I posted the following gripe in the usability forum
(link for mods and developers only).Sandbox Options
The "programs in the Sandbox" window is completely mis-named. The current title indicates that you will find all currently sandboxed applications listed here...and, of course, it does not do that. This window allows the user to select which programs you always want to run in the sandbox. More correct and clear names include:
- "Applications to Always Sandbox"
- "Applications Aways Run in the Sandbox" - I used this one in the sample pic (Sandbox options pic).
- "Applications that are always Sandboxed"
- "Always Sandbox these applications"
Also, the "run a program in the sandbox" really means that a program will only be run once
in the sand box, so a better title would be something like "Run an application in the sandbox (one time only)". So you run a program in the sandbox either once or always. These options should be worded more clearly to distinguish this important difference (see pic sandbox options).Apps Currently in the sandbox
In addition to distinguishing sandboxed apps in the "active process" window (see sample pic posted here
), there needs to be a defense+ sandbox option to see which apps are sandboxed (see pic sandbox options). This option needs to list the programs currently running in the sandbox, their restriction level, and maybe their virtualization (see Inside Sandbox sample pic).