5.01 Beta Available (latest version 5.04 RC)

Listing issues addressed in beta version 5.01
nEuDy
Posts: 2
Joined: Sat Sep 19, 2015 8:38 am

Re: 5.01 Beta Available (latest version 5.03.3)

Post by nEuDy » Fri Sep 25, 2015 12:10 pm

Craig@Invincea wrote:
nEuDy wrote:Hi Sandboxie-Team,
it´s the first time, i´ve installed sandboxie on a Windows 10 System. So i´ve tried to install the latest Beta 5.03.3. After installing and rebooting the System, i get anytime on Starting a program Sandboxed the following error:
SBIE2224 Sandboxed program has crashed: SandboxieDcomLaunch.exe
It doesn´t matter how i start programs (wether to right click in sandbox control on the sandbox -> Run Sandboxed -> Run Web Browser or Run Any Program...
Also i tried to right click on a program on my system (explorer), and choose "Run Sandboxed". Everytime the same error occurs.
But at the Sandboxie Control is shows me the following programs still as active, after closing the error message:
Start.exe
SandboxieRpcSs.exe
SandboxieDcomLaunch.exe
WerFault.exe

When i´m now trying to start a new sandboxed program (actual no one of the other programs were terminated), i´ve got the window like "Run Any Program" or "Run from Start Menu".. But the programs are not shown, only a new "start.exe" occurs within the sanboxie control..

what can i do?
Thank you very much :-)
One, I would delete the contents of your sandbox, This will also force close any running programs. Are you running any Antivirus software?
Hi Craig,
deleting the contents did not help. btw, i also created a new clean sandbox.
But i´m running an Antivirus software (Bitdefender 2015)

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1638
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Curt@invincea » Fri Sep 25, 2015 2:00 pm

Dun wrote:
Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)
How to close this security hole you just have opened? :shock:
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.

Dun
Posts: 350
Joined: Mon Jun 23, 2014 5:00 am
Location: Poland

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Dun » Fri Sep 25, 2015 3:57 pm

Curt@invincea wrote:
Dun wrote:
Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)
How to close this security hole you just have opened? :shock:
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.
Well, I think I more less understand such issues, even such changes as defaults. But if you implement such workarounds, please give us a way to disable such 'features' completely in Sandboxie settings. I'm stuck with 5.01.13 ATM. Thanks for reply
Sandboxie 5.19.4 personal lifetime license user || Win10 x64 Pro CU (up to date) || ESET SS 10+ x64 || AppGuard 4+ || Firefox 54+ x64 || UAC on

roady
Posts: 16
Joined: Sun Aug 08, 2010 12:29 pm

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by roady » Fri Sep 25, 2015 5:16 pm

Curt@invincea wrote:
Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)
Updates like this 1 weaken the protection of SandBoxie......IMHO,if some1 wants to print an internet file,be it a webpage or a whatever file,they should download it to their computer and recover from SandBoxie to print it,NOT directly from SandBoxie's sandbox.... :evil:

btm
Posts: 160
Joined: Sat Nov 23, 2013 11:31 am

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by btm » Fri Sep 25, 2015 5:19 pm

Curt@invincea wrote:Fixes in 5.03.1
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.
btm wrote:
Curt@invincea wrote:Combined 32/64 installer:
2) I removed the spooler print to file property sheet in the sandbox settings. This is too risky to allow setting it permanently in the GUI where it can easily be forgotten. You can still add AllowSpoolerPrintToFile=y manually in sandbox.ini.
Yikes I don't understand why you'd want to shoot yourself in the foot there! You had a decent start but if it's that bad of an option, why not shower the (mostly empty) page with warnings (or an extra 'are you sure prompt') instead? I hate to play the devils advocate here as I'm actually not against manually altering the ini but in order to 'appeal to the masses' a click-able option like you had would be ideal with a few extra warnings in the mix. [pardon the drunk speak] In my opinion it's easier to forget the manual changes as they aren't shown in the interface.
So a gui option was too risky but forcing open paths on everyone isn't....wow
Why not just bring back this GUI option and add those paths as a toggle selection there set to false by default? Everyone wins, no potential holes permanently opened just for the convenience of others....but it can still be opened if it is needed by the specific user.
Last edited by btm on Fri Sep 25, 2015 5:21 pm, edited 1 time in total.
This account has been abandoned. If you need to PM me, please send a message to Syrinx.

