Junction and Symlink support in Sandboxie

[gyohng]

Hi,

I'm using scoop package manager inside a sandbox, and it relies on mklink /j or mklink /d logic - neither seem to function properly under Sandboxie. Is there any chance that symlinks / junctions are going to be supported?

Sandboxie 5.20
Windows 10 Pro v1703 x64
Registered Sandboxie user.

Thanks,
George.

[Syrinx]

Support for 'using' junctions and symbolic links was added in later 4.x versions, I believe, and I've used it myself in the past on my real system. In fact I currently have a couple persistent boxes where I created junctions for certain folders due to an oddity in how sandboxie handles appdata paths when a program is started via Start.exe vs ForcedFolders resulting in 'lost' preferences. A bit off topic but basically I created junctions from outside sandboxie under the sandbox at "sandbox\drive\C\Users\username" to "sandbox\user\current" to resolve these quirks...

As for creating them while under a sandbox...you seem to be correct, short of opening up paths these can't really be applied in any meaningful way from inside at the moment. I'm not familiar with Scoop but I ran a quick cmd test anyway and was able to create them 'OUTSIDE' while running under an admin sandboxed cmd prompt when the target location in question was opened via OpenPipePath or OpenFilePath but I don't know if that'll help you or not and using either Open Path option would be a huge security gap with sandboxie as you would basically let Scoop install to the real user folder if it's using links. Just going off of this:

Scoop installs programs to your home directory by default. So you don’t need admin permissions to install programs, and you won’t see UAC popups every time you need to add or remove a program.

This is actually the first time I've ever considered this scenario as I've never even a had a desire to create them from inside a sandbox before. Maybe someone else will have more constructive help to give in their reply?!