If i have Defense+ and Sandbox enabled, i cannot use square brackets ( these [ ] ) in Firefox 3.6 by pressing AltGr and F or G. They just don’t work. If i disable Defense+ and Sandbox, i can use square brackets again. It’s a really annoying bug because i cannot use BBcode on forums because of that (typing it by hand).
Latest CIS4 (as of 2010/03/14)
Firefox 3.6
Vista x64 Home premium
No, Firefox is not sandboxed. Well, i tried adding firefox.exe to My Safe files but CIS4 said that Firefox is already trusted. So, it’s using default settings.
You might have both defense+ settings controlling the keyboard, and a firefox security rule doing the same.
I have a safe program (i don’t remember which one) not blocking the entries, but warning me about a keyboard security issue (cis v3) each time i launch it, even if i actually do not use the reported keyboard entries, but i suppose that the security warns against potential use of these entries by the software.
I don’t understand one thing. Why is Defense+ even interupting Firefox if it is considered as safe by default? I tried adding it to my own safe files and it said it’s already marked as safe. Shouldn’t safe applications work without restrictions?
Whatever it is happening is unlikely to be meant by design.
I had a different issue pertaining the inability to perform paste actions whose workaroud is similar to the one you mentioned (disable defense+):
In my case the affected applications are run under admin account but either sandboxed as Limited (no virtualization) or with constrained permissions comparable to limited user accounts (psexec, dorpmyrights or Safer SRP)
Since Keyboard access rights are involved also in clipboard leaktests/PoCs, perhaps the issues I’m experiencing is related to yours.
In my case Clipboard paste operations are available for some time after launching the affected applications but suddenly get restricted after using them for a while.
When that happens I’m still able to copy text in those applications and paste it in notepad.
Following your steps I tried to disable Keyboard monitoring and found that to enable paste operations immediately (while the application is still running).