Trust No Program

sandboxie v4.x, games and security

If it doesn't fit elsewhere, it goes here

sandboxie v4.x, games and security

Postby Goback » Sat Aug 03, 2013 9:05 am

Hello,

tzuk wrote:As you may know, in version 4, the process in the sandbox is confined into a "job" concept which prevents interacting with window objects outside the sandbox.
...
Version 4.03 revises this by treating the OpenWinClass=* case as a special case. In version 4.03, when the sandbox settings include OpenWinClass=*, the process is not put into a job, which means normal access to window objects, and the lower level requests are permitted.

This new special case is intended primarily at people who want to take advantage of filesystem/registry isolation when installing trusted programs into the sandbox.


tzuk wrote:Quoting BUCKAROO from another topic:

BUCKAROO wrote:Decreased security? Not that I've found. This setting is purported to allow "full communication with all windows outside the sandbox" but Sandboxie v4 processes can't so much as (directly) show/hide an existing window outside... I don't know if that's a bug.


Not really a bug, more like an oversight. The process in the sandbox is still running at untrusted integrity level even when OpenWinClass=* so the UAC/UIPI mechanism prevents it from accessing window objects that have a higher integrity level. And most window objects outside the sandbox should have at least medium integrity level.

This means that on systems where UAC is enabled, OpenWinClass=* doesn't really mean the process in the sandbox has more access to window objects. However it can "see" and "read" window objects outside the sandbox directly without going through SbieSvc. Whereas without OpenWinClass=*, it cannot see or read window objects outside the sandbox directly, and has to go through the SbieSvc helper process.

If UAC is disabled, and on Windows XP, integrity levels don't come into play for window objects, and OpenWinClass=* does give the process in the sandbox full access to window objects outside the sandbox.


From what i have read in this forum (and by experience) about playing most of games inside sandboxie v4.x, we must do OpenWinClass=*, else we have differents problemes (crazy mouse, etc.) and can't play.
From what i understand from this quote, doing OpenWinClass=* without UAC is resulting in zero security.
==>> I think it should be clearly explain in changelog or elsewhere before everyone just add this little * and think he is safe ...

I don't use UAC in my Win 7 x64, so if i want to play a multi game (with internet resources access) i must do OpenWinClass=* and imagine it as a "trusted program". Yeah ...
For a little more security (and bother me in compatibility/user friendly things), i could activate UAC and do OpenWinClass=*, resulting in letting windows doing the security job for which i paid sandboxie. Yeah ...
Third choice, i revert back to sandboxie 3.76 and stay with it until windows update break it or security flaw is discovered in v3.76 or sandboxie v4 works diffently. Sad.

Tcho
Goback
 

Return to Anything Else

Who is online

Users browsing this forum: No registered users and 2 guests