We'd love to hear about it! Click here to go to the product suggestion community
I have Windows 10 Pro x64 v1903 and Sandboxie v5.31.2 - paid license. Sandboxie is my favourite program and I've been using it for about 10 years now.Today, I've noticed that file download info stays in Internet Explorer after terminating and deleting contents of my DefaultBox. :(
Afterwards, after auto-deletion of the contents of the DefaultBox I checked in Windows Explorer and the DefaultBox folder was gone, as it should be.Then, I run IE in my second sandbox named Disabled Internet (which has internet disabled for all programs) and, to my suprise, was able to see the downloaded files from the previous session in the DeafaultBox. Which means that the downloaded files info got saved outside of the sandbox. :(
Then, I checked with CCleaner and saw that I had a ton of cookies on my system, even though all my sandboxes are deleted/emptied and I have no exceptions that allow cookies or anything enabled.So, I then created a new sandbox named LeakBox, with forced IE and no exception allowed + drop rights feature enabled (as it's in all my sandboxes anyway). I run IE in the LeakBox and downloaded CCleaner installation file, to test it again.And it leaked again. :(https://i.imgur.com/O24rvi3.png
I have downloaded CCleaneer with Firefox, closed FF and deleted the content. Now the downloaded file is gone, as expected.
Maybe this is an IE issue? As far a I know Edge can not be sandboxed, so maybe MS has changed something in IE to the same effect?!
I agree that Sandboxie appears to be leaking running IE. I'm seeing cookie files with modified dates that happened only while running IE in the sandbox. And sites I've visited only inside the sandbox are showing the 'visited link' coloration outside of the sandbox, or inside the sandbox again after I've wiped the sandbox.
There's most definitely a leak.
In reply to Tim Rude:
Most definitely. It has been there for a while now and I've spent time reproducing it and trying to see why or fix it. I give up, but the path,
C:\Users\(user)\AppData\Local\Microsoft\Windows\INetCache is written to right through the sandboxie to the harddrive. No I do not or ever have opened up IE cookies in settings, and it makes no difference that setting was tested.
Sandboxie cannot sandbox IE11 cookies and I got stuck with some un-deleteable cookies. Simply use IE11 entire browser reset to remove un-deleteable content ,.... but still if cookies leak thats a vector....I am wondering how and what else can leak.
It's a sign to stop using IE11, I've been with sandboxie from the beginning and back then it's primary goal was ONLY sandboxing Internet Explorer without crashing, and anything else Tzuk could make work at first was a bonus.
People need to be realistic. Sophos is busy building their business and sandboxie is not a product that's easy to configure/use or market. We are lucky they did not kill it off, but realistically I doubt any programmers with the experience and skill will work for free keeping sandboxie up to date. Let's hope Sophos continues with minimal but functional fixes.
If you have a sandboxie problem that nobody else is having, it's most likely your PC's particular configuration as problems with sandboxie are usually widespread problems and quickly pop up in this forum. Lets hope for the best but be realistic in Sophos role. Even Tzuk didn't work for free.