Disabling HIPS does not disable shell code execution protection

Reproduce: install sandbox ie on win 10.
Disable HIPS
Try run something in sandbox ie. → runs not
Add sandbox ie to shell code execution exception.
Run again → runs.

Not a bug.

Then why is it a HIPS setting? If I disable HIPS, then any option under HIPS should also be disabled.

If it is part of HIPS it should be disabled. if not it should have an extra feature which can be disabled from the context menu and not only from the advanced settings section.

Why is it not a bug?

You shouldn’t disable that option unless you are experiencing a real problem. When you add exclusions, what it actually does is to instruct DLL to not be injected.

This is really not the case as Sandboxie deactivates functionality on purpose to avoid conflicts.
If you do experience BSOD or very similar problems then please report these. However, it looks like you are running into configuration issues. It is normal to get conflicts if not properly configured.

Additionally, you should read this : [M1668]

Hope it helps.

Thankyou qmarius i understand what you want to say.

But the core issue is a different in practical use there are ztwo very Mayor issues:

If a program like sandboxie does not work the first approach is to disable cis and test it again.
When it still does not work i try something else.
Now when there is no way to completely disable cis without uninstalling i cannot really be sure if cis is the problem.

Had i known that HIPS is still partly running when its disabled and how to completely disable it i would not have had to uninstall and reinstall cis to find out that cis is the issue with sandboxie.

Now i know if something does not work and still wont work with HIPS disabled i need to make exceptions for shell code execution.

Which brings me to the second problem.

To have no obvious way to disable cis complete makes it harder to use especially for people who are less tech savy. Imagine a businessman who needs an application which is somehow so codet that cis blocks it.
He cannot make it work but he needs it and cannot find help for this he will uninstall cis and find an other security solution.


I understand your dissatisfaction and you could suggest enhancements, provide feedback in the appropriate board that will be read by appropriate staff. They do listen.
(It’s not a bug though.)
Perhaps you should have received warnings when utilizing the product that something is wrong (eg by checking for incompatible products). Arguments, analogies like these could be continued to infinity. If you have an usability issue, it might be specific to you or a minority. It’s not going to happen miraculously if you do not express it.

No one is really to blame… to be fair. At least in this case.

Hope it helps.