Cannot launch child process in a different sandbox
Cannot launch child process in a different sandbox
I was excited to try and put as many programs as possible in their own sandboxes from a fresh Windows install. Sandboxie 3.442, 32bit. Windows 7, 32bit.
However, this becomes a problem when sandboxed programs want to launch another program (e.g. Firefox) which you want to run from another sandbox or unsandboxed.
I propose an option that allows you to customise this.
E.g. One or more of the following, for all sandboxed processes:
- Show a dialogue for all child process creation attempts, allowing the user to choose which sandbox the program should run in (and maybe modify command line arguments, perhaps including the program path itself). Of course, this should be a per-sandbox option that is disabled by default.
-- These decisions could be "remebered" or could be specified in sandbox settings.
- If a child process creation attempt is for a program that is in a different sandbox (or forced to run in a different sandbox), show a dialogue asking the user if they wish to launch the program in the other sandbox (similar to above), or do it automatically (depending on sandbox settings).
I think this feature will be invaluable for using sandboxes on a more permanent basis, as it is not really realistic for me to e.g. copy links from a sandboxed application to a web browser. The feature could be disabled by default to avoid confusion. It may not be suitable for programs that frequently launch other programs (but this can be recognised by the user and the option can be re-disabled or filters can be specified). This is a key feature that prevents me from using Sandboxie in many situations.
(Appologies if this is more of a feature request but this could equally be considered as a problem.)
Thanks,
Paul
However, this becomes a problem when sandboxed programs want to launch another program (e.g. Firefox) which you want to run from another sandbox or unsandboxed.
I propose an option that allows you to customise this.
E.g. One or more of the following, for all sandboxed processes:
- Show a dialogue for all child process creation attempts, allowing the user to choose which sandbox the program should run in (and maybe modify command line arguments, perhaps including the program path itself). Of course, this should be a per-sandbox option that is disabled by default.
-- These decisions could be "remebered" or could be specified in sandbox settings.
- If a child process creation attempt is for a program that is in a different sandbox (or forced to run in a different sandbox), show a dialogue asking the user if they wish to launch the program in the other sandbox (similar to above), or do it automatically (depending on sandbox settings).
I think this feature will be invaluable for using sandboxes on a more permanent basis, as it is not really realistic for me to e.g. copy links from a sandboxed application to a web browser. The feature could be disabled by default to avoid confusion. It may not be suitable for programs that frequently launch other programs (but this can be recognised by the user and the option can be re-disabled or filters can be specified). This is a key feature that prevents me from using Sandboxie in many situations.
(Appologies if this is more of a feature request but this could equally be considered as a problem.)
Thanks,
Paul
Hello,
pauluscod, I fully agree with your request.
For example, it is unfortunate that by clicking on a link in my mailer (The Bat!), my browser (Opera) opens in the sandbox of the mailer and not in its own.
Is that the feature is possible or not?
pauluscod, I fully agree with your request.
For example, it is unfortunate that by clicking on a link in my mailer (The Bat!), my browser (Opera) opens in the sandbox of the mailer and not in its own.
Is that the feature is possible or not?
Last edited by Sacles on Fri Jun 11, 2010 11:16 am, edited 2 times in total.
Precisely.LittleGuest wrote:This would be an excellent addition, providing things were disabled by default I cannot see how it could cause a problem to security, after all there's little to stop somebody unfamiliar with things to giving a sandbox full access to their C drive.
When enabled, it may be annoying for programs that constantly create processes, but hopefully the user could just choose "Always start this program in the (same) sandbox - don't ask me again". Or, "Always start this program in the following sandbox". Or, "Always start this program in the following sandbox when launched by X". Perhaps leave this detailed type of customisation for the settings page. E.g.
(Presumably, these options would be per sandbox.)
Code: Select all
Program creating a process Process being launched Sandbox
=====================================================================
* C:\...\firefox.exe firefox
C:\...\msvs.exe C:\...\bin\link.exe current sandbox
I'm afraid you will have to be patient for quite some time.
This is not to say that I don't find value in this feature request at all.
However most people do seem to be able to get by without it. And at the same time, I have very many issues that I consider more important, and I plan to address those before expanding into new features.
This is not to say that I don't find value in this feature request at all.
However most people do seem to be able to get by without it. And at the same time, I have very many issues that I consider more important, and I plan to address those before expanding into new features.
tzuk
I just wanted to check if this feature still has a chance of being implemented. I saw this thread:
http://www.sandboxie.com/phpbb/viewtopic.php?t=10281
which I think has a similar idea. In that thread, it is suggested that forced programs open in their respective sandbox, even when created from within a different sandbox.
I would personally love to see a popup for each child process (although, multiple child processes could actually be dealt with from a single window, with next and back buttons, to avoid flooding the user with windows). The sandbox would then "learn" how to treat certain process creations. This would be similar to other security software that allows the user to have more control if they choose and let the security program remember their actions, which are discovered as needed. The difference is that Sandboxie has a great foundation on which to build. All of the memory could be based upon a few simple expressions with wildcards (as posted above).
