Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945

Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!

Changed behavior when calling sandboxie start.exe from inside a snadbox in Windows 1809

Sandboxie 5.30, Windows 10 Pro 1809.

At Windows 10 Pro 1709 and earlier versions, when from inside any sandboxZ you run from a batch script " ...Sandboxie\Start.exe /box:sandboxY c: ", it will open in that sandboxZ a windows explorer at c:\
But now that I upgraded to 1809 it does nothing. I use this approach so some files always open sandboxed but if I try to open them while alreade inside a sandbox I cannot open them anymore.

  • Hi Argos,

    I tested the behavior and it works fine for me on Windows 1809 + Sbie 5.30, this is my exact command:
    "C:\Program Files\Sandboxie\Start.exe"  /box:Y c:

    If you need to invoke a different sandbox, then either run the command outside Sandboxie, or run it directly from the desired sandbox. You cannot invoke a sandbox from within a different sandbox.  (I also tested on 1803, and the behavior is the same, which is expected)

    If you are still experiencing problems, please provide all of the required info so that I can further test:
    How to report problems with Sandboxie

    Thanks!

  • In reply to Barb@Sophos:

    Hi Barb@Sophos thanks for the reply. Actually you are right I apologise, before posting I did a fast check with that simple command from the shell and apparently I must missed the popup window. But the changed behavior with my implimentation exists.

    I use a .bat file to open some files sandboxed.
    I checked it more and the problem seems to be because of the registry entry and not relative to the start command

    A very simple example.
    Saving the command from the previous post in c:\x.bat file
    Change registry so all files at right click will have the option to run the x.bat:
    [HKEY_CLASSES_ROOT\*\shell\Test]

    [HKEY_CLASSES_ROOT\*\shell\Test\command]
    @="C:\\x.bat  \"%1\""

    If you right click any file and choose Test it works as expected and opens an explorer in the sandbox mentioned in x.bat.
    But if you try to do the same from inside a sandboxed explorer it does nothing. It makes no difference whatever is written in x.bat even non sandbox related commands

  • In reply to Argos A:

    Hi Argos,

    The steps you provided do not work for me, I get a permissions error when I right-click on a file and try to invoke the x.bat via the newly added shell command.
    So I switched the location of the bat file to my Desktop, and switched command key to absolute path to desktop (this allowed right-click shell command to work).

    I tested both Sandboxie 5.28 and 5.30 and the shell command did not work inside either. However, running the bat directly does work from a Sandboxed explorer.
    How are you making it work on 5.28? Please provide specific steps.

    I've made the devs aware. I'll update this thread if any new info becomes available.

    Regards,

  • In reply to Barb@Sophos:

    Yes it works for me as well if I try to use the bat from inside a sandbox that's why I assume it has to do with registry entries maybe in regards with bat files?

     

    It's the same with 5.28. Before upgrading to Windoes 10 Pro 1809 I was using 1709 so I'm not sure at which version of Windows this behavior changed.

    Actually I used for a very short time 1709 so it is possible that I didn't notice a change there but for sure in Windows 10 1703 and earlier it was working

     

    Thank you for your time