Restrict program from reading my files
-
- Posts: 3
- Joined: Fri Dec 22, 2017 3:58 pm
Restrict program from reading my files
If I'm not mistaken, when I run a program in sandboxie, it can still read my files, right? For example, when I installed and ran firefox from a sandbox, it still used my preferences, bookmarks and plugins from my actual firefox installation, what if I wanted a completely isolated copy of firefox to run in sandboxie, is this possible?
Re: Restrict program from reading my files
As you learned, programs can see outside of a sandbox. A work around to what you want is to have FF always in a sandbox and not installed outside of Sandboxie. I currently have 30+ sandboxes with FF and none of them see the settings of another, even when running at the same time.
If you need FF outside of a sandbox for some reason, the other option is to use Blocked Process Access created by wraithdu. Implementing this, will block programs from seeing outside of its own sandbox. This is listed in Contributed Utilities & Templates on the main forum page.
viewtopic.php?f=22&t=4885
If you need FF outside of a sandbox for some reason, the other option is to use Blocked Process Access created by wraithdu. Implementing this, will block programs from seeing outside of its own sandbox. This is listed in Contributed Utilities & Templates on the main forum page.
viewtopic.php?f=22&t=4885
-
- Posts: 3
- Joined: Fri Dec 22, 2017 3:58 pm
Re: Restrict program from reading my files
Thanks for your reply. That's a great idea to have multiple firefox isntallation inside sandboxie. Although I would prefer a real one. I was playing with the File access options. If I add my whole AppData folder to "Blocked access", firefox refuses to install at all, and if I add AppData to "Write only access", it installs fine, but the tabs keep crashing (maybe it can't read from appdata? which seems odd).
Re: Restrict program from reading my files
When installing Firefox in a sandbox you can hide the current Firefox files that are outside of the sandbox.
That way nothing from that install will be included in the sandboxed install.
Hide those items using Sandboxie's "File Access > Write-Only Access" setting:
https://www.sandboxie.com/ResourceAccessSettings#file
Sandbox Settings > Resource Access > File Access > Write-Only Access
This setting makes the folders that you select appear to be empty, when the Firefox install program runs in the sandbox.
Those folders will then be created inside of the sandbox, and the files in them will be used by the sandboxed Firefox.
1) Create the necessary sandbox for Firefox
2) Either Add the Write-Only Access settings needed to hide the Firefox folders outside of the sandbox, using the Sandbox Settings as listed above (assuming that this is where the current files are located):
C:\Program Files\Mozilla Firefox\
%AppData%\Mozilla\Firefox\
%Local AppData%\Mozilla\Firefox\
OR, just add the following lines to the configuration settings for that sandbox, using:
Sandboxie Control menu > Configure > Edit Configuration
(again, assuming that this is where the current files are located)
3) Save the sandbox settings, then right-click the Firefox installer file and "Run Sandboxed" - selecting the appropriate sandbox from the list, to install Firefox.
4) If you want, you can also use the Write-Only Access setting to prevent programs using that sandbox from reading the files in your computer's Documents folder. Programs will still be allowed to write to a Documents folder that's located inside of the sandbox, and the default Quick Recovery setting for the sandbox will allow you to recover those files to the Documents folder outside of the sandbox. I always uncheck Immediate Recovery for my sandboxes.
WriteFilePath=%Personal%\
That way nothing from that install will be included in the sandboxed install.
Hide those items using Sandboxie's "File Access > Write-Only Access" setting:
https://www.sandboxie.com/ResourceAccessSettings#file
Sandbox Settings > Resource Access > File Access > Write-Only Access
This setting makes the folders that you select appear to be empty, when the Firefox install program runs in the sandbox.
Those folders will then be created inside of the sandbox, and the files in them will be used by the sandboxed Firefox.
1) Create the necessary sandbox for Firefox
2) Either Add the Write-Only Access settings needed to hide the Firefox folders outside of the sandbox, using the Sandbox Settings as listed above (assuming that this is where the current files are located):
C:\Program Files\Mozilla Firefox\
%AppData%\Mozilla\Firefox\
%Local AppData%\Mozilla\Firefox\
OR, just add the following lines to the configuration settings for that sandbox, using:
Sandboxie Control menu > Configure > Edit Configuration
(again, assuming that this is where the current files are located)
Code: Select all
WriteFilePath=C:\Program Files\Mozilla Firefox\
WriteFilePath=%AppData%\Mozilla\Firefox\
WriteFilePath=%Local AppData%\Mozilla\Firefox\
4) If you want, you can also use the Write-Only Access setting to prevent programs using that sandbox from reading the files in your computer's Documents folder. Programs will still be allowed to write to a Documents folder that's located inside of the sandbox, and the default Quick Recovery setting for the sandbox will allow you to recover those files to the Documents folder outside of the sandbox. I always uncheck Immediate Recovery for my sandboxes.
WriteFilePath=%Personal%\
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Cyberfox, Thunderbird
Sandboxie user since March 2007
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Cyberfox, Thunderbird
Sandboxie user since March 2007
-
- Posts: 3
- Joined: Fri Dec 22, 2017 3:58 pm
Re: Restrict program from reading my files
Thank you. I tried this, adding Firefox appdata to the Write only access list, firefox installs fine and opens, but every tab crashes within about 1 second of loading the website. :/
Re: Restrict program from reading my files
Did you start with a newly created sandbox, with only the default settings, and then add the suggested settings?jeffdunham wrote: ↑Sat Dec 23, 2017 12:37 pmThank you. I tried this, adding Firefox appdata to the Write only access list, firefox installs fine and opens, but every tab crashes within about 1 second of loading the website. :/
WriteFilePath=C:\Program Files\Mozilla Firefox\
WriteFilePath=%AppData%\Mozilla\Firefox\
WriteFilePath=%Local AppData%\Mozilla\Firefox\
I just tried it again, and it works fine for me.
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Cyberfox, Thunderbird
Sandboxie user since March 2007
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Cyberfox, Thunderbird
Sandboxie user since March 2007
-
- Sandboxie Support
- Posts: 2337
- Joined: Mon Nov 07, 2016 3:10 pm
Re: Restrict program from reading my files
Hello jeffdunham,
Adding to what Guest10 explained:
Regarding Firefox crashing, have a look at this thread:
viewtopic.php?p=131074#p131074
Regards,
Barb.-
Adding to what Guest10 explained:
Regarding Firefox crashing, have a look at this thread:
viewtopic.php?p=131074#p131074
Regards,
Barb.-
Who is online
Users browsing this forum: No registered users and 0 guests