Allow full access to specific subfolder while access to all other subfolders is blocked

Hi,

actually I want to block access to all folders in (e.g., %users%), but want to allow access to one specific subfolder in %users% only. Something like a single exception from the blocking rule.

It would be possible to create for each subfolder in %users% a block or allow rule, but this is getting extensive if many subfolders exist.

 

Is there some kind of possibility to configure this easily?

 

Thanks

Parents
  • Hi Obelix,

    The available access/restriction options are listed below:
    https://www.sandboxie.com/ResourceAccessSettings#file

    You will have to manually block each location.
    What are you trying to do exactly? If you provide more info perhaps we can come up with a better solution.

    Regards,

    Barb@Sophos
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

     

  • Hi Barb@Sophos,

    I want to disallow read and write access to all folders in %users%, but want to allow read and write access to a subfolder %users%/obelix/appdata/roaming/vendor2/app1.

    I think it is possible to create an allow rule on top and then block all folders except the one in the given path. That would look like

    allow: %users%

    block: %users%/asterix

    block %users%/obelix/folder1

    block %users%/obelix/folderN

    block %users%/obelix/appdata/folder1

    block %users%/obelix/appdata/folderN

    block %users%/obelix/appdata/roaming/folder1

    block %users%/obelix/appdata/roaming/folderN

    and so one

    These are quite much rules if there are many folders, for which access shall be forbidden. 

    In addition, this would not work if new folders are added afterwards as these have to be considered by an additional rule later manually.

     

    As block seems to overrule an allow rule, I would apreciate a possibility to block a complete subfolder hierarchy and defining an exeption for the given path.

     

    May be there are ways to achieve this differently and I didn't recognized so far.

     

    Thanks for any help

Reply
  • Hi Barb@Sophos,

    I want to disallow read and write access to all folders in %users%, but want to allow read and write access to a subfolder %users%/obelix/appdata/roaming/vendor2/app1.

    I think it is possible to create an allow rule on top and then block all folders except the one in the given path. That would look like

    allow: %users%

    block: %users%/asterix

    block %users%/obelix/folder1

    block %users%/obelix/folderN

    block %users%/obelix/appdata/folder1

    block %users%/obelix/appdata/folderN

    block %users%/obelix/appdata/roaming/folder1

    block %users%/obelix/appdata/roaming/folderN

    and so one

    These are quite much rules if there are many folders, for which access shall be forbidden. 

    In addition, this would not work if new folders are added afterwards as these have to be considered by an additional rule later manually.

     

    As block seems to overrule an allow rule, I would apreciate a possibility to block a complete subfolder hierarchy and defining an exeption for the given path.

     

    May be there are ways to achieve this differently and I didn't recognized so far.

     

    Thanks for any help

Children