Templates for use with 64-bit Cyberfox

[Guest10]

Here are some traditional type Sandboxie templates, adapted for use with sandboxed Cyberfox 36 on 64-bit Windows.

They are written as Local Templates, so after you add them to Sandboxie's configuration file you will not find them listed at Sandbox Settings > Applications > Web Browser
They will be listed at Sandbox Settings > Applications > Local

The exclusions use a wild card character (*) in place of the path to each file or folder, so they should work regardless of the actual location of the profile files. As long as the portable version of Cyberfox uses "cyberfox.exe" (as shown in Sandboxie Control's window <- not checked), they should also work with the portable version.

In addition to the traditional templates, I have also included an alternative template that uses a whitelist approach. One template contains the exclusions for all of the Cyberfox files that you always want to be saved out of the sandbox. If you use the whitelist template, you don't need any of the other templates - unless you also want to use the Force template (assuming that you have a registered version of Sandboxie).

If you use the traditional templates instead of the whitelist template, be sure to use the "Phishing" template. It's primarily needed to keep the "safebrowsing" anti-phishing files updated while running sandboxed. These files are not saved in the profile folder in a normal install of Cyberfox, although they might be saved there in a portable install. The Phishing template will allow the anti-phishing files to be kept updated, wherever they are stored.

Copy the text in this post to your Clipboard, and save it to a Notepad document, so you can Copy and Paste from it while off line.
----

For a sandbox that you will use with Cyberfox:
(A) Open Sandboxie Control's window and right-click the sandbox name, then click...
Sandbox Settings > Applications > Local
1) Click the "Create New" button and Paste one template at a time into the window.
2) Then, click OK in the "Create New" window.
3) Repeat steps 1 and 2 until you have entered all of the local templates that you want to use.

(B) After the templates have been added, click on one of them and then click the "Add" button.
Repeat, selecting templates and clicking the Add button, until all of the templates have been applied for that sandbox [+].
Then, click OK to close the "Sandbox Settings" window.
At this point, if you have templates that you haven't applied, you will asked if you want to remove the unused templates. Answering "No" will keep those templates in the configuration file.

If you have another sandbox that will also use the template(s), you can repeat step (B) for that sandbox at:
(Right-click the sandbox name) > Sandbox Settings > Applications > Local

Only one sandbox should "Force" Cyberfox. If multiple force settings exist, the first one that is found will be the one that's used. Also, running multiple instances of Cyberfox, with each of them trying to use the same profile files, is best avoided.
------
Traditional type templates follow...


[Template_Local_Cyberfox_Force]
Tmpl.Title=Force Cyberfox to run in this sandbox (Registered version only)
Tmpl.Class=Local
Tmpl.Comment=As an alternative to this template: Sandbox Settings > Program Start > Forced Programs
ForceProcess=cyberfox.exe


[Template_Local_Cyberfox_Bookmarks_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox bookmark and history database
Tmpl.Class=Local
Tmpl.Comment=To delete the browsing history, use Cyberfox's own "Options" settings
Tmpl.Comment=Deleting browsing history will keep "session management" from working
Tmpl.Comment=Deleting browsing history will delete "thumbnails"
OpenFilePath=cyberfox.exe,*\bookmark*
OpenFilePath=cyberfox.exe,*\places*


[Template_Local_Cyberfox_Cookies_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox cookies
Tmpl.Class=Local
OpenFilePath=cyberfox.exe,*\cookies*


[Template_Local_Cyberfox_Passwords_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox passwords
Tmpl.Class=Local
Tmpl.Comment=Applies to Firefox derivatives, version 32 and later
Tmpl.Comment=Previous to version 32: signons.sqlite was used instead of logins.json
OpenFilePath=cyberfox.exe,*\logins.json
OpenFilePath=cyberfox.exe,*\key3.db


[Template_Local_Cyberfox_Phishing_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox phishing database and blocklist files
Tmpl.Class=Local
Tmpl.Comment=On a normal install, the "safebrowsing" folder is beneath AppData\Local
OpenFilePath=cyberfox.exe,*\cert8.db
OpenFilePath=cyberfox.exe,*\blocklist.xml
OpenFilePath=cyberfox.exe,*\safebrowsing\*


[Template_Local_Cyberfox_Session_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox session management
Tmpl.Class=Local
Tmpl.Comment=This won't work if you delete browsing history
OpenFilePath=cyberfox.exe,*\sessionstore.js
OpenFilePath=cyberfox.exe,*\sessionstore-backups\*


[Template_Local_Cyberfox_Thumbnails_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox thumbnails folder
Tmpl.Class=Local
Tmpl.Comment=If you delete browsing history, thumbnails will be deleted
Tmpl.Comment=The "thumbnails" folder is beneath AppData\Local, not AppData\Roaming
OpenFilePath=cyberfox.exe,*\thumbnails\*


[Template_Local_Cyberfox_Settings_DirectAccess]
Tmpl.Title=Allow direct access to Cyberfox preferences
Tmpl.Class=Local
Tmpl.Comment=The exclusions for "search" and "xulstore" allow changes to the search engine setting
OpenFilePath=cyberfox.exe,*\prefs.js
OpenFilePath=cyberfox.exe,*\search*
OpenFilePath=cyberfox.exe,*\xulstore.json


If you've picked the templates that you want from the above, then you don't need the following one.
If you use this one, read the template comments.

