Direct Access to Phishing database

If it's not about a problem in the program
Post Reply
bjm
Posts: 468
Joined: Sat Aug 02, 2008 4:24 pm

Direct Access to Phishing database

Post by bjm » Wed Feb 17, 2016 12:18 pm

Hello,
Curious, re Forum thinking behind direct access to phishing database.
My limited, uninformed testing. Firefox and Chrome render page block w/wo direct access to phishing database.
Curious, why Sandboxie default "Allow direct access ....phishing database"

Thanks
Sandboxie 5.26 - W10 Home - WebrootSA - Chrome

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area

Re: Direct Access to Phishing database

Post by Craig@Invincea » Wed Feb 17, 2016 12:52 pm

Interesting question. Invincea hasn't looked into that code. It may/may not even be needed, at least for Chrome.

By default Chrome and FF and others are checked for direct access in Application settings for Direct Access like you point out.

For Chrome, that + gives access to
OpenFilePath=<ChromePrograms>,%Local AppData%\Google\Chrome\User Data\Safe Browsing*
OpenFilePath=<ChromePrograms>,%Local AppData%\Google\Chrome\User Data\Certificate Revocation Lists

By default, I can't say if Chrome checks "Protect you and yourself from dangerous sites" under Settings>Advanced Settings within Chrome. So if it doesn't, then you're best to have it checked in SBIE.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2859
Joined: Wed Apr 22, 2009 9:17 pm

Re: Direct Access to Phishing database

Post by bo.elam » Wed Feb 17, 2016 1:17 pm

bjm wrote: Curious, why Sandboxie default "Allow direct access ....phishing database"
bjm, I ll use Firefox for the explanation. The phishing database gets updated every time you open Firefox. So, if you don't tick the phishing database setting, all the updates to the database that have been released since the last time you ran Firefox unsandboxed would have to be downloaded all at once every time you run Firefox sandboxed. To save time, by allowing direct access to the phishing database, the update gets saved out of the sandbox automatically every time you run Firefox sandboxed.

In my personal case, I untick this setting since I also untick the settings in Firefox Options for blocking web forgeries and attack sites.

Bo

Guest10
Posts: 5133
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

Re: Direct Access to Phishing database

Post by Guest10 » Wed Feb 17, 2016 3:09 pm

If you do not allow direct access, to save the Safe Browsing files outside of the sandbox, then any new Safe Browsing files that are downloaded will be saved inside of the sandbox - and be deleted when the sandbox contents are deleted.

They will then be downloaded again, and deleted again, each time that you run the browser sandboxed and delete the sandbox contents.

Allowing direct access to those files is meant to eliminate the repetitive downloading of those files, and allow the most recent copies of the files to be retained.

Cyberfox also saves Safe Browsing files, but there's nothing in Sandboxie's templates that allows those files to be saved out of the sandbox.
So, I use a Local Template that includes the exclusion:
OpenFilePath=cyberfox.exe,*\safebrowsing\*
(Because I use multiple Cyberfox profiles, I use a wild card for the path to the Safe Browsing folder)
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Firefox, Thunderbird
Sandboxie user since March 2007

Craig@Invincea
Sandboxie Support
Sandboxie Support
Posts: 3523
Joined: Thu Jun 18, 2015 3:00 pm
Location: DC Metro Area

Re: Direct Access to Phishing database

Post by Craig@Invincea » Wed Feb 17, 2016 3:45 pm

Guest10 wrote:If you do not allow direct access, to save the Safe Browsing files outside of the sandbox, then any new Safe Browsing files that are downloaded will be saved inside of the sandbox - and be deleted when the sandbox contents are deleted.

They will then be downloaded again, and deleted again, each time that you run the browser sandboxed and delete the sandbox contents.

Allowing direct access to those files is meant to eliminate the repetitive downloading of those files, and allow the most recent copies of the files to be retained.

Cyberfox also saves Safe Browsing files, but there's nothing in Sandboxie's templates that allows those files to be saved out of the sandbox.
So, I use a Local Template that includes the exclusion:
OpenFilePath=cyberfox.exe,*\safebrowsing\*
(Because I use multiple Cyberfox profiles, I use a wild card for the path to the Safe Browsing folder)
Excellent point.

bjm
Posts: 468
Joined: Sat Aug 02, 2008 4:24 pm

Re: Direct Access to Phishing database

Post by bjm » Wed Feb 17, 2016 6:09 pm

Guest10 wrote:Allowing direct access to those files is meant to eliminate the repetitive downloading of those files, and allow the most recent copies of the files to be retained.
Google Safe Browsing seems to work w/wo direct access.....and repetitive downloading is not noticeable afaik....and updating Firefox profile e.g., "recent copies of the files to be retained" occurs at least daily when I run Firefox outside sandbox and check updates, etc.
Sandboxie 5.26 - W10 Home - WebrootSA - Chrome

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest