Extracting a RAR into the Sandbox?

[Noob]

Okay yes I have a rar and i run sandboxie and then run winrar in the sandbox. I tell winrar to open the rar which is being on my desktop, and then winrar shows me to content. I can see the files in rar, but if i want actually see them (some are pictures and there are text document also), i am told i have to extract them. How do i extract them in the sandboxie? Is there file like C:\Program Files\Sandboxie\fake desktop? I want to extract them into the sand boxie so that if they are bad then they do not hurt?

Please and Thanks you for help

[Guest]

I have example for its say as default extract location:
C:\Documents and Settings\<my account>\Local Settings\Temp\Rar$DI82.578\<new folder>

so does this work okay or do i need to say like C:/Program Files/Sandboxie/Protected Sandbox area ?

[SBIE User]

SandboxIE creates its own form of any directory it uses, including My Desktop.

If you are running WinRar in the sandbox, then any files (including pictures) extracted by it will only be extracted to the sandbox version of the selected folder (including My Desktop). Just be sure that WinRar is running in the sandbox before you extract anything.

After you extract the files using WinRar in the sandbox to My Desktop, you can look on the real Desktop and you'll see that they are not there. To actually access the files that have been extracted to the sandboxed version of My Desktop, you'll need to use the SandboxIE control menu:

Function/Contents of Sandbox/Explore Contents.

SBIE (Happy) User

[mizzmona]

To actually access the files that have been extracted to the sandboxed version of My Desktop, you'll need to use the SandboxIE control menu:

Function/Contents of Sandbox/Explore Contents.

Or to access those files from within the sandbox environment:

Function > Run Sandboxed > Any Program > . [insert dot] > OK

Using Sandboxie Explorer, you'd just browse to the Desktop like you normally would, only you'd be accessing the sandboxed (virtual) Desktop instead.

-M

[SBIE User]

IMPORTANT!

If you think you might have extracted an infected-file or other malware, then it is absolutely essential that you follow mizzmona's procedure (unless you have the appropriate program selected as a "forced" program under SandboxIE!

The procedure I offered above gives you access to the files that have been extracted but will not automatically run them in the sandboxed environment. If you open one of those files without using "Run Sandboxed" and the file is infected, the infection will not be limited to the sandbox.

I should have said that and am glad mizzmona clarified the correct procedure.

By the way, I force most critical programs to run sandboxed, including my image viewer for just that reason.

SBIE (Happy) User

[mizzmona]

The procedure I offered above gives you access to the files that have been extracted but will not automatically run them in the sandboxed environment. If you open one of those files without using "Run Sandboxed" and the file is infected, the infection will not be limited to the sandbox.

Actually, Sandboxie will intercept sandboxed executable files that are run from the outside, and sandbox them. But...! Sandboxie can't (yet) intercept Word docs or batch files or the like, as these are instead launched by another process from the outside...such being fed as an argument based on file association.

Did that make sense? So yeah, it's still best to play with (potentially dangerous) sandboxed files from within the sandbox.

-M

[SBIE User]

mizzmona,

Yes, that makes perfect sense -- although I can understand why new SandboxIE users may find this very confusing.

Given the risk you described, I always treat files in the sandbox as if they are executable outside the sandboxed environment even though they may not be. Because so many programs have Windows file associations, I think the risk is just too great even for a relatively experienced user of SandboxIE.

I believe it is always safer to open files in the sandbox by first loading the respective program with Run Sandboxed unless it is in the list of "forced" sandboxed program. I think I usually know whether a file will be sandboxed or not, but it is just too easy to make a mistake.

I really think Tzuk should make a FAQ entry about this that explains how it works and describes the risks.

SBIE (Happy) User

[mizzmona]

I believe it is always safer to open files in the sandbox by first loading the respective program with Run Sandboxed unless it is in the list of "forced" sandboxed program. I think I usually know whether a file will be sandboxed or not, but it is just too easy to make a mistake.

SBIE, if you're accessing the sandbox folders using Explore Contents, then using Run Sandboxed or Forced Programs to accomplish sandboxing, does that mean you don't generally use Sandboxie Explorer? Since it runs sandboxed, whatever is launched from it is sandboxed...even the file-associated programs. (Wouldn't that be less work and uncertainty?)

-M

[SBIE User]

SBIE, if you're accessing the sandbox folders using Explore Contents, then using Run Sandboxed or Forced Programs to accomplish sandboxing, does that mean you don't generally use Sandboxie Explorer? Since it runs sandboxed, whatever is launched from it is sandboxed...even the file-associated programs. (Wouldn't that be less work and uncertainty?)

-M

Yes, you're right. I generally don't use the SanboxIE Explorer -- because Tzuk has chosen for reasons I don't understand to hide it so effectively!

I just don't think about it usually, so I just do the Explore Contents thing instead.

