What are the proposed steps to create a sandboxed app?

If it doesn't fit elsewhere, it goes here
Post Reply
Posts: 7
Joined: Tue Jan 31, 2012 9:42 am

What are the proposed steps to create a sandboxed app?

Post by aposter » Tue Jan 31, 2012 10:47 am

Hello Tzuk,
although I bought Sandboxie quite a a time ago, I just used it at the surface.
Now I am kind of 'migrating' from another solution (Symantec Workspace Virtualization, formerly Altiris SVS).
I am sorry to ask this and hope not to be accidentally impolite because english is not my native language. I excuse for that in advance.

What is the thought concept of sandboxie's principle? I'll ask my question more precisely with an example:

Let me say I install a shareware, in this case it is TS doctor. I bought a license but the program starts as shareware and records the install date, in order to be functional for 30 days. I do not want any etches of that program in my OS, so I start the installer inside of a new sandbox. I register it, and everything is fine.

With a portable app creator, or SWV, I record what a) the installer and b) the registration do, and then I have a "portable app" or a "software layer", respectively. That is: these tools undo or shield the installer's actions from the OS, and pack the result to another place (like a sandbox), where the results are kept separately from their original location and the OS, but in a way they are functional for the application with the help of a "somethingPortable" wrapper or a file system driver. The latter is extremely similar to a Sandboxie sandbox.

Now to the detail aspect of my question:
The mentioned products think of the installer as something that creates the initial state of an application that I can further use. This is not 'null'. In Sandboxie, however, I can start the installer in a sandbox, but when I 'delete' that sandbox, my installed application is gone. Or isn't it? I just don't get the concept. It seems that the initial application resources and the application data are mixed inside Sandboxie's sandbox.
With the typical browser example, the browser and all the addins are installed outside of the sandbox, and there are browser files/regkeys everywhere in the system. Just the volatile data that I handle with my browser, stay inside the sandbox, right?

I read your post http://www.sandboxie.com/phpbb/viewtopic.php?t=1376 with great interest.
It seems that everything is almost ready to not 'delete', but rather 'reset' sandboxes to a non-null, but initial state.

What I am talking about, is also very similar to http://www.sandboxie.com/phpbb/viewtopic.php?t=12171. I'm sure I'll check SandboxieTools. Carl Colijn could surely use the alternative approaches I mentioned, and there is at least one more on the market. But they suffer from severely reduced security against any 'jailbreaks' they are not aware of. So it would be sooo nice to have the feature to 'pack and go' a sandboxed application with Sandboxie just like with these approaches.

Post Reply

Who is online

Users browsing this forum: No registered users and 10 guests