 |
 |  |
|
BUN B
Guest
|
|
so malware in one sandbox, has no change to read the cookie that's located in the second sandbox?
any change that tzuk will have some kind of discount for sandboxie? i am so mad I missed previous sale thank you for your answer also, too bad he ain't offering support with the app rather than "as it is", if i am not mistaken, that would be awsome! |
|||||||||||
|
|||||||||||||
 |
| |
|
BUN B
Guest
|
|
Hi Guest10,
Will you be so kind to take a look at my Sandboxie.ini file, and suggest what can I do to improve my security? Restrict access to windows system32 filder maybe? Please, your suggestions will be aprechiated ----- [GlobalSettings] ProcessGroup=<InternetAccess_DefaultBox>,iexplore.exe TemplateReject=OfficeLicensing Template=LastPass ForceDisableSeconds=3 [DefaultBox] ConfigLevel=6 Template=IExplore_Force Template=IExplore_Favorites_RecoverFolder Template=LingerPrograms Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore DropAdminRights=y Enabled=y AutoDelete=y NeverDelete=n NotifyInternetAccessDenied=y ClosedFilePath=D:\ ClosedFilePath=E:\ ClosedFilePath=F:\ ClosedFilePath=G: ClosedFilePath=H:\ ClosedFilePath=I:\ ClosedFilePath=\Device\Mup\ ClosedFilePath=J:\ ClosedFilePath=K:\ ClosedFilePath=L:\ ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Http\* ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Nsi ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Afd* RecoverFolder=%Desktop% AutoRecover=y BoxNameTitle=n BorderColor=#000000,off [UserSettings_087C01B4] SbieCtrl_UserName=mino SbieCtrl_NextUpdateCheck=1555555555 SbieCtrl_UpdateCheckNotify=n SbieCtrl_ShowWelcome=n SbieCtrl_AutoApplySettings=n SbieCtrl_SettingChangeNotify=n SbieCtrl_HideWindowNotify=n SbieCtrl_WindowLeft=276 SbieCtrl_WindowTop=143 SbieCtrl_WindowWidth=660 SbieCtrl_WindowHeight=449 SbieCtrl_ActiveView=40021 SbieCtrl_BoxExpandedView_DefaultBox=n SbieCtrl_ColWidthProcName=250 SbieCtrl_ColWidthProcId=70 SbieCtrl_ColWidthProcTitle=310 SbieCtrl_BoxExpandedView_test=y SbieCtrl_ReloadConfNotify=n |
|||||||||||
|
|||||||||||||
|
| |
|
Guest10
|
|
First, I suggest that you update to the latest version. Either 3.64, or better yet, the latest beta version:
http://sandboxie.com/phpbb/viewtopic.php?t=12517 |
|||||||||||
|
_________________ Paul XP Pro SP3 (Admin rights), Zone Alarm Pro Firewall, Malwarebytes Pro, Firefox 21, Thunderbird 17
|
|||||||||||||
|
| |
|
soccerfan
|
|
You better hurry! http://sandboxie.com/phpbb/viewtopic.php?t=12627 |
|||||||||||||
|
_________________ soccerfan
|
|||||||||||||||
|
| |
|
tailandturr
|
|
Very interesting to read your forum. Thank you very much. |
|||||||||||||
|
|||||||||||||||
|
| |
|
BUN B
Guest
|
|
i've upgraded just as you suggested!
