The sandbox doesn’t work for me, each time a program is being sandboxed because it isn’t signed, most of the time it won’t work, I’ll have to “allow it” and run it again because it crashed.
For now, I just disabled the sandbox and enabled the HIPS.
Where the sandbox shines: you run an unkown, unsigned, program.
Where it doesn’t work: known unsigned program which may access local ressources (unsigned steam games for example)
What I’d like to see:
A blocking popup, like a D+ popup, with a timer (let say 5-10s) with sandboxing by default, but where I can allow the app to run unsanboxed, but with D+ alert if there’s something strange happening.
The sandbox is a good idea, but most of the time it doesn’t work for me.