Obviously a leak..... but is it worth fixing?
Moderator: Barb@Invincea
-
SnDPhoenix
- Posts: 2690
- Joined: Tue Dec 26, 2006 5:44 pm
- Location: West Florida
Obviously a leak..... but is it worth fixing?
The leak i am talking about is running partition related task. As a test i went ahead and ran my Acronis Disk Director Suite sandboxed, i then created a partition with the program and when i closed the program and deleted the contents of sandbox, the partition i created ended up happening outside the sandbox, in other words, it was still there (which doesnt suprise me as sandboxie is made to work at os level, not partition level). Heres the thing though, is it worth even worrying about, cause afaik, there arent any viruses that perfrom at partition level (and if there are, its very few), so in other words, this isnt something im really worried about.
Windows 7 SP1 x64, Sandboxie v3.70 x64 with Experimental Protection, GnuPG, OTR (Off-The-Record), Sticky Password, My Brain.
Actually a while ago I needed to backup a the contents of a hard disk on one computer and restore the contents to a partition on another disk on another computer.
Since I didn't want the backup/restore application to stay on my computer any longer than I needed it, I installed and ran that application sandboxed.
The backup application ran fine, but the restore application got access denied trying to modify the partition table and restore the data. I had to add OpenFilePath statements to make it work.
So, I have a bit of a hard time accepting what you say, because I did actually play with this, with contrary results. However, I can suggest the following.
Perhaps the Acronis is modifying the partition from its driver (if it has one?) rather than through its application. In this case, Sandboxie would not even look at the requests coming in from the driver. Sandboxie would just let them pass through and make the changes as they please.
Since I didn't want the backup/restore application to stay on my computer any longer than I needed it, I installed and ran that application sandboxed.
The backup application ran fine, but the restore application got access denied trying to modify the partition table and restore the data. I had to add OpenFilePath statements to make it work.
So, I have a bit of a hard time accepting what you say, because I did actually play with this, with contrary results. However, I can suggest the following.
Perhaps the Acronis is modifying the partition from its driver (if it has one?) rather than through its application. In this case, Sandboxie would not even look at the requests coming in from the driver. Sandboxie would just let them pass through and make the changes as they please.
tzuk
-
SnDPhoenix
- Posts: 2690
- Joined: Tue Dec 26, 2006 5:44 pm
- Location: West Florida
Well all i did was just open the program and clicked on some allocated space and click "create partition" and it happened outside the program, i didnt do any backup or restore task like you did, so how did it leak out the sandbox you might ask.....
Bingo! thats the problem, when i first tried to run the program sandboxed, it said something about no priviliges related to the driver, so i went into the ini and set BlockDriver=y to BlockDriver=n, and then it worked fine, but seeing as i had just allowed drivers, i guess thats how it was able to perform the action outside the sandbox.Perhaps the Acronis is modifying the partition from its driver (if it has one?) rather than through its application.
Windows 7 SP1 x64, Sandboxie v3.70 x64 with Experimental Protection, GnuPG, OTR (Off-The-Record), Sticky Password, My Brain.
-
Unknown_User_451
- Posts: 0
- Joined: Wed Dec 31, 1969 7:00 pm
-
SnDPhoenix
- Posts: 2690
- Joined: Tue Dec 26, 2006 5:44 pm
- Location: West Florida
Who is online
Users browsing this forum: No registered users and 1 guest