i've closed sandboxie in taskbar, ran install, chose upgrade, and restarted my sandboxie.ini looks like this now! what can I add more to increase protection, what directories should I block in "restricted access" and so on? I will now enable experimental protection, after this post please do reply! have a great day! --------------------------- [GlobalSettings] ProcessGroup=<InternetAccess_DefaultBox>,iexplore.exe TemplateReject=OfficeLicensing Template=NOD32 Template=LastPass ForceDisableSeconds=3 FileRootPath=I:\Sandbox\%USER%\%SANDBOX% ActivationPrompt=y EditAdminOnly=y ForceDisableAdminOnly=y ForgetPassword=n [DefaultBox] ConfigLevel=7 Template=BlockPorts Template=IExplore_Force Template=IExplore_Favorites_RecoverFolder Template=LingerPrograms Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore DropAdminRights=y Enabled=y NeverDelete=n NotifyInternetAccessDenied=y ClosedFilePath=D:\ ClosedFilePath=E:\ ClosedFilePath=F:\ ClosedFilePath=G: ClosedFilePath=H:\ ClosedFilePath=\Device\Mup\ ClosedFilePath=J:\ ClosedFilePath=K:\ ClosedFilePath=L:\ ClosedFilePath=I:\ ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Http\* ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Nsi ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Afd* RecoverFolder=%Desktop% AutoRecover=y BoxNameTitle=n BorderColor=#000000,off AutoDelete=y NotifyStartRunAccessDenied=y ProcessGroup=<StartRunAccess>,iexplore.exe ClosedIpcPath=!<StartRunAccess>,* ReadFilePath=C:\Windows\System32\ ReadFilePath=c:\windows\sandboxie.ini [UserSettings_087C01B4] SbieCtrl_UserName=mino SbieCtrl_NextUpdateCheck=1555555555 SbieCtrl_UpdateCheckNotify=y SbieCtrl_ShowWelcome=n SbieCtrl_AutoApplySettings=n SbieCtrl_SettingChangeNotify=n SbieCtrl_HideWindowNotify=n SbieCtrl_WindowLeft=276 SbieCtrl_WindowTop=143 SbieCtrl_WindowWidth=660 SbieCtrl_WindowHeight=449 SbieCtrl_ActiveView=40021 SbieCtrl_BoxExpandedView_DefaultBox=y SbieCtrl_ColWidthProcName=250 SbieCtrl_ColWidthProcId=70 SbieCtrl_ColWidthProcTitle=310 SbieCtrl_BoxExpandedView_test=y SbieCtrl_ReloadConfNotify=n SbieCtrl_EditConfNotify=n |
|||||||||||
|
|||||||||||||
|
| |
|
BUN B
Guest
|
|
i've found out through poking that lastpass does save data under registry, but under different path then the one described in compatibiltiy
please, look the images bellow to see the path, and to confirm that the path is different then the one inside compatibiltiy i did change one setting, and those settings were written inside this path, inside registry how can we include this to be excluded from sandboxie and to allow lastpass plugin to remember it's settings when changed in sandboxed browser? Direct Links 
[/img] |
|||||||||||
|
|||||||||||||
|
| |
|
Guest10
|
|
ConfigLevel=7 that you have upgraded the program. Frankly, I expected that a couple of the settings would have been simplified or moved during the upgrade process, but they will still work the same as they are now. I don't really see anything that needs to be done. I do note though, that there are no settings for use with an email program. ReadFilePath=C:\Windows\System32\ ReadFilePath=c:\windows\sandboxie.ini Sandboxed programs are automatically restricted from writing outside of the sandbox, so technically you don't have to set the System32 folder as a read-only folder. Any sandboxed program that writes to System32 will actually write to that folder inside of the sandbox, and the write will be deleted when the 'AutoDelete=y' setting deletes the sandbox contents. It will however, stop a program from "trying" to write to that folder, and that could cause a sandboxed program to stop with an error when it finds that it can't write there. In the same way a sandboxed program cannot write to the sandboxie.ini file, outside of the sandbox. Any write there would be trapped inside of the sandbox. It would appear that the sandboxie.ini file had been changed, to programs that use the same sandbox (until the sandbox is deleted). But if you have another sandbox, the programs that use it would never see any change to the file. I've never seen the need to use a read-only path for these two items. |
|||||||||||||
|
|||||||||||||||
|
| |
|
Guest10
|
|
After the initial install, there's really no reason to allow a sandboxed program to change them, since they are "program settings" but they are not "data". I don't see anything there that LastPass needs to save outside of the sandbox, when the program is used. |
|||||||||||||
|
|||||||||||||||
|
| |
|
Bun B
Guest
|
|
thank you for your comment regarding system32 and sandbox.ini
you are completly right! so you say, i'd have different confiruation ini if I have installed the sandbox from scratch there is no need to do that now again, right? one thing i did noticed, that I need to allow dlhost.exe under Start/run programs inside sandboxie, as when I am attaching somethin in gmail, dialog pops up is this allrgith to have it enabled to run in sandboxie? regarding the LastPass, i think you are wrong When I changed the setting in LastPass "autologin after 25s to 222s" the change of 222 seconds is written in that registry path the above disqualifies your theory should I provide some more details (screenshot or something) i did tried adding my own exclusion, but it didn't have the effect, or maybe i didn't know how to correctly point to that path also, under settings in sandboxie, tree FOLDERS, everything is empty is this normal? |
