DLL & Script Execution blocking

Ideas for enhancements to the software
Post Reply
Balalaika

DLL & Script Execution blocking

Post by Balalaika » Mon Jan 24, 2011 10:53 pm

Hello, I researched about Sandboxie start/run and what file types it blocks.
According to this thread: http://www.sandboxie.com/phpbb/viewtopic.php?t=7646
exe and script type files are blocked (although indirectly) The major executable type file that isnt blocked however is DLL. Would it be possible to add this feature in the near future? also is there any plans to develop this more to block scripts directly instead of target applications ie cmd etc

D1G1T@L

Post by D1G1T@L » Tue Jan 25, 2011 1:35 am

Hi Balalaika,

I don't think that blocking scripts is by any means useful since a whitelisted app that could run scripts, like Java for example, could defeat the purpose of such restrictions. What you want to do is add the java and flash program folder to blocked access settings and to also enable start/run for a very few limited programs to realize its power.

I think the main one to worry about here is just .dll blocking because it has been used by worms like Conficker and even recently it was discovered that dll's could bypass SRP due to windows built in esoteric features.
I am all for dll blocking, but you have to wait and see what Tzuk has to say about this

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Tue Jan 25, 2011 8:41 am

A DLL file is not a standalone program so is not affected by Start/Run Access Restrictions.
If you want to prevent sandboxed programs from accessing/using any kind of file then you have Sandbox Settings > Resource Access > File Access > Blocked Access.
Use the Edit/Add button to enter something like *\whatever.dll and that should take care of it.
tzuk

Post Reply

Who is online

Users browsing this forum: No registered users and 5 guests