You have a lot of restrictions settings in Sandboxie, so i guess one of them would block this attack vector. for example i can block anything running in the sandbox to read/write/access/modify the system partition.
is this configuration still update? because I configured it to run with Vivaldi (since 5.16 is compatible). Sandboxie raises some popup that I don't know if I should allow it (cmd.exe, dllhost.exe, ...)
thank you very much