Thank you for your answer. I have read the manual (unfortunately still V.4.0), and I quote:
[i]"Applications in the sandbox are executed under a carefully selected set of privileges and writes to a virtual file system and registry instead of the real system…
Automatically sandboxed applications are run with ‘Limited’ restrictions…
the ‘Limited’ setting applies some of the supported operating system restrictions and grants it access rights similar to if the application was run under a non-admin user account. These restriction levels are fortified with certain Defense + restrictions that apply to all sandboxed applications (for example, they cannot key log or screen grab, set windows hooks, access protected COM interfaces or access non-sandboxed applications in memory.
In addition to the Sandbox restriction level set for an application, Defense + also implements the following
restrictions. A sandboxed application cannot:
• Access non-sandboxed applications in memory
• Access protected COM interfaces
• Key log or screen capture
• Set windows hooks
• Modify protected registry keys (if virtualization is disabled)
• Modify EXISTING protected file (if virtualization is disabled)."[/i]
I have also read your “Intro to the sandbox” sticky:
My issue is not the Sandbox. I think it is going to work great. When all my safe programs and files, that are not in the safe list or signed, are out of it (I do not see a reason to run a safe file in it), then any new file that pop-ups the sandbox must be taken into consideration.
The thing is that I had problems running 4.1 with my imported 3.14 settings (I had it so sweet), hang outs and repeating alerts for apps already in “Network and Computer Security Policy”. Then I installed 4.1 clean, removed the programs and files that I had unsanboxed from “My Own Safe Files”, and started to set everything like I had in 3.14. BTW I had set 4.1 to Proactive Security and Sandbox enable. I started in Safe Mode for the firewall and Clean PC mode for D+, but did not have any apps setting rules in either of the modules, F/D+. I clicked “Creates Rules for safe Applications” in Firewall Behavior Settings, and set D+ to Safe mode, and disable Sandbox. CIS 4.1 started to hang when booting the PC first time in the day. It did not work right, every time I accessed it to add or to change something in it, it “will not respond”. So I am again to square one, Proactive, F/D+ in safe mode, and sandbox enable with a list in my own safe files growing to some 100 and + progs and files, and after Windows Update yesterday even more files, and that is why I am asking if those files in My Own Safe Files must be there eventhough there can be another set of rules written in Computer Security Policy.
Right now 4.1 is not misbehaving and I will wait for the devs to answer my question.
Thank you again mouse1 and regards.