In general chromium based browsers do not sandbox plugins
Found out that on XP admin account, plugins were running on admin privileges.
I was able to confirm (using Process explorer) that OSes having UAC enabled will run plugins under baseline privileges
Did you have UAC disabled? If not can you confirm if plugins run under limited privileges using Process explorer?
yes I have uac disabled, it drives me up the walls. So then if it does not sandbox the plugins what is the point of having the sandbox? Almost all exploits are actually in the plugins ( java/sdobe pdf/flash)?
Did ask about this aspect because Chromium implementation uses privilege stripping as part of its sanboxing approach.
If it is possible to confirm that is possible to affect this by changing UAC setting there might be a way to enforce more severe restrictions even when UAC is disabled.
In the remainder of the post I linked Jowa suggested the use of -safe-plugins switch.
As observed the drawback is that not all plugins might be designed to run sanboxed in such way and it might be necessary to trade safety by using -trusted-plugins exceptions
It would be still possible to prevent plugins to access System32 folders by having them run under the same privileges of non admin accounts.
On UAC enabled OS it would be also possible to use Mandatory Integrity Control (I don’t know what happens if UAC is disabled).
Guess you should make at least a distinction between (by remote) exploitable vulnerabilities and exploits. In any case feel free to link some 3rd party resource that outline overall statistics that compare plug-ins and browsers frequency as exploitable attack vectors.
Besides should it make more sense to have users continue to run vulnerable plugins without never updating out of some sort of magic recipe?
You are the experts, it should be easy to try if you would want to found out.
I am not sure how I did get it.
Just a note…I’ve been using Sandboxie for several months now. This is my understanding of how it works…Any existing files that it needs to use (browser files, for example) it makes a copy of them inside the sandbox. Any files that it needs to create are also in the sandbox. So you’re not using the original files, and when you delete the contents of the sandbox, everything is erased. As an example, say I disable an extension within Dragon while outside the sandbox. Then I can open it inside the sandbox and it will be disabled. But if I re-enabled it while inside the sandbox, when I close it and reopen it, the extension will once again be disabled, because the action was not made permanent, i.e. it was not modified outside the sandbox. Hopefully this is clear. Sandboxie has many features, once of which is to strip admin rights, and also to create a whitelist of programs that can run inside the sandbox. It’s pretty sweet. I use it with all of my browsers…I have to disable it in order to update though, for the same reasons discussed above.
Brian
so just for clarification, do plugins run in the sandbox when uac is on or off or do they run outside the sandbox regardleass of whether uac is turned on or off?
It is regardless of UAC as far as I know. I never heard about a relation between the CD sandbox and UAC.
allo i´m using comodo dragon inside of sandboxie im sure it is double security! maybe it isnt necessary ,but just for you toknow it works fine to me