-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add "Delete Command" (safe delete) for Sandboxie-Plus #343
Comments
Unfortunately this legacy feature was very much snake oil, as all files that were deleted by sandboxed programs while in operation were just deleted in a normal windows unsecure way. For example when chrome & co save bookmarks they save the file as something.tmp and than delete bookmarks and rename the temp file to bookmarks. Hence when you use the old "secure" delete function on the sandbox only the most recent bookmarks get properly erased while all the previous once stay on the disk untouched. If you want data stored to a sandbox definitely gone, you need to locate the box into a container file, eider directly VeraCrypt or a windows .vhd/.vhdx and than securely erase the container after use. That is why this feature is not and will not be included in a plus build. What I could do at some point will be to offer automatic containerization of boxes, i.e. automated creation of a *.vhdx file and mounting int into the default sandbox root folder. With that I could add a secure erase the container feature as than it would be properly reliable. |
I am not sure if sandboxie control which section on disk that it written to in this operation. |
I would rather recommend use disk encryption for a partition and use sandboxie under that. |
Hmm...How about disposable encrypt? Maybe Sandboxie could use disposable key (only storage in memory) to encrypt the vhdx file, when user delete contain files, delete the disposable key and vhdx file. Veracrypt maybe could do this. |
But we need to inform users: once delete content, exit Sandboxie or restart/shutdown OS, the key will destruction, files in Sandboxie couldn't access or recovery anymore, don't storage any important files. |
In widows, vhdx could not be encrypted on the host window. You would need to encrypt data, file inside the virtual disk. |
|
Sandboxie legacy build have a "Delete Command", users could choose how Sandboxie delete contents, they could use SDELETE/Eraser-5/Eraser-6 to avoid anyone recover deleted files.
The text was updated successfully, but these errors were encountered: