Closed zhaodice closed 1 year ago
Have you considered a portable install or install to another (unfrozen) drive and store the .ini in the application folder?
According to the documentation , Sandboxie will look for the sandboxie.ini in C:\Windows first and then in its installation folder. There is an order to it, so the sandboxie.ini in the Windows folder has to be (re)moved.
When you can install it to some other drive like D:\ (or whatever is not locked down/frozen), it should work.
Have you considered a portable install or install to another (unfrozen) drive and store the .ini in the application folder?
I have considered that, but I don't encourage that put automatically starting exe file on the un-protected disk ,because it can be infected by viruses or malware to bypass protection
Have you considered a portable install or install to another (unfrozen) drive and store the .ini in the application folder?
I have considered that, but I don't encourage that put automatically starting exe file on the un-protected disk ,because it can be infected by viruses or malware to bypass protection
Off topic: Does "un-protected" mean infected (or un-frozen)? On a clean system, if one uses sandboxie (configured properly, especially for internet facing apps) on a non-system drive, how can the system get infected by viruses or malware to bypass protection unless one is deliberately negligent? Otherwise, this is a serious concern. Perhaps you can explain how this might happen.
On topic: (a) Freezing programs usually support exclusions for files/folders. What do you use? (b) You may try symbolic links/junctions (but not sure).
Have you considered a portable install or install to another (unfrozen) drive and store the .ini in the application folder?
I have considered that, but I don't encourage that put automatically starting exe file on the un-protected disk ,because it can be infected by viruses or malware to bypass protection
Off topic: Does "un-protected" mean infected (or un-frozen)? On a clean system, if one uses sandboxie (configured properly, especially for internet facing apps) on a non-system drive, how can the system get infected by viruses or malware to bypass protection unless one is deliberately negligent? Otherwise, this is a serious concern. Perhaps you can explain how this might happen.
On topic: (a) Freezing programs usually support exclusions for files/folders. What do you use? (b) You may try symbolic links/junctions (but not sure).
un-protected
means that "non shadow system", or without a snapshot of C disksandboxie-plus
on a virtual machine , and I have made a snapshot with C disk, others don'tWhy I use sandboxie-plus? I hope that I can restore C disk, ensure no any new installed software could auto run after system booting. and sandboxie-plus allows me put any new installed software into another disk. so I can keep software and data after I restore C snapshot. but if I install sandboxie-plus into non-snapshot disk, it is possible that some bad software can replace sandboxie-plus's dll or exe to bypass my snapshot , so that it could auto start after I restore C snapshot. although there is no viruses or malware I saw, but it is a basic safety measure
symbolic links does work!
hmmmm... ini file becomes read-only stats after symbolic links setting, SBIE 2322, could it support symbolic links?
I think adding symlink support is not the best way to go, I think the most expedient would be to allow to specify a path in the registry under HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv which if present would be checked after the installation dir but before the windows directory. @zhaodice since the feature seams to be mostly needed by you at the moment how about becoming a epic patreon of the project and request the feature to be added to the next build? Supporting the project and contributing the the betterment of man kind is a worthy investment ;)
I think adding symlink support is not the best way to go, I think the most expedient would be to allow to specify a path in the registry under HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv which if present would be checked after the installation dir but before the windows directory. @zhaodice since the feature seams to be mostly needed by you at the moment how about becoming a epic patreon of the project and request the feature to be added to the next build? Supporting the project and contributing the the betterment of man kind is a worthy investment ;)
sounds good, redirecting ini file path by register key is a good idea, it is pity that I am not familiar with windows program , so I cannot make pr to this project,sorry. but I will consider make contribute by another ways(I am currently a student and don't have a high income)
and... I have solved my problem by script :
every restore C disk,script mounts old qcow2 file and get Sandboxie.ini , then put it into new qcow2 file by this method, Sandboxie.ini will be inherited to next new qcow2
this is issue can be low priority if no other wants this
added in 1.9.3
Is your feature request related to a problem or use case?
I use sandboxie-plus in a protected machine,which has frozen C disk, I have to unlock C disk when I update sandboxie.ini, could I edit the sandboxie.ini path to another disk/path?
Describe the solution you'd like
add a option which could edit path of sandboxie.ini
Describe alternatives you've considered
No response