Jump to content

Sandboxie-Plus 1.12.9 - 2024-02-06

FunkyBuddha

By FunkyBuddha
in Freeware and Beta

Recommended Posts

FunkyBuddha Newbie

FunkyBuddha

Posted
Posted (edited)

SANDBOXIE-PLUS FEATURES

Sandboxie Plus offers a multitude of new functionality which improves security, compatybility and the overall sandboxing expirience.

Some of these features (*) are howeever only avaiable to users with a 

Hidden Content

    Give reaction to this post to see the hidden content.
 which can be obtained by 

Hidden Content

    Give reaction to this post to see the hidden content.
 or purchased in our 

Hidden Content

    Give reaction to this post to see the hidden content.
.

Some more features (**) are available to participants of the 

Hidden Content

    Give reaction to this post to see the hidden content.
 program which.

Hidden Content

    Give reaction to this post to see the hidden content.
 *

  • With this option rules are prioritized based on their specificity (see changelog/docs for details) this way sub paths can be readable/writeable while parent parts are still protected.

Hidden Content

    Give reaction to this post to see the hidden content.
 *

  • Restrict syscall elevation to approved known safe / filtered sys calls
  • Limit access to device endpoints to known safe / filtered endpoints

Hidden Content

    Give reaction to this post to see the hidden content.
 *

  • With this applying a preset rule collection all locations potentially containing personal data can be protected. Applications running in boxes with personal data protection will see an empty PC with no user data on it.

Hidden Content

    Give reaction to this post to see the hidden content.
 *

  • This mode is intended to optimize compatibility at the cost of security, here sandboxie’s token-based isolation scheme is not used. Isolation is limited to the FS minifilter as well as registry and object callbacks. This has the potential to greatly improve compatibility with variouse applications.

Virtual Disk Integration **

  • Hidden Content

      Give reaction to this post to see the hidden content.
    , available since the latest insider build, allows you to create a virtual disk in your system's memory, using the ImDisk driver, which can speed up file access and increase confidentiality as all box contents will be discarded when the disk is unmounted (manually or automatically on reboot).

  • Hidden Content

      Give reaction to this post to see the hidden content.
     is currently in development and allows you to create encrypted sandboxed environments for an even greater protection of your confidential data. With this feature the box file root is being mounted from an AES-XTS encrypted box image, other ciphers are available as well. Upcoming additions to this root functionality will contain secure box passphrase handling and a driver extension to prevent applications not running in the encrypted sandbox from accessing the sandboxed files.

Enchanced network filering and redirection **

  • Hidden Content

      Give reaction to this post to see the hidden content.
     is yet another feature which has been added in the insider builds, it allows to force any application to use a Socks 5 proxy instead of a direct connection.

  • Hidden Content

      Give reaction to this post to see the hidden content.
     feature allows you to block, or redirect DNS queries made by sandboxed programs for selected domains.

Hidden Content

    Give reaction to this post to see the hidden content.

  • With this feature Sandboxie can be like an application firewall which applies the rules on a per box bases allowing the same application access to the internet in one box while blocking it in another.

Windows 11 context menu integration

Process/Thread handle filtering (obCallbacks)

  • Using this mechanism greatly improves on isolation of processes and provides enhanced security.

Win32 syscall hooking

  • With this feature win32 sys calls can get the same treatment as NT sys calls which helps with graphics and hw acceleration.

 

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

Download:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

Edited by FunkyBuddha
  • Like 3
  • Thanks 2
Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

Change-log since last announcement:

[1.12.3 / 5.67.3] - 2023-12-02
Added

added template to add useful exclusions to confidential boxes

Fixed

FIXED SECURITY ISSUE ID-23 SeManageVolumePrivilege is now blocked, as it allowed to read MFT data (thanks Diversenok)
fixed program launch when forcing processes into a confidential box #3173
 

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

  • Thanks 1
Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

Changelog

All notable changes to this project will be documented in this file. This project adheres to 

Hidden Content

    Give reaction to this post to see the hidden content.
.

[1.12.4 / 5.67.4] - 2023-12-18

Added

  • added display of Date & Time in the Sbie Messages tab 

    Hidden Content

      Give reaction to this post to see the hidden content.

Changed

  • without an active, non expired, supporter certificate, automatic updates/downloads are not longer available for the stable channel
    • the autoamtic updater will still work and notify about new stable releases, the user will be guided to visit the download page and download the latest installer manually
  • the cleanup button is now also enabled when not connencted to core
  • the box creation wizard now allows to create a black box based on any other box type

Fixed

  • fixed running sandboxed processes located in a imdisk volume 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed sample 634d066fd4f9a8b201a3ddf346e880be unable to be terminate on windows 7 x64 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed UseNewSymlinkResolver causes applications to create both the link and the target folder 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed Renaming a sandbox breaks Group hierarchy 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed Encrypted confidential Box + red box preset blocks box access to it's own root directories 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed SandMan-v1.12.3 crashing 

    Hidden Content

      Give reaction to this post to see the hidden content.

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

  • Thanks 1
Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

Release Notes

The latest update brings notable improvements and fixes to Sandboxie-Plus.
Key enhancements include the integration of Date & Time display in the Sbie Messages tab, and a streamlined the box creation process, allowing for more versatile box types. Among the various fixes, issues with sandboxed processes and stability concerns in SandMan-v1.12.3 have been addressed, ensuring a more reliable and efficient user experience.

We also announce a change in our update policy: automated update download & installation now requires an active supporter certificate to use the stable channel. Users on the preview channel with all the experimental potentially buggy test builds can still use auto update without a certificate. Users on the stable channel from now on will instead receive a update notification guiding them to our manually download page.

For a full list of changes and fixes please review the full 

Hidden Content

    Give reaction to this post to see the hidden content.
.

 

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

  • Thanks 1
Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

[1.12.6 / 5.67.6] - 2024-01-02

Changed

  • improved behaviour of toolbar customization menu

Fixed

  • fixed issue introduced in 1.12.4 with start.exe failing to run in a confidential box 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed "The directory name is invalid" when starting a process in an encrypted private box 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed symbolic links created inside a sandbox not working properly 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed issue with drives mounted to multiple folders or a drive letter and a folder
  • fixed issue with file paths when using sandboxes with relocated root (e.g. to an ImDisk volume) 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed issue with explorer.exe on Windows 11 when using "SysCallLockDown=y" 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed SandMan not showing icons of processes located on an ImDisk volume

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

[1.12.7 / 5.67.7] - 2024-01-10

Fixed

  • fixed "Duplicate Box Config" option not being able to keep the order of the original sandbox configuration 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed "Save options as new defaults" option not appearing when "Configure Advanced Options" is enabled 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed Windows Explorer issue when running in a sandbox with data protection enabled on Windows 11 

    Hidden Content

      Give reaction to this post to see the hidden content.
    • the default template for privacy boxes now sets NormalFilePath=%ProgramData%\Microsoft\*
  • fixed message boxes with MB_DEFAULT_DESKTOP_ONLY or MB_SERVICE_NOTIFICATION not being able to display title and text correctly in Security Hardened sandboxes 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed issue with npm failing to run inside a Security Hardened sandbox on Windows 11 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed symlink and open path issue introduced in 1.12.6 

    Hidden Content

      Give reaction to this post to see the hidden content.
    • when a volume without an associated drive letter is encountered, Sandboxie uses \drive\{guid} instead of \drive\[letter]
    • Note: if the volume is subsequently assigned a drive letter, the data under \drive\{guid} will be ignored!
  • fixed "Run Unsandboxed" command when right-clicking shortcuts created with Sandboxie Plus 

    Hidden Content

      Give reaction to this post to see the hidden content.
    • Note: for the fix to take full effect, the shell integration needs to be re-applied
  • fixed Error Status: 0x0000065b (Function failed during execution) 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed Privacy Enhanced sandboxes failing with error code SBIE2204 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed OpenFilePath directories not being enumerated within their parent folders 

    Hidden Content

      Give reaction to this post to see the hidden content.

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

Link to comment
FunkyBuddha Newbie

FunkyBuddha

Posted
  • Author
Posted

[1.12.9 / 5.67.9] - 2024-02-06

Fixed

  • fixed issue with symlink resolver introduced in the previous build 

    Hidden Content

      Give reaction to this post to see the hidden content.

[1.12.8 / 5.67.8] - 2024-01-31

Added

  • added Japanese language on Plus UI 

    Hidden Content

      Give reaction to this post to see the hidden content.

Fixed

  • fixed warning issue: SBIE2321 Cannot manage device map: C0000034 / 11 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed issue with explorer.exe that could not run on emulate admin sandbox 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed potential BSOD issue with WFP when trace logging is enabled 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed issue with running programs pinned to the Run menu that did not use the same working directory 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed UseNewSymlinkResolver causing applications to create both the link and the target folder 

    Hidden Content

      Give reaction to this post to see the hidden content.
  • fixed Plus UI notification window becoming stuck when a modal dialog is displayed 

    Hidden Content

      Give reaction to this post to see the hidden content.

Info:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Link:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

  • Like 1
  • Thanks 1
Link to comment

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Go to topic listing
×
×
  • Create New...