I know how to run SandboxIE Explorer with a dot in the menu item Function/Run Sandboxed/Any Program/. -- but that is not very obvious to me. I had hoped that Tzuk, who is usually very responsive to users, would have responded to your requests and advice in http://www.sandboxie.com/phpbb/viewtopi ... 36fd1cc4e4, but alas he did not. I cannot figure out why he has not added a simple menu item for such a critical function that could substantially reduce the risk of accidentally running a program outside the sandbox.

I'm one of Tzuk's greatest fans here and have in every other case always found him to be extraordinarily responsive to users' suggestions and needs, but I have to say that his not dealing with this issue even after you posted about it months ago is puzzling to me and makes the program less useable for newbies (and some old dogs like me) than it would otherwise be.

SBIE (Happy) User

[SBIE User]

mizzmona and others,

Following up on my previous post about how to find/use SandboxIE Explorer more easily, let me suggest a workaround.

I have created a Windows shortcut named BoxExplore with the following target code:

"C:\Program Files\Sandboxie\Start.exe" "c:\Program Files\Sandboxie\SandboxieExplorer.exe"

I then put that shortcut in a directory that is on my Windows path, so I can open it using the Windows key + R and typing BoxExplore.

I'd much rather have a menu item available under Function in the SandboxIE Control interface, but apparently Tzuk has decided against adding that feature for now.

Despite this workaround, I'd like to add another vote to yours from August to add this item to the Function menu in the Control interface.

SBIE (Happy) User

[tzuk]

Hello! Sorry I haven't been visiting here much lately, been a bit busy. I hope everyone is well.

Regarding SandboxieExplorer, it isn't intentionally hidden or anything like that... I just put it together quickly as a way to browse sandboxed folders instead of using IEXPLORE.EXE to do it, which was the older way.

I certainly plan to improve it, but for now, I think of it as a hack or a kludge which is probably why it didn't get more attention than a reference on the "Run any program..." window.

I really have no objections to putting it in the Function menu, but for now I'll put it only in my to-do list.

[SBIE User]

Tzuk,

We've missed your expertise and humor, but I know you're busy. I thought you might be playing with VISTA or the 64-bit kernel issue.

I hope you know how much I appreciate your work and your responsiveness to those of us who use SandboxIE. I didn't mean my previous posting to sound harsh.

I must say, however, that even though the SandboxIE Exporer just began as a hack or kludge it is actually a very important component of SandboxIE as it is used today. Without an obvious menu item for it or some specific instructions about it in the FAQ, there is a substantial risk that users will accidentally open files outside the sandbox by using Windows Explorer.

Thanks again for considering this suggestion.

SBIE (Happy) User

[mizzmona]

Following up on my previous post about how to find/use SandboxIE Explorer more easily, let me suggest a workaround.

I have created a Windows shortcut named BoxExplore with the following target code:

"C:\Program Files\Sandboxie\Start.exe" "c:\Program Files\Sandboxie\SandboxieExplorer.exe"

I then put that shortcut in a directory that is on my Windows path, so I can open it using the Windows key + R and typing BoxExplore.

How about a registry tweak? (For folks who are uncomfortable with tweaking the registry, just ignore all this.)

Paste the following code into a text editor, and save it to the Sandboxie program folder as
Browse_with_SandboxieExplorer-ADDKEY.reg

Code: Select all

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Folder\shell\Browse with Sandboxie Explorer\command]
@=""C:\\Program Files\\Sandboxie\\Start.exe" "C:\\Program Files\\Sandboxie\\SandboxieExplorer.exe" "%L""

Then just doubleclick the .reg file to add a "Browse with Sandboxie Explorer" option to the context menu (for folder right-clicks).

NOTE: If Sandboxie's program folder is located somewhere else, those two paths must be modified to reflect the actual location. Be sure to escape any backslashes and quotes you might add to that string value (i.e., use double-backslashes and backslash-quotes). Also note that the string value is itself enclosed in quotes which must remain unescaped:
@="STRING_VALUE"

To reverse the previous registry edit (delete the key) and remove the option from the context menu:

Code: Select all

Windows Registry Editor Version 5.00

[-HKEY_CLASSES_ROOT\Folder\shell\Browse with Sandboxie Explorer]

Save that as a separate file to Sandboxie's program folder named:
Browse_with_SandboxieExplorer-DELKEY.reg

Okay. Now, once you activate the option, there are a couple things to keep in mind:

1) The option added opens Sandboxie Explorer in the default sandbox.
2) The option also appears in the context menu of Sandboxie Explorer, so avoid using it there. (Although, you could explore Sandboxie's program folder using Sandboxie Explorer and then run the DELKEY reg file to remove it from showing within the sandbox; and you might have to do that again, anytime you delete sandbox contents.)

-M

[SBIE User]

mizzmona,

Now that is really creative!

SBIE (Happy) User

[tzuk]

Save that as a separate file to Sandboxie's program folder named:
Browse_with_SandboxieExplorer-DELKEY.reg

Nice trick. This reminds of an older feature request to automatically run a registry script whenever a sandbox is created ... Would be a good feature.