|Trust No Program|
OpenKeyPath is a sandbox setting in Sandboxie Ini. It specifies a path patterns, for which Sandboxie will not apply sandboxing for registry keys. This lets sandboxed programs have direct access to update system settings outside the sandbox. This setting essentially punches a hole in the sandbox, at a particular registry key location.
Program Name Prefix may be specified.
. . . [DefaultBox] OpenKeyPath=firefox.exe,HKEY_LOCAL_MACHINE\Software\Mozilla OpenKeyPath=firefox.exe,HKEY_CURRENT_USER\Software\Mozilla
These examples let the Firefox program, firefox.exe, have direct access to the Mozilla registry key trees (both system-wide and per-user registry trees).
The value specified for OpenKeyPath can include wildcards, although for registry keys, the use of wildcards is rarely needed. For more information on this, including examples that show the use of wildcards, see OpenFilePath. (OpenFilePath deals with files, not registry keys, but the principle of using wildcards remains the same.)
Note: For security reasons, this setting does not apply when the program executable file resides within the sandbox. This means that (potentially malicious) software downloaded into your computer and executed, cannot take advantage of this setting.