search

sandboxie-plus / Sandboxie

Sandboxie Plus & Classic
https://Sandboxie-Plus.com
GNU General Public License v3.0
13.69k stars 1.52k forks source link

Disallow 32bit processes per sandbox #1866

Closed bastik-1001 closed 2 years ago

bastik-1001 commented 2 years ago

Is your feature request related to a problem or use case?

This request is made under the assumption that Sandboxie is able to tell if a process, that is spawned under its control, is a 64bit process or not.

If Sandboxie can recognize processes being 64bit, I want to disallow it to launch anything less than 64bit (32 bit, 16 bit), per sandbox. E.g. this shall not be true for all sandboxes, but just those that are expected to host 64bit programs anyway.

The main reason behind this request is to ensure that all processes have the ability to address more than 4 gigabyte of memory.

Of course this feature could only apply to the 64bit version of Sandboxie.

Describe the solution you'd like

A simple config option to enforce processes being 64bit per sandbox.

Describe alternatives you've considered

In case, Sandboxie can't even tell if a process is 64bit or net, the request does not seem to be feasible.

DavidXanatos commented 2 years ago

I thought about that and i don't see much use in such a feature, also you cant run 16 bit apps on a 64 bit OS that functionality was dropped.

I would sugest to use 

OpenFilePath=C:\Windows\SysWOW64

with that any 32 bit program on a 64 bit os should crash pretty early in its startup that would in the end not be different than sbie generating some access denided or something.

bastik-1001 commented 2 years ago

Fair enough, had no idea that it could be achieved. It has to be ClosedFilePath for it to work as intended.

Edit: And I knew that 16 was gone for Win7 64bit, but I was not sure if later versions of Windows don't try to emulate that again.