Trust No Program

Open Key Path


OpenKeyPath is a sandbox setting in Sandboxie Ini. It specifies a path patterns, for which Sandboxie will not apply sandboxing for registry keys. This lets sandboxed programs have direct access to update system settings outside the sandbox. This setting essentially punches a hole in the sandbox, at a particular registry key location.

Program Name Prefix may be specified.

Example:

   .
   .
   .
   [DefaultBox]
   OpenKeyPath=firefox.exe,HKEY_LOCAL_MACHINE\Software\Mozilla
   OpenKeyPath=firefox.exe,HKEY_CURRENT_USER\Software\Mozilla

These examples let the Firefox program, firefox.exe, have direct access to the Mozilla registry key trees (both system-wide and per-user registry trees).

The value specified for OpenKeyPath can include wildcards, although for registry keys, the use of wildcards is rarely needed. For more information on this, including examples that show the use of wildcards, see OpenFilePath. (OpenFilePath deals with files, not registry keys, but the principle of using wildcards remains the same.)

Note: For security reasons, this setting does not apply when the program executable file resides within the sandbox. This means that (potentially malicious) software downloaded into your computer and executed, cannot take advantage of this setting.

Related Sandboxie Control setting: Sandbox Settings > Resource Access > Registry Access > Direct Access

Jump to
Sandboxie Ini
setting:


Global Settings:

ByteOrderMark

AlertProcess

ForceDisableSeconds
ForceDisableAdminOnly

EditAdminOnly
EditPassword
MonitorAdminOnly

ActivationPrompt


Sandbox Settings:

Enabled

FileRootPath
IpcRootPath
KeyRootPath

AutoDelete
NeverDelete
DeleteCommand

AutoRecover
AutoRecoverIgnore
RecoverFolder

AutoExec

BoxNameTitle
BorderColor
Description

CopyLimitKb
CopyLimitSilent

ForceFolder
ForceProcess
LingerProcess
LeaderProcess

NotifyInternetAccessDenied
NotifyStartRunAccessDenied

BlockDrivers
BlockFakeInput
BlockPassword
BlockSysParam
BlockWinHooks

BlockPort

DropAdminRights

OpenFilePath
OpenPipePath
ReadFilePath
WriteFilePath
ClosedFilePath

OpenKeyPath
ReadKeyPath
WriteKeyPath
ClosedKeyPath

OpenIpcPath
ClosedIpcPath

OpenWinClass
OpenClsid
OpenProtectedStorage
OpenCredentials

InjectDll
InjectDll64

ProcessLimit1
ProcessLimit2


See also:

Expandable Variables Shell Folders Program Name Prefix Deprecated Settings

Top

Sandboxie is Copyright © 2004-2012 by Sandboxie Holdings, LLC.  All rights reserved.
Sandboxie.com | Contact Author
This site has been viewed 264,121,673 times since June 2004