Mr.X
Posts: 583
Joined: Sat Jul 13, 2013 9:34 am
Location: Mexico

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Mr.X » Fri Sep 25, 2015 5:19 pm

@Curt
As you well said, please reconsider that change for the above reasons. I'm with Dun, roady and some others in other forums as well. Thank you.
Windows 8.1 x64/x86 EN | Sandboxie latest beta or stable | All software latest versions unless stated otherwise

Ruan
Posts: 9
Joined: Wed Nov 19, 2014 6:51 pm

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Ruan » Fri Sep 25, 2015 7:52 pm

Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)
Please add me also to the list of users unhappy with this change. Security before compatibility always.

ty.

Dun
Posts: 350
Joined: Mon Jun 23, 2014 5:00 am
Location: Poland

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Dun » Sat Sep 26, 2015 5:12 am

Maybe something like this: If SBIE detects custom (not MS) printer, the software compatibility tab will show up with [x] Printer/Print Spooler full access and it will allow things to avoid issues with printer. Easy to turn off.
Sandboxie 5.19.4 personal lifetime license user || Win10 x64 Pro CU (up to date) || ESET SS 10+ x64 || AppGuard 4+ || Firefox 54+ x64 || UAC on

APMichael
Posts: 152
Joined: Sun Sep 07, 2014 5:54 am
Location: Germany

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by APMichael » Sat Sep 26, 2015 6:57 am

Curt@invincea wrote:We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.
That's why I asked for a more comfortable solution: http://forums.sandboxie.com/phpBB3/view ... =4&t=21390

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area
Contact:

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Craig@Invincea » Sat Sep 26, 2015 7:44 am

kawaiiwolf wrote:Looks like chrome is doing the same thing too. I'm running chrome out of a portable install ( http://portableapps.com/apps/internet/g ... e_portable ) since I had some initial difficulties installing it into a sandbox.

Note, on a lighter/white background the inactive window has a black border too.
We are aware of it. But it's on the low list of priorities, and we're not even sure if this is directly a SBIE issue.

soccerfan
Posts: 440
Joined: Tue Sep 25, 2007 2:59 pm

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by soccerfan » Sat Sep 26, 2015 8:34 am

Curt@invincea wrote:
Dun wrote:
Curt@invincea wrote:Fixes in 5.03.1
2) The print spooler (spoolsv.exe) is now permitted to write files to the system temp folder (windows\temp) and the user temp folder (\Users\<username>\AppData\Local\Temp)
How to close this security hole you just have opened? :shock:
We opened these because we were getting a lot of support issues with PDF writers (mostly) that were trying to write to these folders. The reasoning was, that if someone uses spoolsv to write malware to one of these folders, they still have to figure out a way to execute it. If there are a lot of users that have an issue here, I can reconsider this change.
@Curt:
You may keep this feature out of the box for those who value comfort over security,
but for those of us who truly value security, please give us a way to disable this feature
(even if it requires digging in and editing the sandboxie.ini file or something similar).
That way, we would have a way to 'opt out' of this rather 'dangerous' (imho) precedent.
Many thanks!
soccerfan

Peter2150
Posts: 879
Joined: Tue Mar 27, 2007 9:46 pm
Location: Washington DC

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by Peter2150 » Sat Sep 26, 2015 12:17 pm

I agree about this printing issue, I don't like the security hole. If I really need to print something, all I have to do is remove it from the sandbox. No biggie

w0lfrun
Posts: 52
Joined: Thu Jun 23, 2011 11:21 am

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by w0lfrun » Sat Sep 26, 2015 2:28 pm

I also agree with the above posters regarding the Printing issue security hole. Security trumps convenience for me anyway, as well as for the majority I would think.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2809
Joined: Wed Apr 22, 2009 9:17 pm

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by bo.elam » Sat Sep 26, 2015 3:12 pm

Peter2150 wrote:If I really need to print something, all I have to do is remove it from the sandbox. No biggie
Hi Pete, if the file is malware and it has to be run out of the sandbox in order to print it, I ll get infected. :)

Bo

xy667
Posts: 48
Joined: Sun Jul 12, 2015 8:42 am

Re: 5.01 Beta Available (latest version 5.04 RC)

Post by xy667 » Sun Sep 27, 2015 4:10 am

I'm running Sandboxie 5.04 on Windows 10 and after updating Sandboxie to the latest version I am getting the following:

Code: Select all

SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
SBIE2203 Failed to communicate with Sandboxie Service:  *GUIPROXY_00000001 - robotaskbaricon.exe [00000102]
Is there anything I can do to troubleshoot this? Roboform still seems to be working.

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests