New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
program clicked (run un-sandboxed) in context menu and "force into this sandbox" issue #3782
Comments
Run Un-Sandboxed behaviour including [successive] offspring [ad infinitum] is necessary, otherwise one bad result could be multistage setup software literally breaking apart when we explicitly must not let that happen. So perhaps it should be more appropriately named, Spawn Un-Sandboxed. Sounds like it is yet to dawn on you that what's needed are regular shortcuts as well (to your browser, download manager, et cetera), with a naming scheme, e.g., Un-Sandboxed Chrome, and launch from those links instead, where Force sandboxing will be, well, enforced. |
Back to the drawing board time and time again, I conclude no one should be running anything NOT sandboxed, especially their browser. It is expected that the user should open holes to let files be saved outside sandboxes.
And if daring, even designate any content within said locations shall be launched not sandboxed but outside the originating sandbox.
Optionally,
Still with me? Then only to be caught immediately by some force-into-this-other-sandbox assigned to program opening files with respective application associated file type. This is hopping from Sandbox to Sandbox, indeed it is. I don't know how reliable but it is sure a feature. |
I concede and fall on my sword; we need your proposed option as well. |
yeah like, despite we click run un-sandboxed, ie. chrome, we still want programs marked (force into this sandbox) to open sandboxed, for example: a .rar or mp4 downloaded from this (run unsandboxed) chrome |
Describe what you noticed and did
This issue is related to a program opened through (run un-sandboxed) in context menu and programs marked as "force into this sandbox"
whenever a program is opened through (run un-sandboxed) in context menu, for example chrome, and a program is marked "force into this sandbox" is open from chrome, for example: winrar or vlc, this program will open unsandboxed despite it is marked to "force into this sandbox",
could you enforce that (force into this sandbox) feature in programs like winrar or vlc opened from a program opened through run un-sandboxed in context menu?
to reproduce:
mark winrar or vlc as force into this sandbox
add a sandbox shortcut of chrome on desktop
right click this shortcut and click run un-sandboxed in context menu
download a .rar .zip or mp4 file to open with one of these programs
result: the program will open unsandboxed despite marked force into this sandbox
How often did you encounter it so far?
No response
Expected behavior
despite program is marked force into this sandbox, it will open unsandboxed
Affected program
any program marked as force into this sandbox
Download link
not relevant
Where is the program located?
The program is installed both inside and outside the sandbox.
Did the program or any related process close unexpectedly?
No, not at all.
Crash dump
No response
What version of Sandboxie are you running now?
plus 1.12.9 x64
Is it a new installation of Sandboxie?
I recently did a new clean installation.
Is it a regression from previous versions?
No response
In which sandbox type you have this problem?
In a standard isolation sandbox (yellow sandbox icon).
Can you reproduce this problem on a new empty sandbox?
I can confirm it also on a new empty sandbox.
What is your Windows edition and version?
22H2 22621.963
In which Windows account you have this problem?
A local account (Standard user)., A local account (Administrator).
Please mention any installed security software
ESET
Did you previously enable some security policy settings outside Sandboxie?
No response
Trace log
No response
Sandboxie.ini configuration
No response
The text was updated successfully, but these errors were encountered: