Enable Blocked Folders

Ideas for enhancements to the software
Post Reply
elcasey
Posts: 33
Joined: Mon Jun 02, 2008 8:22 pm

Enable Blocked Folders

Post by elcasey » Wed Jun 04, 2008 12:39 pm

Regarding a recent thread, it was talking about making a sandboxie with a firewall. I said that this was unneeded, that you can simply deny access to your hard drive by sandboxie. Well, I was wrong. I know, this may come as a shock to some of you. I can't hardly believe it myself ;) lol

Posted by Tzuk in a thread in response to a ? of mine:
Regarding your question, sandboxes should be able to read each other's folders, but if this bothers you, then you can use the Sandbox Settings -> Resource Access -> File Access -> Blocked Access settings page to add the folder of sandbox A into the configuration of sandbox B, and vice versa.
I missinterpreted that as a way to block hard drive access to all of C:\ However, after trying this, I found out that if you block all hard drive access for sandboxie, sandboxie can't open anything, because it's all on the blocked hard drive!

Would it be difficult to put in another tab underneath "Blocked Folders" that would have an "enable blocked folders" function? So you could block all access to C:, but allow, say C:\program files\mozilla firefox?

Thanks, and please keep me posted.

Keep it cool,
-elcasey 8)
Top
tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Wed Jun 04, 2008 3:01 pm

Unfortunately this isn't practical, because programs need access to a lot of folders to function properly.

On a more general note I would say that you don't need to block access to the content of your drive, all you need is to encrypt your sensitive information. There are some great programs that do this, like password safes and encrypted drives.
tzuk
Top
elcasey
Posts: 33
Joined: Mon Jun 02, 2008 8:22 pm

Post by elcasey » Wed Jun 04, 2008 4:07 pm

Tzuk,

Do you think that if I disabled all programs from accessing the internet through the sandboxie settings, except for my web browser, that it would keep malware installed in the sandbox from reporting back to the server?

Or could they just bump a ride along the IE railroad, like behind the scenes?

Thanks!

Keep it Cool,
-elcasey 8)
Top
tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Thu Jun 05, 2008 5:23 pm

That's correct to say that malware could inject itself into the browser and get a free ride to the Internet. You can read more about that here -

http://www.sandboxie.com/index.php?Dete ... ers#defend
tzuk
Top
elcasey
Posts: 33
Joined: Mon Jun 02, 2008 8:22 pm

Post by elcasey » Thu Jun 05, 2008 9:51 pm

Ok, I'm probably getting annoying asking all these ?'s about keyloggers. But I always like to understand everything if possible. Knowledge is key they say :D

If there is a keylogger in a sandbox, then I know if I run a web-browser inside the sandbox and type in my credit card number, I deserve the brilliant idiot award.

However, if there is a keylogger in a sandbox, and I run a web browser outside of the sandbox, can the keylogger log credit card entries outside the sandbox from inside the sandbox and report back to home?

Thanks a million.

Keep it cool,
-elcasey 8)
Top
tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Fri Jun 06, 2008 6:04 am

There are probably experimental (non-malicious) key-loggers that you can download and try and experiment with.
tzuk
Top
SnDPhoenix
Posts: 2690
Joined: Tue Dec 26, 2006 5:44 pm
Location: West Florida

Post by SnDPhoenix » Fri Jun 06, 2008 5:52 pm

You can try this free and non-malicious keylogger:
http://sourceforge.net/projects/bfk/
Top
Post Reply

Return to “Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest