Private sandbox per program

Ideas for enhancements to the software
Post Reply
cleanfreak
Posts: 3
Joined: Thu Feb 07, 2019 12:16 pm

Private sandbox per program

Post by cleanfreak » Thu Feb 07, 2019 12:48 pm

Hey,
I would really like to be able to delete a program in a clean manner - that is, so when I delete it, all of the changes it wrote to the disk will be deleted. That's possible, of course, by installing each program on it's own sandbox. But this is quite tedious, and I would rather have a new sandbox created for me every time I want to install (or even just run) a new piece of software.

I was thinking of something like a "Run in a new sandbox" context menu option, maybe even be able to choose the sandbox configuration from a template, so I won't have to manually configure it every time.

I think this would give users a higher resolution of control over their sandboxed programs and reduce lazily running multiple programs in the same sandbox, unintentionally allowing them to access each other's data.

And thank you for a lovely software :D

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2894
Joined: Wed Apr 22, 2009 9:17 pm

Re: Private sandbox per program

Post by bo.elam » Sat Feb 09, 2019 11:28 pm

We already have sort of what you want. You can run or install programs in their own sandbox. And set the sandbox according to the program you are going to run in it (Forced programs). Also, set the sandbox to delete on closing of the sandboxed program, that way it would be like new every time you run the program. If you don't allow the sandboxed program to have direct or full access to files outside the sandbox, all changes will be gone when you delete the sandbox.

Bo

cleanfreak
Posts: 3
Joined: Thu Feb 07, 2019 12:16 pm

Re: Private sandbox per program

Post by cleanfreak » Sun Feb 10, 2019 3:57 pm

Well, this is pretty different than what I'm looking for, because:
A. I don't want the sandbox to be cleared when closing the sandboxed program. The only time I want the sandbox to be cleared is when I decide I want to remove this program from my computer.
B. I don't want to manually configure each program to a sandbox - I want a brand new sandbox to be generated for me when I want to install a new program, so as long as I want to keep this program, it lies inside of it's own, personal sandbox. That is necessary, because I use roughly dosens of programs each year, and if I have to manually create a sandbox for each one, then I just won't use Sandboxie, because it's too tedious, and would rather use a VM or just run the new program in an unprotected manner, instead.

To be clear:
When I install a program, I want it to be installed in a new sandbox, that is automatically generated for me.
Can this be done with Sandboxie as it is now? Yes, manually. But it is so tedious, I usually end up not using Sandboxie at all. This (New sandbox generation when installing a new program) has to be automatic in order to be viable.

I think this is a very common use case of Sandboxie, because ideally we want to put each program in it's own sandbox, and only let it share a sandbox with other programs when we find it necessary, which is not often. That is, from a security point of view, of course.

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2894
Joined: Wed Apr 22, 2009 9:17 pm

Re: Private sandbox per program

Post by bo.elam » Mon Feb 11, 2019 12:51 pm

cleanfreak wrote:
Sun Feb 10, 2019 3:57 pm
Well, this is pretty different than what I'm looking for, because:
A. I don't want the sandbox to be cleared when closing the sandboxed program. The only time I want the sandbox to be cleared is when I decide I want to remove this program from my computer.
As Sandboxie works as is right now, you can do that.
cleanfreak wrote:
Sun Feb 10, 2019 3:57 pm

B. I don't want to manually configure each program to a sandbox - I want a brand new sandbox to be generated for me when I want to install a new program, so as long as I want to keep this program,
Sandboxie has a default settings sandbox, thats as far as Sandboxie ca go regarding setting for sandboxes that are created. Why? 1. If sandboxes are restricted by default, programs wont install sandboxed, Sandboxie cant guess for you what we want to block, allow, etc, 2. Also, each sandbox should be set according to the program we are going to run in the sandbox.or the purpose for creating the sandbox. So, setting up sandboxes is for us users to do, not SBIE.

I am trying to help you, not looking for an argument.

Bo

cleanfreak
Posts: 3
Joined: Thu Feb 07, 2019 12:16 pm

Re: Private sandbox per program

Post by cleanfreak » Tue Feb 12, 2019 10:44 am

Not at all looking for an argument, I appreciate your help, I was just worried I wasn't being clear :)
bo.elam wrote:
Mon Feb 11, 2019 12:51 pm
cleanfreak wrote:
Sun Feb 10, 2019 3:57 pm

B. I don't want to manually configure each program to a sandbox - I want a brand new sandbox to be generated for me when I want to install a new program, so as long as I want to keep this program,
Sandboxie has a default settings sandbox, thats as far as Sandboxie ca go regarding setting for sandboxes that are created. Why? 1. If sandboxes are restricted by default, programs wont install sandboxed, Sandboxie cant guess for you what we want to block, allow, etc, 2. Also, each sandbox should be set according to the program we are going to run in the sandbox.or the purpose for creating the sandbox. So, setting up sandboxes is for us users to do, not SBIE.

Bo
I understand. I don't expect sandboxie to magically guess what configuration to set, that is, as you said, up to the user to decide. That's why I was thinking of something like this:
output.png
context menu example
output.png (12.21 KiB) Viewed 90 times
(As a part of the explorer file context menu, of course)

I hope this is clearer.

Thanks!

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests