Sandboxie Support

Posted: **Thu Apr 11, 2013 6:33 pm**

I have found (using 4.01.05) that I can cause "System" to have locks on the 2 Reghive files in a sandbox just by sandboxing a program that is not listed in the Start/Run Restrictions list.

With these programs in the list:
ProcessGroup=<StartRunAccess>,firefox.exe,plugin-container.exe,flashgot.exe

Sandboxing Notepad gives:
2013-04-11 18:09:18 SBIE1308 Program cannot start due to restrictions - notepad.exe [Test_Start_Run]
2013-04-11 18:09:18 SBIE2314 Canceling process notepad.exe

Double-clicking the SBIE2222 line to allow Notepad to run gives:
ProcessGroup=<StartRunAccess>,firefox.exe,plugin-container.exe,flashgot.exe,notepad.exe

With no programs running at this time, and the sandbox set to auto-delete, delete contents fails (not renamed).
Manual Delete Contents is unable to delete contents due to "System" locks.

Notepad will run the next time it's tried, but when the program ends the sandbox still cannot be renamed or deleted.
So far, I've had to reboot to delete the contents of the 3 sandboxes that I've tried this with.
-----
[Test_Start_Run]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
NotifyStartRunAccessDenied=y
AutoDelete=y
ProcessGroup=<StartRunAccess>,firefox.exe,plugin-container.exe,flashgot.exe
ClosedIpcPath=!<StartRunAccess>,*

Posted: **Thu Apr 11, 2013 11:01 pm**

I can reproduce this on XP and W7 32bits. I am seeing same messages as Guest10 when I right click on a file and choose to run it sandboxed in a sandbox where the file has not Start/Run access. The sandbox doesn't delete when it closes even though it is set to delete on closing and Reghive files remain in the sandbox.

Bo

Posted: **Fri Apr 12, 2013 12:00 am**

Had the same problem using 4.01.05. I have went back to version 3.76 and no problem with deletion. Windows 7 64bit. (Just wanted to add that I have KB2813170 update installed and 3.76 is working o.k..)
Along with Windows 7 64 bit also have MBAM pro, MSE, Windows firewall, UAC and my browser is Pale Moon with NoScript and Adblock plus Macrium Reflect as backup.

Posted: **Fri Apr 12, 2013 2:44 am**

Thanks, I'll check it out!

Posted: **Mon Apr 22, 2013 6:43 am**

Please check version 4.01.06.

Posted: **Mon Apr 22, 2013 3:27 pm**

Fixed for me, W7 SP1 32Bits. I ll try .06 in my XP later today.

Bo

Posted: **Mon Apr 22, 2013 6:32 pm**

Fixed for me, on XP.

Posted: **Mon Apr 22, 2013 7:18 pm**

Ahh, I hadn't seen this thread before, and I just had the RegHive locked/in use when trying to manually delete the sandbox before upgrading to .06... I thought that was odd, since I think I've only had that previously if Regedit was open (or maybe open to the particular RegHive) when the sandbox became inactive. Turns out I accidentally tried to run more.com yesterday when I only have *.exe allowed to start, so I guess that's why. Nice find Guest10!

And I never want to restart for any reason if I can help it, so I was able to fix it by manually unloading the Sandbox_..._... hive from Regedit.

Posted: **Tue Apr 23, 2013 12:01 am**

Guest10 wrote:Fixed for me, on XP.

Same here.

Bo

Sandboxie Support

[.06] Causes sandboxes to not delete

[.06] Causes sandboxes to not delete

Causes sandboxes to not delete