1. What actually happened or you saw:
There are currently only options for restriction or virtualization in the auto-sandbox, not both.
2. What you wanted to happen or see:
An option to run files inside the fully virtualized sandbox and also restrict what actions they can take.
3. Why you think it is desirable:
The manual sandbox utility allows users to choose to virtualize and restrict the privileges of processes. However, that ability is not present in the automatic sandbox. Users (currently) must choose to either virtualize or restrict unknown processes, but are not allowed to do both. Adding an option to automatically virtualize and restrict the privileges of unknown processes would greatly increase the security of many people’s systems. For example, it would also allow users to better trust running additional software, such as browsers, within the fully virtualized sandbox without the worry of malware running and logging their keystrokes.
I disagree. There is a difference between HIPS and policy restriction. HIPS will result in a load of popup-spam that some people (myself included) don’t want to deal with.
I would rather not forward a Wish Request to the Waiting Area unless I am sure that it correctly represents what pcramedic wanted. Thus, I will move this Wish Request to the Rejected section.
However, pcramedic, as soon as you reply and let me know that everything is correct I can move this to the Waiting Area. Let me know if you have any questions.
Thank you for submitting this Wish Request. I have now moved this to the WAITING AREA.
Please be sure to vote for your own wish, and for any other wishes you also support. It is also worthwhile to vote against wishes you think would be a waste of resources, as implementing those may slow down the wishes you would really like to see added.
Isn’t it an overkill? Programs that run under “Full Virtualization” are already “seperated” from the sysyem, meaning whatever they will do in there doesn’t affect the real system. So why restrict such programs further?
Exactly. Virtualization does not fully protect against the tactics used by spyware to steal personal data. The only way to protect against spyware and other types of malware not fully blocked by virtualization is policy restriction or outright blocking the program from running altogether with an anti-executable.
Can is wrong.
Do you want an option that allows to configure the behavior of applications in the sandbox (something like HIPS Rules) that would be possible to customize the restriction?
Example: If you add the “Web browsers” to run fully virtualized, it would be possible, for example the addition of the rules contained in “ruleset HIPS”, and also allow policies created manually by the user, which nãoseja the standards contained in the rules "rulesets HIPS ". This is not possible, even in the BETA version.
see Attachment
As has been noted, this Wish has already been realized in the Beta version of CIS. Thus, I will move this Wish Request to Rejected.
However, please note that if anything does happen such that the final version does not include this, please just reply to this post and I will forward this to the tracker for consideration by the devs.
Very good suggestion!