-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Breakout non-executable files: allows specified files to be opened outside the sandbox #2741
Comments
I really like this idea! Microsoft Photos in particular isn't all that happy to be opened in Sandboxie. |
There are 4 factors used in the force process mechanism
When opening the file from the IM software the opening program falls certainly into case 1 and perhaps in case 3 depending on how its started by the IM software software. I don't think this feature can be added safely, if we allow to break out anything with a given working directory, this means a malicious process can start cmd.exe un sandboxed with arbitrary parameters and hence mess with the host system any way it wants. What could be done however might be a workable solution would ne to hook ShellExecuteExW which receives normally only the path to the document and then decides internally with which process to open it. |
SECURITY WARNING: if you set a folder sandboxed processes can write to as break out folder, any malware will be able to put a malicious executable there and execute it without sandboxie protection. So please DO NOT DO THAT!!! I think what will be needed here is a new feature BerakoutDocument where you can specify folders and document extensions which are to be broken out this way it could be sued safely as long as you don't specify *.cmd or other unsafe extensions explicitly. |
manually specify extensions to be open will be excellent! |
please note that this feature is now available in the patreon insider builds for the higher tiers |
Is your feature request related to a problem or use case?
I'm using an IM software inside a sandbox. Its "received files" folder is outside the sandbox directory, and it can write to the folder directly.
Usually I'd prefer to open the files in "received files" folder outside the sandbox (or inside another sandbox). As the folder is outside the sandbox directory, I can just open the files using Explorer, and they won't be automatically sandboxed. The IM software also allows to open the received files via its own UI, but as it is running sandboxed, the program used to open the specified file will also be run in the same sandbox.
ForceFolder
can force all programs and non-executable files to be opened in a sandbox.BreakoutFolder
can break out programs, but not non-executable files. The program used to open a file in a breakout folder still runs inside the sandbox.Describe the solution you'd like
You can give
BreakoutFolder
the ability to break out non-executable files as well, just like its counterpartForceFolder
.Also, opening files in breakout folders should work when the program used to open the file is a Metro/UWP app.
Describe alternatives you've considered
No response
The text was updated successfully, but these errors were encountered: