hello-
Thank you for your interest in Sandboxie! Please reference the Help and FAQ section here: https://www.sandboxie.com/FrequentlyAskedQuestions
Specifically, the "How does Sandboxie protect me, technically?" question.
Thank you for your interest in Sandboxie! Please reference the Help and FAQ section here: https://www.sandboxie.com/FrequentlyAskedQuestions
Specifically, the "How does Sandboxie protect me, technically?" question.
Re: confused...
In a short paragraph. Programs in the sandbox have Read only access to files outside the sandbox. This allows sandboxed programs to interact seamlessly with the system, files and programs outside the sandbox. So, sandboxed programs can read but can not write, can not make changes outside the sandbox unless you allow the changes. To prevent from getting your personal and sensitive files from being read or stolen by sandboxed programs, you can block programs in the sandbox from accessing sensitive files and folders via Sandbox settings.gascar wrote: ↑Fri Sep 01, 2017 3:25 pmI've been though "getting started" but am still confused, soz.
If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?
If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.
Sorry I don't get it!
Bo
Re: confused...
I'd read the FAQ,, I don't understand all I'm reading.bo.elam wrote: ↑Tue Sep 05, 2017 4:07 pmIn a short paragraph. Programs in the sandbox have Read only access to files outside the sandbox. This allows sandboxed programs to interact seamlessly with the system, files and programs outside the sandbox. So, sandboxed programs can read but can not write, can not make changes outside the sandbox unless you allow the changes. To prevent from getting your personal and sensitive files from being read or stolen by sandboxed programs, you can block programs in the sandbox from accessing sensitive files and folders via Sandbox settings.gascar wrote: ↑Fri Sep 01, 2017 3:25 pmI've been though "getting started" but am still confused, soz.
If I run Firefox in the sandbox, download a .exe ( raw picture file converter), it won't be able to access files outside the sandbox, right? So how can it work?
How will I know if it HAS accessed, maybe written, stuff outside the sandbox?
If it can read a raw picture file on say an sd card, it can read all my files..., save details, wait until it's "recovered" , use them, whatever.
Sorry I don't get it!
Bo
Bo -
Thanks -the highlighted nugget clarifies it I think. If I'm not getting it wrong, the sandboxed program can read what it likes, unless I am knowledgeable enough to know what to prevent it accessing, (I'm not).
If no damage is apparent to me because I didn't see it or get an error message (I havent found examples) then I declare the program safe. Thereafter it can do whatever damage it wants to .
Is there a warning if the program attempts to write to default "inappropriate" areas?
Re: confused...
Correct,
You can prevent a program reading a directory using sandboxie control. Hit the sandbox drop down menu -> sandbox (for instance defaultbox) ->
sandbox settings. Then in the new window expand "resource access" -> "File access" and click "Blocked access". You can then click add and choose a path that you want to prevent the program accessing. There's also a Write-only setting in the same location which can be used to make a folder look empty to the program running in sandboxie instead of just denying access.
Programs can tell if they're running within a sandbox. If the program is malicious it may avoid doing anything untoward in the hopes you'll declare it safe and run it outside the sandbox.
It's generally advised that if you don't trust the program in the first place then just leave it running in a sandbox for security. If you find it inconvenient to use within a sandbox then I, and others on here, can teach you a number of tweaks to make life easier without installing the software outside of sandboxie.
There's no warning with a default setup. When a program running in sandboxie attempts to write a file to the system the file is redirected to a sandbox folder instead. The sandbox folder can be found in "C:\sandbox", if you have a default setup. The program thinks it's saved to the system successfully but in actual fact sandboxie is just lying to it. If the program queries the contents of the same folder sandboxie will first check the contents of the sandbox and if it finds files it will display those along side (or instead of) the files in the actual location.
If you want to see where the program has written files to you can browse "C:\sandbox\username\sandboxname". You can also use sandboxie control for this by clicking the "View" drop down menu and clicking "Files and Folders". Once you select the sandbox on the right hand side you can browse files and folders created in the sandbox by expanding the tree view in the central window.
Hope this made sense.
Re: confused...
Great answer RooJ, thanks so much
Re: confused...
Thats OK. Some its going to stick, that's what matters. Eventually all about Sandboxie is going to make sense. When I first started using Sandboxie, all I wanted to know on day 1 was how to delete the sandbox, how to save bookmarks and downloads out of the sandbox. And how my antivirus interacted with Sandboxie. The rest came later (and still coming).
Sandboxie users block all type of files and folders. Personally, I only block personal and sensitive files and folders, nothing else. I dont block any system files, Program files, AppData, none. Some people get into I am going to block this and block that, for security. In my opinion, that's unnecessary. So really, its not that hard to figure what files to prevent sandboxed programs from having access to. Basically, files and folders where you keep files that if stolen, they ll cost you money, that can be used to identify you, your banking accounts, credit cards, your company files, social security, anything that can be used to steal your identity.
Like RooJ said, sandboxed programs can usually tell when they are running sandboxed, so dont get into the habit of using Sandboxie for telling if a program is clean or not, thats not the proper way of using Sandboxie. Personally, just about every file and program that runs in my computers, runs sandboxed every time they run. Files that I download, run sandboxed during their lifetime in my computer. They run sandboxed till the day they get deleted. There are exceptions but this are rare. I don't concern myself with files and programs that run in the sandbox, my only concern is with files that I recover and execute out of the sandbox.gascar wrote: ↑Wed Sep 06, 2017 5:31 amIf no damage is apparent to me because I didn't see it or get an error message (I havent found examples) then I declare the program safe. Thereafter it can do whatever damage it wants to .
Is there a warning if the program attempts to write to default "inappropriate" areas?
Bo
Who is online
Users browsing this forum: No registered users and 0 guests