|||||||||||
|
|||||||||||||
|
| |
|
Bun B
Guest
|
|
sorry, I misspelled in previous post
dllhost.exe |
|||||||||||
|
|||||||||||||
|
| |
|
Guest10
|
|
I thought that the upgrade would have revised them, but apparently not. Things still work as they are, though. This line: [GlobalSettings] ProcessGroup=<InternetAccess_DefaultBox>,iexplore.exe I expected to be modified and placed under: [DefaultBox] ProcessGroup=<InternetAccess>,iexplore.exe These lines: [DefaultBox] ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Http\* ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Nsi ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip6 ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\RawIp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Udp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Tcp ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Ip ClosedFilePath=!<InternetAccess_DefaultBox>,\Device\Afd* I expected to be replaced with: [DefaultBox] ClosedFilePath=!<InternetAccess>,InternetAccessDevices
They appear to me to be a copy of the program's settings - ones that are located in the Reghive file in the sandbox - and not the settings in the unsandboxed part of the Registry. When a sandbox is in use, all Registry settings/changes etc. made by the sandboxed program are written into the "RegHive" file in the sandbox at: C:\Sandbox\(user)\DefaultBox\RegHive While the sandbox is active (a sandboxed program is using that sandbox) the RegHive file is mounted to the "real" Registry, under the HKEY_USERS key. When the sandboxed programs end, the paths shown in your Registry screen prints should no longer exist - until the sandbox is used again, assuming that the sandbox contents have not been deleted in the meantime. I must admit though, your Registry paths are not what I expected to see under HKEY_USERS. Your first screen print shows a Registry path: HKEY_USERS\sandboxie\machine\software\... On my computer that path would be: HKEY_USERS\Sandbox_(user)_DefaultBox\machine\software\... I thought that when the RegHive was mounted to the real Registry, it always shows as in my example, so I don't know if this is the default for Win 7 or not. Or, if it's just because you only have the one sandbox.
To make program setting changes that persist, the normal thing to do is to make the change when not sandboxed. That way the change will be remembered when sandboxed or unsandboxed.
Sandbox Settings > Applications > Folders there's no entry there if all you use is IE. If you used Firefox and used any of the templates besides the one for phishing, you would see "Firefox" listed there. |
|||||||||||||||||||||
|
|||||||||||||||||||||||
|
| |
|
BUN B
Guest
|
|
thank you for you long message
I mounted the registry again (to my real registry) from sandbox, after changing some random setting in LastPass plugin. It seems you were right those settings from screenshot, from my mounter registry, are copied from my REAL registy I've searched for Last Pass enteries in my real registry, and look what I found. The settings seems to be saved in these locations: HKEY_CURRENT_USER\Software\LastPass HKEY_CURRENT_USER\Software\LastPass\#SOME CRAZY LONG STRING# HKEY_USERS\##BUNCH OF NUMBERS##\Software\LastPass HKEY_USERS\##BUNCH OF NUMBERS##\Software\LastPass\#SOME CRAZY LONG STRING# In the mentioned values I've found one value named LPTEMPDIR THis Value (LPTEMPDIR) has string value c:\users\mino\appdata\local\temp\lptmp-NUMBERS(followed by numbers) This is apprently LastPass temp directory The above doesn't fit inside the string in sandboxie compatibilty which is: OpenFilePath=<Template_LastPass>,%USERPROFILE%\*\LastPass\* Correct me if I am wrong Wat's he purpose of LastPass compatibility f it is not to save settings? |
|||||||||||
|
|||||||||||||
|
| |
|
Guest10
|
|
Normally, that temp folder would be created and used by LastPass outside of the sandbox. There might even be a folder like that right now, if temporary files haven't been deleted from your temp folder. However, when sandboxed, a corresponding folder would be created and used inside of the sandbox. The contents of that folder will be deleted when the sandbox contents are deleted.
That's because it's for temporary storage, and it's not used as a permanent storage location. All data in and underneath a "temp" folder is always expendable data. It can be deleted at any time, and that would have no effect on programs.
|
|||||||||||||||||
|
|||||||||||||||||||
|
| |
|
BUN B
Guest
|
|
but isn't everything save in the cloud, passwords and usernames for sites are not saved on hdd
i don't think there needs to be an exception in sandboxie for this to work you say that this compatibility serves a purpose for lastpass plugin to comunicate with hq or for storing data on the hdd? i am pretty sure, no data is stored locally |
|||||||||||
|
|||||||||||||
|
 | Can't get LastPass plugin to autologin / remember password | |
|
||
Use the RSS feed to watch this topic for replies |
|
|