Strange Sandbox Behaviour

hkjoj · March 25, 2013, 10:32am

I try to use CIS sandbox for portable Dragon and portable Chrome. My target is to clear all possible threats/changes to OS by resetting sandbox. However, I would like to kept the custom setting/extensions in the portable browser(s).

I hope to achieve these by adding the portable browser exe in sandbox application path and the portable browser folder in the sandbox option “do not virtualize access to the specified files/folders” as I believe the browser setting/extensions are saved in the folder.

However, every times I reset sandbox, nearly all the customer setting/extensions in the portable browser(s) are lost.

Is there anything wrong about my believe or within the sandbox?

liosant · March 25, 2013, 1:25pm

Is there anything wrong about my believe or Within the sandbox?
portable applications create folders temporary, you will put them to not be virtualized?

run the application without being virtualized, then browse the folders and add all these temp folders to not be virtualized.

hkjoj · March 25, 2013, 2:22pm

I just tried using same approach (no virtualize in the portable browser folder) in Sandboxie Free. No settings/extensions are lost after deleting all the sandbox content in Sandboxie.

Hence, I trust the strange behaviour is actually caused by CIS sandbox.

hkjoj · March 29, 2013, 7:17am

Can anyone reproduce this problem?

mouse1 · March 29, 2013, 9:15am

Personally I suggest a different approach. If you exclude from browser settings from virtualisation you render yourself vulnerable to browser-borne infections. FAQ here.

However on this issue of whether exclusion portable directory exclusion works, it seems to me that you may have discovered a bug in exclusions. Let’s see if anyone can reproduce.

hkjoj · March 29, 2013, 10:30pm

I aware of your proposed setups. But my main purpose is not about browsing risky sites. So security is not my major concern.

I do think that there may be a bug in the exclusion option. I’ll issue a bug report if someone else can reproduce the problem.

mouse1 · March 30, 2013, 10:03am

That’s fine then! Can anyone reproduce?

hkjoj · April 18, 2013, 9:08pm

I try again with the above approach using version 6.1 without success.

However, when I modify the above approach by using “Run Virtual” and create a desktop shortcut to run Dragon virtually instead of adding the exe in the sandbox “Application Path”, reset sandbox do not clear my custom setting/extension anymore.

Hence, I trust the strange behaviour may be caused by some unknown interaction between the reset sandbox feature and the sandbox “Application Path” feature.

mouse1 · April 18, 2013, 9:14pm

That worries me a bit. Are you sure it’s still running virtualised?

hkjoj · April 19, 2013, 12:37am

Checked by downloading a file. It is saved in the VTRoot folder. So I can sure it’s still running virtualized.

P.S. Oh! It don’t fix the problem. The custom setting/extensions are still cleared after a PC restart.

mouse1 · April 19, 2013, 7:33am

Would you mind doing a bug report in standard format please Hkjoj?

Many thanks

Mike

hkjoj · April 19, 2013, 11:40am

I’ve used another machine to try the approach today. It has no problem in the other machine :o

My working PC is heavily tweaked and it seems no other user has this problem. I think it is better to have someone who can reproduce the problem before doing a bug report.

mouse1 · April 19, 2013, 11:44am

One of the reasons we ask for a standard format report is to help others to replicate

hkjoj · April 19, 2013, 12:00pm

It’s hard to mention all the tweaks in my PC. ;D ;D ;D

mouse1 · April 21, 2013, 6:23am

If you export and append you config file, it’s pretty much all there !

hkjoj · April 22, 2013, 12:14pm

It’s the tweaks in WIN 7. I think these won’t be included in Comodo’s config file.