I’m brand new to this, so maybe my question is not that exact.
I want to run a batchfile from keepass trigger
If I use only the call
and did a rule for the sandbox
everything is fine and works.
But if I call the same batchfile from keepass with parameter, it fails and the batchfile goes into sandbox like C_cmd.exe_381E4B3A5143949E8BD454CA7EDA476B0232A141.bat
so what could I do?
Thank you, Andi
Hello apani and welcome to the forums. What you want to do is to remove conhost.exe from your sandbox rule. That way it will ignore all .bat files that are created by any application.
But is that good?
Can I get problems by “open that door”?
Technically yes for other bat files. Now thinking about it more it would be better if you created an ignore sandbox rule for the keepass exectuable. That way any script files it creates or executes will not be sandboxed either.
I did it like in the screenshots.
edit Auto-sandbox settings
Step 2 create rule
Is it right? - it seems to work!
Yes that should be fine. If you want to be more specific you can add keepass executable to the created by processes section of the rule.