5.01 Beta Available (latest version 5.04 RC)

[nEuDy]

Hi Sandboxie-Team,
it´s the first time, i´ve installed sandboxie on a Windows 10 System. So i´ve tried to install the latest Beta 5.03.3. After installing and rebooting the System, i get anytime on Starting a program Sandboxed the following error:
SBIE2224 Sandboxed program has crashed: SandboxieDcomLaunch.exe
It doesn´t matter how i start programs (wether to right click in sandbox control on the sandbox -> Run Sandboxed -> Run Web Browser or Run Any Program...
Also i tried to right click on a program on my system (explorer), and choose "Run Sandboxed". Everytime the same error occurs.
But at the Sandboxie Control is shows me the following programs still as active, after closing the error message:
Start.exe
SandboxieRpcSs.exe
SandboxieDcomLaunch.exe
WerFault.exe

When i´m now trying to start a new sandboxed program (actual no one of the other programs were terminated), i´ve got the window like "Run Any Program" or "Run from Start Menu".. But the programs are not shown, only a new "start.exe" occurs within the sanboxie control..

what can i do?
Thank you very much

One, I would delete the contents of your sandbox, This will also force close any running programs. Are you running any Antivirus software?

Hi Craig,
deleting the contents did not help. btw, i also created a new clean sandbox.
But i´m running an Antivirus software (Bitdefender 2015)

[Curt@invincea]

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

[Dun]

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

Well, I think I more less understand such issues, even such changes as defaults. But if you implement such workarounds, please give us a way to disable such 'features' completely in Sandboxie settings. I'm stuck with 5.01.13 ATM. Thanks for reply

[roady]

Curt@invincea wrote:
Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

Updates like this 1 weaken the protection of SandBoxie......IMHO,if some1 wants to print an internet file,be it a webpage or a whatever file,they should download it to their computer and recover from SandBoxie to print it,NOT directly from SandBoxie's sandbox....

[btm]

Fixes in 5.03.1
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

Combined 32/64 installer:
2) I removed the spooler print to file property sheet in the sandbox settings. This is too risky to allow setting it permanently in the GUI where it can easily be forgotten. You can still add AllowSpoolerPrintToFile=y manually in sandbox.ini.

Yikes I don't understand why you'd want to shoot yourself in the foot there! You had a decent start but if it's that bad of an option, why not shower the (mostly empty) page with warnings (or an extra 'are you sure prompt') instead? I hate to play the devils advocate here as I'm actually not against manually altering the ini but in order to 'appeal to the masses' a click-able option like you had would be ideal with a few extra warnings in the mix. [pardon the drunk speak] In my opinion it's easier to forget the manual changes as they aren't shown in the interface.

So a gui option was too risky but forcing open paths on everyone isn't....wow
Why not just bring back this GUI option and add those paths as a toggle selection there set to false by default? Everyone wins, no potential holes permanently opened just for the convenience of others....but it can still be opened if it is needed by the specific user.

[Mr.X]

@Curt
As you well said, please reconsider that change for the above reasons. I'm with Dun, roady and some others in other forums as well. Thank you.

[Ruan]

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

Please add me also to the list of users unhappy with this change. Security before compatibility always.

ty.

[Dun]

Maybe something like this: If SBIE detects custom (not MS) printer, the software compatibility tab will show up with [x] Printer/Print Spooler full access and it will allow things to avoid issues with printer. Easy to turn off.

[APMichael]

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

That's why I asked for a more comfortable solution: http://forums.sandboxie.com/phpBB3/view ... =4&t=21390

[Craig@Invincea]

Looks like chrome is doing the same thing too. I'm running chrome out of a portable install ( http://portableapps.com/apps/internet/g ... e_portable ) since I had some initial difficulties installing it into a sandbox.

Note, on a lighter/white background the inactive window has a black border too.

We are aware of it. But it's on the low list of priorities, and we're not even sure if this is directly a SBIE issue.

[soccerfan]

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

@Curt:
You may keep this feature out of the box for those who value comfort over security,
but for those of us who truly value security, please give us a way to disable this feature
(even if it requires digging in and editing the sandboxie.ini file or something similar).
That way, we would have a way to 'opt out' of this rather 'dangerous' (imho) precedent.
Many thanks!

[Peter2150]

I agree about this printing issue, I don't like the security hole. If I really need to print something, all I have to do is remove it from the sandbox. No biggie

[w0lfrun]

I also agree with the above posters regarding the Printing issue security hole. Security trumps convenience for me anyway, as well as for the majority I would think.

[bo.elam]

If I really need to print something, all I have to do is remove it from the sandbox. No biggie

Hi Pete, if the file is malware and it has to be run out of the sandbox in order to print it, I ll get infected.

Bo

[xy667]

I'm running Sandboxie 5.04 on Windows 10 and after updating Sandboxie to the latest version I am getting the following:

Code: Select all

SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]

Is there anything I can do to troubleshoot this? Roboform still seems to be working.