Hi tzuk and users! Hope you will be fine.
Sandboxie is a wonderful programme. I really like it and want to add a feature request. As I know from my past experience that Sandboxie put all virtual files in a virtual Hard Disk folder.
I wish to have a feature where all virtual files will be placed in their orginal position rather than a separater folder. They might be marked with a small colored caption icon for differentiation from non-virtual files. And when original and virtual files are in the same folder, virtual file will hav a word "virtual" added at the end of its name to keep both files in same folder.
In this way user can use Sandboxie and will have the ease of all virtual files to be located in the position where ther are expected to be. Of course Sandboxie restriction policy for all these virtual files will remain applicable and registry can be placed in a separate virtual registry folder. All these virtual files can be managed( deleted/ saved/ made non-virtual, selectively or all at once) via a central management console. This feature might be provided as an option during installation. I am sure many users will like this feature.
Currently (censored) has same feature as its default installation.
I am curious what other users think about this feature.
Thanks
All the best wishes
Location of Virtual files to be same as original ones
-
OwenBurnett
- Posts: 112
- Joined: Mon Dec 18, 2006 11:36 am
hehe...
I know this feature...
and I realy don't like it, this way a lot of data leeks into your system, data that you may want to be destroy for all eternity once you pull the plug of your PC.
OT:
I use an TC_Temp drive to store a sandbox called [Temp], the drive is Twofish encrypted with an random key generated on every boot up new, the key is stored only in ram so when i hit the reset button or pul the plug the content of this drive is effectively and for all purpose not recoverable.
Yes I'm a bit paranoid
back on topic: currently you can clean up all files by deleting the sandbox folder (ideally using a custom erase software that overwrites all files) with the *.virtual feature, this will become a really hard job to find all this virtual files and kill them one by one.
This feature would effectively compromise sandboxied use for improving privacy like the ability to browser the web and on every browser shutdown get rid of all data it gathers.
Howe ever there are 2 options how you can implement this feature safly:
1. Use this feature only for specifying folders for example for %desktop% and %personal%, jets call is SemiOpenFilePath=, or so
2. This will be hard with the current SB as it not longer hooks the SSDT, but hove ever: you could let SB manipulate all process's to see the virtual files as if they would be real (side note that's what Altiris SVS does) but as said this will be kinda problematic wit the new SB, it may work when SbieDLL.dll would be injected in the explorer (or any other selectable file manager)
Owen
I know this feature...
and I realy don't like it, this way a lot of data leeks into your system, data that you may want to be destroy for all eternity once you pull the plug of your PC.
OT:
I use an TC_Temp drive to store a sandbox called [Temp], the drive is Twofish encrypted with an random key generated on every boot up new, the key is stored only in ram so when i hit the reset button or pul the plug the content of this drive is effectively and for all purpose not recoverable.
Yes I'm a bit paranoid
back on topic: currently you can clean up all files by deleting the sandbox folder (ideally using a custom erase software that overwrites all files
) with the *.virtual feature, this will become a really hard job to find all this virtual files and kill them one by one. This feature would effectively compromise sandboxied use for improving privacy like the ability to browser the web and on every browser shutdown get rid of all data it gathers.
Howe ever there are 2 options how you can implement this feature safly:
1. Use this feature only for specifying folders for example for %desktop% and %personal%, jets call is SemiOpenFilePath=, or so
2. This will be hard with the current SB as it not longer hooks the SSDT, but hove ever: you could let SB manipulate all process's to see the virtual files as if they would be real (side note that's what Altiris SVS does) but as said this will be kinda problematic wit the new SB, it may work when SbieDLL.dll would be injected in the explorer (or any other selectable file manager)
Owen
aigle, I agree that there is room to improve how recovery of downloaded files (or any interesting file created in some way) is done.
But I don't think what you're suggesting, is the way to go.
Just examine the contents of the sandbox after you run some stuff in it . . . I wouldn't want all these files to leak outside, and I also wouldn't want to start writing up rules about which folders are ok to leak, and which aren't.
But you can probably just set OpenFilePath=%Personal%, in other words, allow full access to the My Documents folder. I don't think there's a lot of malware that wants to sit in that folder of all places. (I could be wrong, though.)
But I don't think what you're suggesting, is the way to go.
Just examine the contents of the sandbox after you run some stuff in it . . . I wouldn't want all these files to leak outside, and I also wouldn't want to start writing up rules about which folders are ok to leak, and which aren't.
But you can probably just set OpenFilePath=%Personal%, in other words, allow full access to the My Documents folder. I don't think there's a lot of malware that wants to sit in that folder of all places. (I could be wrong, though.)
tzuk
A central file management utility on main GUI window can be used to do it quite easily.OwenBurnett wrote: currently you can clean up all files by deleting the sandbox folder (ideally using a custom erase software that overwrites all files ) with the *.virtual feature, this will become a really hard job to find all this virtual files and kill them one by one.
I am not a programmer so I might be totally wrong. Does change in files position will let them escape sanbox restrictions as well? I was thinking 'not'. I just thoght from example of (censored).tzuk wrote:Just examine the contents of the sandbox after you run some stuff in it . . . I wouldn't want all these files to leak outside, and I also wouldn't want to start writing up rules about which folders are ok to leak, and which aren't.
Personaly I will not prefer my documents folder to leak.
The thing is, if you're going to put "risky" stuff outside the sandbox, then you'd want some protection applied to that risky stuff. This means Sandboxie has to get involved with the system, even when not directly running sandboxed programs. Unfortunately, this is not in the spirit of Sandboxie.
tzuk
Who is online
Users browsing this forum: No registered users and 1 guest
