Why multiple sandboxes?

View previous topic View next topic Go down

Why multiple sandboxes?

Post by Binky on 24/11/2010, 07:42

I have the free Sandboxie installed, and I am learning to configure it. ssj100's Security Setup page gave me some good ideas. I will likely purchase a lifetime license to get the other features.

Presently, my DefaultBox runs Firefox and all applications spawned to view internet content. I use Start/Run Access restrictions to prevent running downloaded malware. I plan to create another sandbox for installing new software using a sandboxed Explorer (as ssj100 suggests).

Since I only use IE for Windows Updates, I don't understand the motivation for adding more sandboxes and forcing applications into them. If I force Foxit Reader into a separate sandbox, forcing only works if initiated outside the sandbox. I still need to include Foxit in the Start/Run Access list for the sandbox that runs Firefox. Is the motivation to control which apps access the internet? I use a separate software firewall for this, and I prevent Foxit from having internet access, so this would not be a motivation for me.

I already close Firefox before and after doing financial-related internet transactions (purchasing, banking, etc.) to prevent cross-site vulnerabilities. I would continue to do the same thing with Firefox in a sandbox. I don't see the advantage for me of a separate sandbox for financial and everyday surfing.

VLC Media Player is an example of an app that accesses the internet (for streaming content). Normally, I click on a link in Firefox, and the media is downloaded entirely before rendering it in VLC. VLC does not need internet access in such cases. When playing streaming content, I always initiate streaming via Firefox. Thus, VLC never needs to stand alone and accesses the internet. What is the advantage of having a separate sandbox for VLC, which only applies when VLC is launched as stand-alone? My option is to force VLC into the sandbox that also runs Firefox.

I would appreciate some example scenarios and/or configurations that show advantages in security or convenience for separate sandboxes for Firefox and VLC (or other apps).


Posts : 35
Join date : 2010-11-10

View user profile

Back to top Go down

Re: Why multiple sandboxes?

Post by ssj100 on 24/11/2010, 09:10

Good questions, and I'm fairly sure you'll eventually figure out most of the answers yourself - it's probably going to be the best way to learn. Also, it's not easy to explain some of these answers in words. Ultimately, you'll figure out the best setup/approach for your own needs. My guide is only...a guide haha.

An advantage of having separate sandboxes is that it makes things more flexible - if you have a specific program that has specific requirements/exceptions etc, you can specifically configure it into its individual sandbox, without worrying that you are complicating other applications in the sandbox.

Another scenario I can think of is of malware exploitation in one program not affecting another program. For example, a fancy buffer overflow exploit is discovered in Firefox which executes and calls up VLC Media Player (or whatever) and uses an exploit in VLC Media Player to stream malware etc. If you have configured that only Firefox.exe can run in its sandbox, this exploit is stopped dead in its tracks when it tries to run VLC Media Player. If you only have one sandbox which allows lots of files to start/run, then there is theoretically higher chance of successful exploitation. However, I suppose this argument is only relevant if the actual sandbox can be broken out of (that is, a genuine Sandboxie bypass). But hopefully you see my point.

Another reason I can think of is with regards to another convenience matter, as well as arguably security related. For example, I run an online game (Starcraft 1) in its own separate sandbox. Say I get infected while I play ("frozen malware" resides in the sandbox), but once I quit the game, the sandbox deletes itself and this "frozen malware" is gone for good. I have my Firefox browser still open with some work I'm doing in it, in its own separate sandbox - it would have been potentially inconvenient if it also closed and the sandbox deleted itself.

I actually personally run my main browser (Firefox) in the same sandbox as my chat messenger program (Pidgin) - the reason is that if someone gives me a web-site link in the chat messenger window of Pidgin, I can simply click on it and it opens up Firefox. I don't see much point of having separate sandboxes for Firefox and Pidgin, since I'd need to allow both Firefox.exe and Pidgin.exe to run in each sandbox anyway.

Hope this has been a little helpful for you. As I said though, you'll eventually figure out what's best for your specific needs. The beauty of Sandboxie is that it's configurable enough to suit pretty much everyone's needs.

Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Permissions in this forum:
You cannot reply to topics in this forum