Provide Sandboxie configurations for common programs

[JimOfCR]

It is downright scary to try configuring Sandboxie for maximum protection. Forums such as Wilder Security recommend many arcane settings, some of which I have made. Are they really the best settings? Only the Sandboxie developer really knows. I would greatly appreciate a way to select from a list of optimal configurations for common programs such as IE, Firefox, Skype, etc. I would further like Sandboxie configurations optimized for extremely secure financial activity (banking, etc.) as well as perhaps somewhat less secure configurations for more general internet surfing. All canned configurations would be selected on a sandbox-by-sandbox basis. Thanks again for this huge improvement in internet security.

[MitchE323]

You have to be careful there. Forums such as Wilders have been following Sandboxie for a long time and many of the 'hints' are now staple items within the programming. It should now be an extremely rare action to edit the sandboxie.ini file directly, and then mostly to solve a specific problem. If you install the latest version and go through Sandboxie Control, you will be able to achieve the protection level you seek.

The foundation remains constant; Plan your security beforehand. What programs do you want to run in a sandbox, how many different sandboxes will you need, what restrictions do you want to place on each sandbox. These are all questions you should decide first. The encouraging thing is that all of us get better with the program with use.

[tzuk]

Are they really the best settings? Only the Sandboxie developer really knows.

Since you ask my opinion, I will repeat what Mitch said.

It should now be an extremely rare action to edit the sandboxie.ini file directly, and then mostly to solve a specific problem.

There was a time when I had to advise people to go through Sandboxie.ini because the front end to Sandboxie was underdeveloped. This time has pased.

[JimOfCR]

Thanks Mitch and tzuk. This is good to know. Planning the correct security for various programs is still somewhat scarey. I do not know what restrictions I can place on Skype's access without disabling it altogether. It may be a case of trial and error. I know I can safely block all access to the partition where I keep my data, but I'm not certain how much of the system partition can be blocked. I'm sure I cannot block access to the Registry. Skype should never start extra processes. And I am very concerned that Sandboxie has twice reported that it has blocked simulated keyboard and mouse events from Skype.exe: once a few minutes ago and once a few days ago. I usually have Skype running all day in a dedicated sandbox.

[MitchE323]

You are welcome. Keep in mind that my comment on keeping current not only applies to Wilders but also here on this very forum. You can find posts recently that spelled out this or that method of getting something done, and it is most likely now better served to stay within the Sandboxie Gui. Sandboxie is evolving quickly and the GUI is keeping pace.

In the case of Skype, I see you have a few threads going on and are suspicious as to keystroke monitoring and/or transmitting. Also there is a difficulty in getting the program to fully close, even after the GUI and tray icon have disappeared. I think you have taken the correct steps in allowing only skype.exe and skypepm.exe to even run at all and have set your data folders as closedfilepaths. If the program is up to anything, it should not be able to see anything on your computer other than a generic Windows computer. I doubt you need to block areas of the registry from these two processes, from both a security and privacy point of view.

Still, I think you have a couple of legitimate questions for the Skype people. A program that is difficult to close is one thing, but after the gui and tray icon have vanished? What is the program doing? Getting a blocked "simulated keyboard and mouse events" message is also something I would want to know about.

I notice that in the other thread you mentioned the Skype program was a beta (Skype 4.0 beta 2) - your issues may be there. Maybe try the last finished release of Skype for a few days and see if the program closes properly and does not generate any mouse or keyboard notifications.

[JimOfCR]

Thanks for your response. I first posted on this forum the issue with Skype not shutting down completely using the previous stable version of Skype: 3.8 and the previous version of Sandboxie. I then posted again after I had the problem with beta 2. tzuk's response that upgrading to Sandboxie 3.2 might resolve the Skype shutdown issue prompted me to post again when it did not do so. Please note that about 50% of the time (extremely rough estimate) Skype does exit cleanly. When it does not, Sandboxie will not exit either (probably obvious). Behavior is somewhat different now that I am on Skype 4.0 beta 2 and Sandboxie 3.2. Now, using Task Manager and after Skype's GUI presence is gone, but tasks remain present, I can now eliminate the following tasks: skypePM.exe, SandboxieRpcSs.exe and SandboxieDcomLaunch.exe. After doing this, I can restart Skype in Sandboxie and use it. Previously, I could not. I had to restart my machine in order to use Skype again. Skype.exe is the GUI, I believe. skypePM.exe is the resident piece. It is the resident piece that most likely provides the peer-to-peer support so probably Skype is doing absolutely nothing after it falsely appears to have shutdown. I am very concerned that someone, somewhere has hacked Skype and is generating keyboard and mouse events in an atempt to explore my system. For the time being, Sandboxie is able to protect my system from this ... if that is what it is. BTW - I did also submit a support request to the Skype beta testers on the shutdown issue. I am awaiting a reply. I should also have submitted one on the generated keyboard and mouse events. I will do so now. Namaste.