Advice Request Benefits of using a sandbox (ie Sandboxie)

[Atlas147]

Have a question about using sandboxie that others might have an answer to.

I've noticed that running programmes such as browser like firefox allows for the download folder to be launched sandboxed as well
- eg if I open a sandboxed version of my downloads folder I can see everything that I had there before I opened the sandboxed version of it.

Does this mean that any program running inside the sandbox will also be able to access all my files (although sandboxed) and potentially steal data from it?

Does that mean that potentially running malware that steals information from the PC in a sandbox would be kinda useless since they are able to invoke a sandboxed version of all my data?

 

[Lenny_Fox]

Yes in default settings

I only tried Sandboxie once and I could find settings to limit
a) access to files and folders
b) access to internet
c) starting other programs

When you run through the sandbox settings, the options are relatively self explaining. so it is easy to prevent it

 

[plat]

It's recommended by the Sbie developer to run discrete boxes, in order to more fully isolate one from the other. For example, if you have two browsers, make a separate Box for each one.

 

[bjm_]

Respectfully curious....why call Downloads Folder into your Firefox box?
Reads like (correct me) you're calling your Download Folder into your running Firefox box, without restrictions.

 

[Atlas147]

Yes in default settings

I only tried Sandboxie once and I could find settings to limit
a) access to files and folders
b) access to internet
c) starting other programs

When you run through the sandbox settings, the options are relatively self explaining. so it is easy to prevent it

Thanks for the tips! What I've worked out is blocking access to several app folders that could potentially have cookies or passwords stored to help harden the sandbox

 

[Atlas147]

Respectfully curious....why call Downloads Folder into your Firefox box?
Reads like (correct me) you're calling your Download Folder into your running Firefox box, without restrictions.
View attachment 259163

Yes I think the default config of sandnoxie doesn't have these added rules in them, would you mind sharing how you configure sandboxie to block access?

 

[Atlas147]

It's recommended by the Sbie developer to run discrete boxes, in order to more fully isolate one from the other. For example, if you have two browsers, make a separate Box for each one.

That sounds like a really good idea, seeing how there can be unlimited sandboxes. Thanks for the tip!

 

[bjm_]

Yes I think the default config of sandnoxie doesn't have these added rules in them, would you mind sharing how you configure sandboxie to block access?

Well, my simple setup restricts Start Access and Internet Access to the browser main executable. For example: my Firefox box only allows firefox.exe to start and to have internet access.
I block access to Documents/Downloads/Pictures folders in my Firefox box.

 

[ichito]

There are a lot of info about Sbie on Wilders and as an example here you have

Sandboxie Plus (Sbie fork) Guidance on use

have started this thread as a place for those interested to discuss configuring Sandboxie to their needs This I am sure will help new users as well as...

www.wilderssecurity.com

How do I run a program in specified sandbox with arguments? (Sandboxie)

Hey, I've been having trouble running a program with arguments in a desired sandbox. I got it to work with the default sandbox but running it in...

www.wilderssecurity.com

 

[SearchLight]

I have installed the latest version of Sandboxie Plus with the modern gui. Works well with two small observations:

In the classic version, whenever one closed the Classic version, the tray icon showed the program deleting the contents of the sandbox automatically if the option is set.

In the modern version, although I have set the program to Auto delete, there is no icon confirmation that this is happening, and I find myself manually terminating the processes still running in the box after I closed my sandboxed browser, and then manually deleting the box contents which starts but then gives me an error message that it fails. When I check the gui a second time, it then says contents are empty.

As a suggestion, it would be nice if the modern icon showed the same deletion occuring as the Classic with the Red "X", and that there were options to make deletion more automatic without doing additional steps.

In the meantime, if Classic is still available but with improvements by David Xanatos, maybe I will revert back to that version in the meantime.

 

[bjm_]

In the meantime, if Classic is still available but with improvements by David Xanatos, maybe I will revert back to that version in the meantime.

You may run Classic SbieCtrl UI (if preferred) with Plus installed.
The top of Plus SandMan UI (yellow) seems not as prominent as Classic SbieCtrl UI (yellow).
...
While I prefer Classic UI. I'm trying to warm to Plus UI.
With Plus installed. User may run Plus UI or Classic UI.

 

[plat]

I like Classic better also. But, if you're running the Plus version, you need to manually enable Auto Delete and then Apply the changes. It's not enabled by default. You should see a very brief blue and white flash when you close your browser and IF the UI is on the desktop, you'll see it read Empty when done. It's shown how to do it in this video--really quickly.

Spoiler

This video is Unlisted so just click on the YouTube link if you want to see it. It's only 35 sec.

 

[SearchLight]

Thanks for the replies. I reverted back to Classic, and seem to warm at seeing that Deletion indicator. If David incorporates a more informational, and pronounced icon in Plus, I may re-install it back. Still great, and useful software in either flavor! Thanks to David for still keeping it going after these many years.

 

[shmu26]

By default, a sandboxed app in Sandboxie can see the files on your real system, but not modify them. So you won't get ransomed. But if you want higher privacy, so a sandboxed app cannot even read the personal data on your real system, you need to tweak the settings, as others explained.

If you are looking for an app that has high privacy protection by default, it's called ReHIPS. By default, it will prevent isolated apps from reading data stored in user space. If you tweak it, you can block read permission in additional locations, such as a second hard drive, etc.

 

[Lenny_Fox]

Thanks for the replies. I reverted back to Classic, and seem to warm at seeing that Deletion indicator. If David incorporates a more informational, and pronounced icon in Plus, I may re-install it back. Still great, and useful software in either flavor! Thanks to David for still keeping it going after these many years.

I tried Sandboxie-plus, but for the same irrational reason (fuzzy icon) I reverted back to SBIE-classic

 

[Venustus]

SBIE-classic

I prefer "Classic" too.

 

[Lenny_Fox]

Suggestion for the developer @DavidXanatos) for Sandboxie plus icon

Apply visual language which builds on old trust and highlights new version:
a) Use old SANDBOXIE COLOR schem (yellow and red)
b) Use a PLUS in the new logo (referring to new Sandboxie plus)
c) Use the SPADE for the connection with SANDBOX and resemblance of the shape of a spade with a SHIELD for the connection with protection

see below, I am obviously not a DTP-er, but you will get the idea (a graphic designer can use the above branding elements a-b-c for a much better looking icon)

Icon on the left with the red plus means that a sandbox is running/active without the red plus in the shield shaped spade means that no sandbox is running/active.