Page 1 of 1

Any way to prevent seeing the data structure?

Posted: Thu Mar 21, 2013 6:29 am
by corvey
I'm running applications that can still browse the rest of the hard drive anywhere and see all the data. I thought I could isolate the application to prevent it. Is there any way to prevent this from happening?

In other words, say I want to run a small server like TELNET or FTP and the those applications can shell to view the hard drive, how do I prevent the application from leaking over to view the data in the non-sandboxie area?

Posted: Thu Mar 21, 2013 8:15 am
by Guest10
You can 'hide' folder contents by selecting that folder in a:
Sandbox Settings > Resource Access > File Access > Write-Only Access
setting.
You can apply this setting to only one program by selecting it using the "Add Program" button to list the program's .exe name, or leave it set to apply to all programs that use that sandbox.
Then you use the "Add" button to pick the folder to hide.

The folder and any sub-folders will appear to be empty to any sandboxed program that tries to read its contents.
You can add additional folders the same way.

But you need to be sure not to select a folder that contains something that's necessary for the program to run.
Example: You wouldn't want to hide the Windows folder from view, or it's own program files folder, since there's likely something there that the program will need in order to run.
I hide my documents folder and the Firefox profile folder that I use for banking purposes, for any sandbox where the programs do not need to access the files in those folders.

Posted: Thu Mar 21, 2013 3:43 pm
by corvey
Thanks for the reply. I will try experimenting with the write policy.