I recently started using Start/Run Access to only allow a short list of browser related programs to start/run in my Default sandbox. Is there anything in this restriction that prevents some compromised site from replacing one of one of my existing white listed programs (for instance "foxit reader.exe") with malware to bypass the Start/Run restriction?
Are portable programs more at risk from the above behavior.
To clarify, the white-listed programs which I'm asking about here are not installed as sandboxed, just launched by a sandboxed browser.
Thank you
A question about the SB setting, Start/Run Access.
Re: A question about the SB setting, Start/Run Access.
Yes. Using Foxit as an example, if you are allowing Foxit to run in a sandbox, the only Foxit that will run in that sandbox is the one thats installed in your real system. From the link, "When any Start/Run restrictions are in effect, programs that are installed (or downloaded) into the sandbox will never be allowed to start or run", even if its named Foxit or as any of the programs in the white list.TimW wrote:Is there anything in this restriction that prevents some compromised site from replacing one of one of my existing white listed programs (for instance "foxit reader.exe") with malware to bypass the Start/Run restriction?
http://www.sandboxie.com/index.php?Rest ... s#startrun
Bo
Who is online
Users browsing this forum: No registered users and 1 guest
