Does Sandboxie 4.01 need Drop Rights Enabled?

Does Sandboxie 4.01 need Drop Rights Enabled?


  • Total voters
    8
Status
Not open for further replies.

ad18

New Member
Thread author
Verified
Jan 19, 2013
59
Hi guys. I am using Sandboxie 4.01 right now and am wondering if I need to enable the Drop Rights feature. Does this really make Sandboxie more secure? Tzuk has this feature enabled in V. 3.76 but not in 4.01. What do you guys think? Please vote in the poll Thank you for your opinions.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well for better protection, Drop Rights are suppose to be enabled to limit the aplication to gain privileges.

If deactivated then UAC will pop up asking to allow or not.
 

ad18

New Member
Thread author
Verified
Jan 19, 2013
59
jamescv7 said:
Well for better protection, Drop Rights are suppose to be enabled to limit the aplication to gain privileges.

If deactivated then UAC will pop up asking to allow or not.

Thanks for the reply. I guess I am asking if Drop Rights provides better malware protection than not enabling it. Do you think Drop Rights makes a big difference in security?
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Let's say it adds additional security caused applications couldn't access easily the admin rights when the feature enabled thus a pop error showed.

Brief Explaination

Its either legitimate or malicious application could blocked due to that feature of Sandboxie
 

ad18

New Member
Thread author
Verified
Jan 19, 2013
59
jamescv7 said:
Let's say it adds additional security caused applications couldn't access easily the admin rights when the feature enabled thus a pop error showed.

Brief Explaination

Its either legitimate or malicious application could blocked due to that feature of Sandboxie
That makes sense. Thanks for the reply.
 

Gnosis

Level 5
Apr 26, 2011
2,779
I have selected "drop rights", but I am a power user anyway, so I am not sure if it matters, at least in my case.

Typically I instruct users to apply "drop rights".
I have always heard this from the foremost of PC experts that I trust.
 

Gnosis

Level 5
Apr 26, 2011
2,779
The rights that are dropped when we tick Drop Rights can not be used by malware to escape the sandbox. So, using or not using the setting does not make a "big difference in security" since nothing gets out of the sandbox without our approval but the setting gives us the chance to "restrict" what can be done by programs running in the sandbox. For example, if you enable Drop Rights, programs are not allowed to install sandboxed. So, if you are browsing and all of the sudden malware starts getting downloaded, it wont run or installs because you have the setting in place.

Bo


I would like to add to that what I perceive to be the gist: dropping rights keeps your sandboxed environment from being corrupted to the point of not being user friendly due to the realities of malware symptoms within the sandbox, which might cause your 2 hour long Netflix movie, that you took almost an hour to download, to crash, for example.
 

ad18

New Member
Thread author
Verified
Jan 19, 2013
59
bo.elam said:
ad18 said:
I guess I am asking if Drop Rights provides better malware protection than not enabling it. Do you think Drop Rights makes a big difference in security?

The rights that are dropped when we tick Drop Rights can not be used by malware to escape the sandbox. So, using or not using the setting does not make a "big difference in security" since nothing gets out of the sandbox without our approval but the setting gives us the chance to "restrict" what can be done by programs running in the sandbox. For example, if you enable Drop Rights, programs are not allowed to install sandboxed. So, if you are browsing and all of the sudden malware starts getting downloaded, it wont run or installs because you have the setting in place.

Bo



.
Thanks for the reply Bo. I thought this setting helped keep malware in the sandbox. Now I understand it helps prevent malware from carrying out its actions within the sandbox. I appreciate the clarification.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
You could say it's similar to a Standard UA where it's privileges are restricted.

What have you decided, to use DMR or keep unchecked?
 

ad18

New Member
Thread author
Verified
Jan 19, 2013
59
I enabled Drop Rights in the DefaultBox which I use only for browsing. I created a separate sandbox called ApplicationSandbox without Drop Rights enabled. I will use this sandbox for trying new apps.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top