|Trust No Program|
BlockDrivers is a sandbox setting in Sandboxie Ini. It specifies whether Sandboxie will allow sandboxed programs to load drivers into the operating system. However, this setting does not govern the installation of new drivers -- see more below.
. . . [DefaultBox] BlockDrivers=n
Specifying n indicates that a sandboxed program may load drivers into the operating system. If this is not done, Sandboxie will deny the driver load attempt, and instead issue message SBIE2103.
Note: Disabling the protection afforded by BlockDrivers is not recommended.
Before a driver can be loaded, it must first be installed. Driver installation is not affected by the BlockDrivers setting. To allow driver installation, you should add the following OpenKeyPath setting:
And you should additionally open the driver file, using OpenFilePath. This is needed because the driver path that will be set in the registry (in a key created below CurrentControlSet\Services) will typically not point inside the sandbox.
Note: Allowing sandboxed programs to install drivers is not recommended.
Related Sandboxie Control setting: Sandbox Settings > Restrictions > Low-Level Access