I have a question.
I always execute firefox in a sandboxe. But if I download and execute a virus in the same sandboxe, the virus can't infect my system with sandboxie
But it can get my personal and important data.
For example, it can read the list of my password saved by firefox (key.db).
Is it possible to block the access to key.db file for all program except firefox ?
Improve the security of its browser ?!
Re: Improve the security of its browser ?!
Add this line to your Sandboxie.ini (in the sandbox where Firefox runs):
Code: Select all
ClosedFilePath=!firefox.exe,key.db
Windows 8.1 x64/x86 EN | Sandboxie latest beta or stable | All software latest versions unless stated otherwise
Re: Improve the security of its browser ?!
Oh my god. It works.
It's perfect ! I'm very happy, my passwords were very safe now. It's a very good news.
But I have an other question..
And if it's possible to have better (but it's already perfect).
My firefox is always in a sandboxe and only it can read the key.db.. But my system (go out the sandboxe) can read it.
So if my system is really infected by a virus ouside the sandboxe, it can read my password.
Is it possible to remove the key.db in my real system, and keep it only in my sandboxe with firefox ?
It s a very very safe
Note: But I automatically my sandboxie. So is it possible to remove the sandboxe automatically but make an exception on the key.db.
It's perfect ! I'm very happy, my passwords were very safe now. It's a very good news.
But I have an other question..
And if it's possible to have better (but it's already perfect).
My firefox is always in a sandboxe and only it can read the key.db.. But my system (go out the sandboxe) can read it.
So if my system is really infected by a virus ouside the sandboxe, it can read my password.
Is it possible to remove the key.db in my real system, and keep it only in my sandboxe with firefox ?
It s a very very safe
Note: But I automatically my sandboxie. So is it possible to remove the sandboxe automatically but make an exception on the key.db.
Last edited by laclac1 on Mon Mar 30, 2015 1:41 pm, edited 1 time in total.
Re: Improve the security of its browser ?!
Hi,
I find a solution, I use the parameter DeleteCommand.
I include the line in the Sandboxie.ini.
DeleteCommand =c:\security.bat "%SANDBOX%"
And in the bat file I writed:
Now I can empty the real key.db and logins.json of Firefox.
The only good file will be in the sandboxe with a access very secure.
So if a virus attack my computer:
- In the sandboxe, he is block by the closepath
- And outside the sandboxe, the file is empty.
So it’s impossible a program get my passwords.
We can make this with a lot of programs. For example, the password of Filezilla available in the sitemanager, very easy to hack. Or Chrome.
We can secure it with the same method.
Note: If you have an ideo to improve my script, or a feedback
I find a solution, I use the parameter DeleteCommand.
I include the line in the Sandboxie.ini.
DeleteCommand =c:\security.bat "%SANDBOX%"
And in the bat file I writed:
Code: Select all
:: Save Login/Password
move "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\ekarny6u.default\key.db" "%TEMP%\key.db"
move "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\ekarny6u.default\logins.json" "%TEMP%\logins.json"
:: Remove the Sandboxe
RMDIR /s /q "%1"
:: Restore Login/Password
md "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\ekarny6u.default\"
move "%TEMP%\key.db" "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\ekarny6u.default\key.db"
move "%TEMP%\logins.json" "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\ekarny6u.default\logins.json"
The only good file will be in the sandboxe with a access very secure.
So if a virus attack my computer:
- In the sandboxe, he is block by the closepath
- And outside the sandboxe, the file is empty.
So it’s impossible a program get my passwords.
We can make this with a lot of programs. For example, the password of Filezilla available in the sitemanager, very easy to hack. Or Chrome.
We can secure it with the same method.
Note: If you have an ideo to improve my script, or a feedback
Re: Improve the security of its browser ?!
HI,
I have a problem,
When you active the “automatically delete”, the sandboxe has a new name on each session.
So when I restore my key file, it’s on the old sandboxe. So it’s without effect.
I should disable the “automatically delete”, if I want the same name.
But if I disable this option, the DeleteCommand command is never called.
So my solution doesn’t work.
Do you have an idea ?
I have a problem,
When you active the “automatically delete”, the sandboxe has a new name on each session.
So when I restore my key file, it’s on the old sandboxe. So it’s without effect.
I should disable the “automatically delete”, if I want the same name.
But if I disable this option, the DeleteCommand command is never called.
So my solution doesn’t work.
Do you have an idea ?
Re: Improve the security of its browser ?!
Ok, I found the solution.
Code: Select all
:: Save Login/Password
move "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\jzxafyuy.default-1424544488418\key3.db" "%TEMP%\key3.db"
move "%1\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\jzxafyuy.default-1424544488418\logins.json" "%TEMP%\logins.json"
:: Remove the Sandboxe
RMDIR /s /q "%1"
:: Restore Login/Password
md "C:\Sandbox\myuser\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\jzxafyuy.default-1424544488418\"
move "%TEMP%\key3.db" "C:\Sandbox\myuser\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\jzxafyuy.default-1424544488418\key3.db"
move "%TEMP%\logins.json" "C:\Sandbox\myuser\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\jzxafyuy.default-1424544488418\logins.json"
Who is online
Users browsing this forum: No registered users and 1 guest