Optimize for file access configuration

Ideas for enhancements to the software
Post Reply
UserX

Optimize for file access configuration

Post by UserX » Wed Oct 01, 2008 2:34 pm

Hi!
I suggest the following extention for the file access configuration: The sandboxed program is not allowed to access any file by default. First there must be allowed access to the specific files and folders. This for example would help to handle a filesharing program very easy. Because one never knows what files of the system are really offered to the internet. I personally would use this feature for 100% of all programs.
This could be realized this way: The user should be able to invert the importance of denied and allowed access.
And second:
Another way to use sandbox for me personally could be to only use the file access controlls without any extended sandboxing functions that disables drag and drop... If that was possible one could use it for game demos that need specific system access (DirectX...) but could be deleted without any rests.
And third:
A variable for the root folder of a launched program would be conventient!

You have made a very usefull program which is the best in its cathegorie! :D
Top
SnDPhoenix
Posts: 2690
Joined: Tue Dec 26, 2006 5:44 pm
Location: West Florida

Post by SnDPhoenix » Wed Oct 01, 2008 10:53 pm

Ouch!
You want Sandboxie to block sandboxed programs off from being able to access any files/folders, except for all the files/folders you've individually allowed?
Do you know how hard that would be for users to do? How would you know which folders/files the program needs to access in order to run? Plus even if you did know, I would never want to open each individual path for every sandboxed program being run! :shock:

Wouldn't it work better to just block off access to everything manually yourself? :wink:
Top
UserX

Post by UserX » Thu Oct 02, 2008 5:34 pm

No. It's harder to determine every folder the program is not allowed to open. If I would start my program from the folder some level away from the root I would have to add every folder created at the same level and all level over it. And I would have to update this list whenever I create one in addition.
Ok, I could use a special root and create a hdd partition.
Most programs do not have access on files across the system. They only read in their home and write in their application folder in the personal folder and that's it. I don't know in which way win-API accesses are affected by normal file access configs...
I think this feature is very easy to implement and could be an option.
Top
Post Reply

Return to “Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest