How much access to information do threats really have?

Question

Hi, 
 I get that potential software threats that are installed in a sandbox is isolated from making changes to the actual system. 
 But, doesn&acute;t it still have access to confidential information, such as browser history or documents on the computer? 
 I ask about that because I know that the sandbox and the software installed in the sandboxes can "copy" files from the actual system as needed. 
 Would then a trojan be able to get confidential information from my browser or other files and send it elsewhere? 
 I know it wouldn&acute;t be able to make changes to my system, but wouldn&acute;t it be able to pull information from it? if not, why not? 
 Thanks for the clarification.

Barb@Sophos · Answer

Hi Diogo, 
 Here's a copy paste from our FAQ regarding how does Sandboxie protect you, which explains how does Sandboxie protect your computer, and it also explains that it does not typically stop sandboxed apps from reading your sensitive data. https://www.sandboxie.com/FrequentlyAskedQuestions#HowItWorks 
 How does Sandboxie protect me, technically? 
 Sandboxie extends the operating system (OS) with sandboxing capabilities by blending into it. Applications can never access hardware such as disk storage directly, they have to ask the OS to do it for them. Since Sandboxie integrates into the OS, it can do what it does without risk of being circumvented. 
 The following classes of system objects are supervised by Sandboxie: Files, Disk Devices, Registry Keys, Process and Thread objects, Driver objects, and objects used for Inter-process communication: Named Pipes and Mailbox Objects, Events, Mutexs (Mutants in NT speak), Semaphores, Sections and LPC Ports. For some more information on this, see Sandbox Hierarchy . 
 Sandboxie also takes measures to prevent programs executing inside the sandbox from hijacking non-sandboxed programs and using them as a vehicle to operate outside the sandbox. 
 Sandboxie also prevents programs executing inside the sandbox from loading drivers directly. It also prevents programs from asking a central system component, known as the Service Control Manager, to load drivers on their behalf. In this way, drivers, and more importantly, rootkits, cannot be installed by a sandboxed program. 
 It should be noted, however, that Sandboxie does not typically stop sandboxed programs from reading your sensitive data. However, by careful configuration of the ClosedFilePath and ClosedKeyPath settings, you can achieve this goal as well. 
 
 For more info, please see below: 
 The virus FAQ section covers more scenarios regarding viruses and using Sandboxie: https://www.sandboxie.com/FAQ_Virus 
 And, as additional info, I suggest to have a look at the keyloggers entry: https://www.sandboxie.com/DetectingKeyLoggers 
 You may also be interested in the privacy entry as well: https://www.sandboxie.com/PrivacyConcerns Regards,