I think this feature could really make Sandboxie more desirable to those that are enthusiastic about security and organisation/isolation. I don't think Sandboxie is currently usable in the long term because of the absence of this feature; instead, it is mostly used (by me at least) as a safe way to test and inspect software, a way to run different versions of software so that they don't conflict and for some rarely used tools that might not be trustworthy or that just generally leave files everywhere. It would be nice to have certain high-risk software (e.g. web browser, email client) in a sandbox (as is the intention?), but it is difficult in the long term due to other processes being launched and polluting the current sandbox (and possibly not having any of the settings from a different sandbox). Sandbox snapshots/checkpoints may also prove useful in this situation. I think people manage without this feature because they are not considering this use case, which could potentially become very popular. It also may encourage more purchases, as only registered users could take advantage of this. If implemented, a video demonstrating this use case might be a helpful way to introduce it (although this is probably thinking too far ahead!).
http://www.sandboxie.com/phpbb/viewtopic.php?t=10281
which I think has a similar idea. In that thread, it is suggested that forced programs open in their respective sandbox, even when created from within a different sandbox.
I would personally love to see a popup for each child process (although, multiple child processes could actually be dealt with from a single window, with next and back buttons, to avoid flooding the user with windows). The sandbox would then "learn" how to treat certain process creations. This would be similar to other security software that allows the user to have more control if they choose and let the security program remember their actions, which are discovered as needed. The difference is that Sandboxie has a great foundation on which to build. All of the memory could be based upon a few simple expressions with wildcards (as posted above).
I think this feature could really make Sandboxie more desirable to those that are enthusiastic about security and organisation/isolation. I don't think Sandboxie is currently usable in the long term because of the absence of this feature; instead, it is mostly used (by me at least) as a safe way to test and inspect software, a way to run different versions of software so that they don't conflict and for some rarely used tools that might not be trustworthy or that just generally leave files everywhere. It would be nice to have certain high-risk software (e.g. web browser, email client) in a sandbox (as is the intention?), but it is difficult in the long term due to other processes being launched and polluting the current sandbox (and possibly not having any of the settings from a different sandbox). Sandbox snapshots/checkpoints may also prove useful in this situation. I think people manage without this feature because they are not considering this use case, which could potentially become very popular. It also may encourage more purchases, as only registered users could take advantage of this. If implemented, a video demonstrating this use case might be a helpful way to introduce it (although this is probably thinking too far ahead!).
I still plan to implement the feature as discussed in the other topic, and even a few related features, so it's just a matter of prioritizing the various fixed, changes and features that I have on my to-do list. But I will get to this.
As for HIPS-like popups, I have to say that is not the style that I see for Sandboxie, and won't be implementing something like this. But I'll figure something out to make this aspects of the configuration more coherent, and not be a set of disconnected settings in various Sandbox Settings pages of different sandboxes.
As for HIPS-like popups, I have to say that is not the style that I see for Sandboxie, and won't be implementing something like this. But I'll figure something out to make this aspects of the configuration more coherent, and not be a set of disconnected settings in various Sandbox Settings pages of different sandboxes.
tzuk
This would be the main feature I'd want added to Sandboxie.
The way around it for me was to place related applications (browser, email, PDF) in the same box - and to give each process/exe their own individual restrictions. Sandboxie is so powerful as an anti-executable that I'm not greatly worried at this setup.
I wouldn't want an all-encompassing setting though for 'forced programs' to escape from one sandbox into another - as that would be too far reaching and could result in data leakage. You'd need an extra setting for more 'risky' sandboxes to opt-out of it, thus contributing to endless complexity...
The way around it for me was to place related applications (browser, email, PDF) in the same box - and to give each process/exe their own individual restrictions. Sandboxie is so powerful as an anti-executable that I'm not greatly worried at this setup.
I wouldn't want an all-encompassing setting though for 'forced programs' to escape from one sandbox into another - as that would be too far reaching and could result in data leakage. You'd need an extra setting for more 'risky' sandboxes to opt-out of it, thus contributing to endless complexity...
Just checking in to see if there is any progress on this idea (which I may have missed).
Perhaps the initial idea was a bit much. Perhaps just a simple option: "When opening web URLs, ask whether to use an unsandboxed browser?" (checkbox)
...which would be off by default.
Or perhaps the option could apply to all URLs, as I believe applications can sometimes handle certain "protocols". E.g. steam://...
Thanks!
Perhaps the initial idea was a bit much. Perhaps just a simple option: "When opening web URLs, ask whether to use an unsandboxed browser?" (checkbox)
...which would be off by default.
Or perhaps the option could apply to all URLs, as I believe applications can sometimes handle certain "protocols". E.g. steam://...
Thanks!
Who is online
Users browsing this forum: No registered users and 0 guests