-------------------------
reparse point support wanted for .NET2 installation INSIDE sandboxes,XPSP2
-------------------------

It uses DeviceIoControl with FSCTL_SET_REPARSE_POINT at least once,
and seems paths in REPARSE_DATA_BUFFER not translated(?), shown in procmon,
and cannot proceed setup.
Incidentally, this results is not "not found error", but "access denied error".

definitely:


// note: .NET 2 installation requires VC8redist preinstalled outside sandboxes
// for some environments currently, if we catch "fusion.dll cannot load" error.

I tried running .Net installation sandboxed, and I recall that it failed, but not due to junction points. At that time it had to do with the installation of security catalogs and other little known Windows features.

As for the "access denied", it is by design. It is meant to protect against a sandboxed program creating a (sandboxed) junction to c:\program files (for example), so then when you delete the sandbox, c:\program files disappears as well. Not so good! At some future time I may extend the support for translation junction targets, but probably not soon. Too much to do as it is.

In this situation, junction is sandboxedfolder to sandboxedfolder,
so *partial* support for reparse point (pass only if sandboxed->sandboxed)
will solve this issue, I realized.

I'm looking forward to enhancement easygoingly,
of course while keeping sandbox secure.

// This operation is by calling from deep inside mscorwks.dll.

Well, it's not really a question of pass/deny at this time, because Sandboxie strips the junction point creation rights in advance, and aside from that, it stays out of the junction point creation procedure. So there is no way to decide pass/deny at this time. But it is definately fixable and I will get around to it eventually.

Fixed in version 3.29.25.