Sandboxie Support

Craig@Invincea wrote:

nEuDy wrote:Hi Sandboxie-Team,
it´s the first time, i´ve installed sandboxie on a Windows 10 System. So i´ve tried to install the latest Beta 5.03.3. After installing and rebooting the System, i get anytime on Starting a program Sandboxed the following error:
SBIE2224 Sandboxed program has crashed: SandboxieDcomLaunch.exe
It doesn´t matter how i start programs (wether to right click in sandbox control on the sandbox -> Run Sandboxed -> Run Web Browser or Run Any Program...
Also i tried to right click on a program on my system (explorer), and choose "Run Sandboxed". Everytime the same error occurs.
But at the Sandboxie Control is shows me the following programs still as active, after closing the error message:
Start.exe
SandboxieRpcSs.exe
SandboxieDcomLaunch.exe
WerFault.exe

When i´m now trying to start a new sandboxed program (actual no one of the other programs were terminated), i´ve got the window like "Run Any Program" or "Run from Start Menu".. But the programs are not shown, only a new "start.exe" occurs within the sanboxie control..

what can i do?
Thank you very much

One, I would delete the contents of your sandbox, This will also force close any running programs. Are you running any Antivirus software?

Dun wrote:

Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

Curt@invincea wrote:

Dun wrote:

Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

Curt@invincea wrote:
Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

Curt@invincea wrote:Fixes in 5.03.1
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

btm wrote:

Curt@invincea wrote:Combined 32/64 installer:
2) I removed the spooler print to file property sheet in the sandbox settings. This is too risky to allow setting it permanently in the GUI where it can easily be forgotten. You can still add AllowSpoolerPrintToFile=y manually in sandbox.ini.

Yikes I don't understand why you'd want to shoot yourself in the foot there! You had a decent start but if it's that bad of an option, why not shower the (mostly empty) page with warnings (or an extra 'are you sure prompt') instead? I hate to play the devils advocate here as I'm actually not against manually altering the ini but in order to 'appeal to the masses' a click-able option like you had would be ideal with a few extra warnings in the mix. [pardon the drunk speak] In my opinion it's easier to forget the manual changes as they aren't shown in the interface.

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

Curt@invincea wrote:We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

kawaiiwolf wrote:Looks like chrome is doing the same thing too. I'm running chrome out of a portable install ( http://portableapps.com/apps/internet/g ... e_portable ) since I had some initial difficulties installing it into a sandbox.

Note, on a lighter/white background the inactive window has a black border too.

Curt@invincea wrote:

Dun wrote:

Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)

How to close this security hole you just have opened?

We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

Peter2150 wrote:If I really need to print something, all I have to do is remove it from the sandbox. No biggie