[Template_Local_Cyberfox_Profile_DirectAccess]
Tmpl.Title=Allow direct access to entire Cyberfox profile folder
Tmpl.Class=Local
Tmpl.Comment=This template only works if the Cyberfox profile is in its default folder beneath AppData\Roaming
Tmpl.Comment=You also need to use the Phishing template, if you use this one
Tmpl.Comment=If you want to save thumbnails, you also need the Thumbnails template
OpenFilePath=cyberfox.exe,%AppData%\8pecxstudios\Cyberfox\Profiles\*\


------
An alternative approach:
You could use just one "whitelist" template. All of the files/folders that you want to save out of the sandbox are listed in one template. You would only use this one template, unless you also wanted to use the Forcing template. This is the same approach that I use for 2 of my Firefox profiles, both of which make use of the same whitelist template.


[Template_Local_Cyberfox_Whitelist]
Tmpl.Title=My Cyberfox whitelisted files and folders
Tmpl.Class=Local
OpenFilePath=cyberfox.exe,*\bookmark*
OpenFilePath=cyberfox.exe,*\places*
OpenFilePath=cyberfox.exe,*\cookies*
OpenFilePath=cyberfox.exe,*\logins.json
OpenFilePath=cyberfox.exe,*\key3.db
OpenFilePath=cyberfox.exe,*\cert8.db
OpenFilePath=cyberfox.exe,*\blocklist.xml
OpenFilePath=cyberfox.exe,*\safebrowsing\*
OpenFilePath=cyberfox.exe,*\sessionstore.js
OpenFilePath=cyberfox.exe,*\sessionstore-backups\*
OpenFilePath=cyberfox.exe,*\thumbnails\*
OpenFilePath=cyberfox.exe,*\prefs.js
OpenFilePath=cyberfox.exe,*\search*
OpenFilePath=cyberfox.exe,*\xulstore.json


Here are a few exclusions for files and extensions that I use for Firefox, that also seem to apply with Cyberfox, and the OpenFilePath=... settings could be added to the list, above.
Listed, in order:
The Cyberfox personal (spelling) dictionary file;
"Adblock Plus" and "Element Hiding Helper For AdBlock Plus" extensions;
"Paste Email Plus" extension

OpenFilePath=cyberfox.exe,*\persdict.dat
OpenFilePath=cyberfox.exe,*\adblockplus\*
OpenFilePath=cyberfox.exe,*\pasteemailplus.json

[Mr.X]

Thanks a lot for sharing.

[Mandrake]

Thank you very much.
It's OK

[Nix]

@Guest10

Just trying out "Cyberfox", do I really need to add those templates or does forcing it sandbox is enough?!

[Guest10]

@Guest10

Just trying out "Cyberfox", do I really need to add those templates or does forcing it sandbox is enough?!

You don't "need" to add anything, unless you want to allow items like bookmarks, passwords, cookies, etc out of the sandbox - to be saved in case you decide to delete the sandbox contents. Otherwise, those items will stay in the sandbox. For a short trial, that wouldn't be a bad choice.

Then again, maybe you might want to try installing Cyberfox inside of a sandbox, until you decide if it's worth installing outside.
For me, it's hard to justify running the current 32-bit Firefox, instead of 64-bit Cyberfox, because the latter starts up so much faster. When the stable version of 64-bit Firefox v39 is released (maybe this week), that difference may not exist.

[Nix]

I see... Installed it outside as it's much faster than Firefox(x86) even when sandboxed. When Firefox released its own native x64 bit probably gonna switch again to that, unless cyberfox proves to be much faster.

Thanks!

[Craig@Invincea]

Thanks for the template! One of the things I'd like to work on is gathering up all these custom templates and placing them in a new Forum section for easier access.
-Craig

[bjm]

Thanks for the template! One of the things I'd like to work on is gathering up all these custom templates and placing them in a new Forum section for easier access.
-Craig

Is there a Forum section for custom templates / local templates...?
Thanks

[Craig@Invincea]

Thanks for the template! One of the things I'd like to work on is gathering up all these custom templates and placing them in a new Forum section for easier access.
-Craig

Is there a Forum section for custom templates / local templates...?
Thanks

Excellent question, the one thing we want to do is consolidate all the user submitted templates into a separate forum. Right now there are spread all over. I hope to get started on that soon.

[Nix]

Is my PC at risk if I gave Cyberfox(sandbox) full access on its profile folder, let say an a exploit manage to sneak thru deployed ransomware or any other malware?! Am I making a hole on sandboxie defense?!

[Craig@Invincea]

Is my PC at risk if I gave Cyberfox(sandbox) full access on its profile folder, let say an a exploit manage to sneak thru deployed ransomware or any other malware?! Am I making a hole on sandboxie defense?!

Anytime you're giving access to your host machine you're opening a hole. What can happen, that is an unknown.

Ronen had some thoughts about that here: http://www.sandboxie.com/index.php?FirefoxTips (end of document.)

[Nix]

Anytime you're giving access to your host machine you're opening a hole. What can happen, that is an unknown.

Ronen had some thoughts about that here: http://www.sandboxie.com/index.php?FirefoxTips (end of document.)

What other file should have full access if I want to keep my extensions updated other than the extension folder?!