Page 1 of 1
[SECURITY] Sandboxes leaking information to each other?
Posted: Sun Jan 14, 2018 11:33 am
by coarse
SETUP:
I'm connected to the Internet via a VPN.
I have Firefox running in one sandbox; all history and cookies cleared.
I have MEGASync (a download manager for mega.nz) running in a separate sandbox, logged in.
PROBLEM:
In Firefox, I go to mega.nz (not logged in) and try to download a file via the browser.
The site says 'download added to MEGASync'.
MEGASync starts downloading the file.
DISCUSSION:
How does the browser know that I have MEGASync installed?
How does MEGASync capture the link from my browser?
As they are in separate sandboxes, shouldn't these programs be isolated from each other? Do I need to activate a specific setting to make this so?
Re: [SECURITY] Sandboxes leaking information to each other?
Posted: Mon Jan 15, 2018 3:39 pm
by Barb@Invincea
Hello coarse,
What are your Sandboxie settings? (Configure --> Edit configuration. Copy/paste the output here, highlight it and click on the "</>" button to format it).
Are you using any templates at all for your Sandbox?
Is Firefox (outside Sandboxie) holding a session for this particular application? (Not sure how that app works).
How are you running the application, and is it an extension or a full application? Is there anything running in the system tray, that may be outside Sandboxie?
Please provide this info so that I can test the behavior:
viewtopic.php?f=11&t=19746
Regards,
Barb.-
Re: [SECURITY] Sandboxes leaking information to each other?
Posted: Tue Jan 23, 2018 2:27 pm
by coarse
Thank you for your reply, Barb. My Sandboxie settings are as follows:
Code: Select all
[Firefox]
Enabled=y
ConfigLevel=7
BlockNetworkFiles=y
Template=PaleMoon_Force
Template=Waterfox_Force
Template=Firefox_Force
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=AutoRecoverIgnore
BorderColor=#00FFFF,off
NeverDelete=n
BoxNameTitle=n
AutoRecover=y
[Mega]
Enabled=y
ConfigLevel=7
BlockNetworkFiles=y
Template=AutoRecoverIgnore
Template=Firefox_Phishing_DirectAccess
Template=Chrome_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
Template=WindowsFontCache
BorderColor=#00FFFF,off
NeverDelete=n
BoxNameTitle=n
WriteFilePath=C:\Users\coarse\
I'm running Sandboxie v5.22 (64-bit) on Windows 10.
Firefox v57.0.4 is installed outside the Sandbox, but is forced to always run inside sandbox [Firefox].
Megasync is installed inside sandbox [Mega]. It is a standalone application, not a browser extension.
Looking at Task Manager, or Sandboxie Control, both applications appear to be running within their own sandboxes. Please let me know if you need any more information to diagnose this issue.
Re: [SECURITY] Sandboxes leaking information to each other?
Posted: Wed Jan 24, 2018 11:09 am
by Barb@Invincea
Hello coarse,
I was able to test it and the application (MegaSync) always started Sandboxed, even when the links were accessed from a non-Sandboxed browser. This is not an issue with your sandboxes, there is no information leaking.
Applications installed inside a Sandbox are not allowed to modify your host (unless explicitly set to do so), however, they are visible to other programs on your host (sandboxed or non-sandboxed).
Regards,
Barb.-