-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How can the sandboxed exe create file in c:? #3160
Comments
I cant reproduce this anyone else being able to reproduce this issue? |
This comment was marked as outdated.
This comment was marked as outdated.
sbiecbtest.mp4 |
|
It appears as if messing with the HKCU does not require a process to be elevated, whereas it needs to be for messing with HKLM? Does this affect the boxes where the processes are not allowed to be started elevated? And what about security hardened boxes? |
the registry changes should be contained within the box, did you observed otherwise? |
No, I did not. My comment was based on the |
This can also be used as a workaround.
|
Considering the OpenWinInetCache template: Sandboxie/Sandboxie/install/Templates.ini Lines 462 to 470 in 169344d
|
Describe what you noticed and did
The problem is why the program can break through the sandbox to create folder directly in disk.
How often did you encounter it so far?
No response
Affected program
test.exe
Download link
https://cowtransfer.com/s/98e76eb3f5294a
Where is the program located?
The program is installed only inside a sandbox (NOT in the real system anyway).
Expected behavior
It should unable to create file/folder in c:
What is your Windows edition and version?
win10
In which Windows account you have this problem?
A local account (Administrator).
Please mention any installed security software
none
What version of Sandboxie are you running?
Sandboxie Plus 1.9.8
Is it a new installation of Sandboxie?
I recently did a new clean installation.
Is it a regression?
No response
In which sandbox type you have this problem?
In a standard isolation sandbox (yellow sandbox icon).
Can you reproduce this problem on a new empty sandbox?
I can confirm it also on a new empty sandbox.
Did you previously enable some security policy settings outside Sandboxie?
No response
Crash dump
No response
Trace log
No response
Sandboxie.ini configuration
No response
The text was updated successfully, but these errors were encountered: