Sandboxie 5.31.6 available for download

Hi all,

We have published Sandboxie 5.31.6. Please download from https://www.sandboxie.com/DownloadSandboxie.

The main fixes are around supporting Windows 10 19H2.

We did are some fixes for the Windows 10 20H1 build. Please don't expect that Sandboxie will continue to work with that version as there are likely to be kernel changes that require a new version before 20H1 is fully released.

Thanks.

Akhilesh@Sophos

Parents
  • Akhilesh@Sophos said:

    We have published Sandboxie 5.31.6. Please download from https://www.sandboxie.com/DownloadSandboxie.

     

    I think I found a bug, that might hit security on some systems.

     

    1- Sandboxie and Windows version

    5.30 did block ports, when I used the www.sandboxie.com/BlockPort function with the line

    BlockPort=*,3000-3100


    So, I only wanted to use SOCKS proxies on another box with TCP ports between 3000 and 3100. Worked great with 5.30. No traffic was received on the other box when I on purpose used a SOCKS proxy on lets say port 3111.

     

    When I use this line, with on purpose wrong TCP ports (not being used by my proxies)

    BlockPort=*,9999

    on version 5.31.4 and on version 5.31.6, all traffic is allowed and my Chromium instance is using a SOCKS5 proxy port that I did not allow (because, in this example, I only allowed 9999).


    If I remove the line, all works fine... my proxies on ports 3000-3100 are used, but every TCP port is allowed by Sandboxie :(. So... using BlockPort might be a big security / privacy risk for me :(.

    2 - Affected applications version (if using a browser, include any extensions as well)

    Version 80.0.3970.0 (Developer Build) (64-bit)

    including the latest uBlock Origin and the latest WebRTC Leak Shield extensions

    run with Sandboxie 5.31.4 and 5.31.6.

    3 - List any antivirus installed, and their version.

    Default / clean windows 10 install with Windows Security, latest definitions (of today). This was the Windows install file
    18363.418.191007-0143.19h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us

    4 - Steps to reproduce the issue.

    See point 1.


    5 - Does it occur in a new sandbox with default settings?

    Yes, except the fact that I add the BlockPort line.

     

    6 - Full error message and screenshots of it if applicable.

    No error message... leaking TCP traffic out of the sanbox :(.

     

     

    Just to clarify extra: Sandboxie running with a sandbox named hidemass. I have this line in Sandboxie.ini in \Windows
    BlockPort=*,3000
    I start Chromium with
    "C:\Program Files\Sandboxie\Start.exe" /box:hidemyass C:\Users\Igor\AppData\Local\Chromium\Application\chrome.exe -proxy-server="socks5://192.0.2.1:3024"


    In Sandboxie 5.31.6 this Chromium instance IS working (I have danted running on 192.0.2.1:3024). This is NOT what should happen.
    In Sandboxie 5.30 this Chromium instance is NOT working, which is expected behavior, because I only allow port 3000 and not 3024.

    I looked at www.sandboxie.com/KnownConflicts of this issue was mentioned, it was not.

  • Wouter Budding said:

     

     
    Akhilesh@Sophos

    We have published Sandboxie 5.31.6. Please download from https://www.sandboxie.com/DownloadSandboxie.

    I think I found a bug, that might hit security on some systems.
    [...]


    In Sandboxie 5.31.6 this Chromium instance IS working (I have danted running on 192.0.2.1:3024). This is NOT what should happen.
    In Sandboxie 5.30 this Chromium instance is NOT working, which is expected behavior, because I only allow port 3000 and not 3024.

    I looked at www.sandboxie.com/KnownConflicts of this issue was mentioned, it was not.

    FWIW ~ I would not expect updates to Known Conflicts.
    Users are advised to run 5.31.6.

Reply Children