No, it does not matter what order the lines are in - as long as it is in the proper maingroup.

If you do not have SeaMonkey installed, you can remove the SeaMonkey lines (for openfilepath also)

I used to know but I forgot. I believe when you close Sandboxie Control a box pops up that says "You are closing Sandboxie Control" - or something like that. There is a check box for "Do not show this message again". It's something along those lines.

Someone else may know exactly what it is.

This is not a 'both' decision - it is either / or. Luckily in your case, the results will be similar.

#1 It can be this;
[GlobalSettings]
ProcessGroup=<Restricted>,Start.exe,SandboxieDcomLaunch.exe,SandboxieRpcSs.exe,firefox.exe
[DefaultBox]
ClosedFilePath=!<restricted>,*

#2 Or it can be this;
[GlobalSettings]
ProcessGroup=<Restricted>,Start.exe,SandboxieDcomLaunch.exe,SandboxieRpcSs.exe,firefox.exe
ProcessGroup=<Internet>,firefox.exe
[DefaultBox]
ClosedIpcPath=!<Restricted>,*
ClosedFilePath=!<Internet>,\Device\RawIp
ClosedFilePath=!<Internet>,\Device\Ip*
ClosedFilePath=!<Internet>,\Device\Tcp*
ClosedFilePath=!<Internet>,\Device\Afd*

#1 says that only the four listed programs can run in this sandbox, all four programs can access the internet. Now of course this is a very safe setting because three of the programs are safe SandboxIe programs and there is no worry with giving them internet access as they do not access the internet anyway.

#2 also says that only the four listed programs can run in this sandbox, but only one of those can access the internet (Firefox)

So in your case - it is your decision. But don't use them both or try to combine them both.

edited for clarification.

This may help to explain further. Remember, in your case, either is ok.

This is my ini file.

[GlobalSettings]
ProcessGroup=<Restricted>,iexplore.exe,winword.exe,excel.exe,foxitr~1.exe,psp.exe,sandboxiedcomlaunch.exe,sandboxierpcss.exe,start.exe
ProcessGroup=<Internet>,iexplore.exe

[DefaultBox]
ClosedIpcPath=!<Restricted>,*
ClosedFilePath=!<Internet>,\Device\RawIp
ClosedFilePath=!<Internet>,\Device\Ip*
ClosedFilePath=!<Internet>,\Device\Tcp*
ClosedFilePath=!<Internet>,\Device\Afd*

Notice that only Internet Explorer, Microsoft Word and Excel, Foxit Reader, and Paint Shop Pro can run in this sandbox.
Notice also that only Internet Explorer has internet access.

So for me, option #2 is the better choice as I do not want Word and Excel and Foxit and PSP to be able to access the internet.
I only want IE to do that.

One major reccomendation I would give you is to try to develop a habit of doing this all through the SandboxIE Control GUI. Most of these settings are very easy to insert into the ini file that way. SandboxIE will name the process groups what it wants to name them. SandboxIE will put the lines in the order that SandboxIE wants to. The only thing that is really complex about your setup is the amount of closedfilepaths to different partitions.

Other than that, you have one program (firefox) that you need to set in the 'Internet Access' tab in SandboxIE Control.

Jesus Mitch!

Whole 2nd page are all your responses!

SPAMMER!

Yeah SPAMMER ! But what should I have done without Mitch? I tell you, I probably would have stopped using SBIE if it was not for helpful people like Mitch.

Mitch, your replies have been very helpful to me (and perhaps others). I feel more confident using SBIE now and should be able to do some tweaking myself now if needed. Thank you so much.


I have a folder called V-75 on my D-partition. In this folder I store some information that I regularly send to a betting company I trust. Thas why I added this line inside inifile. I believe it means read access but not write access. It seemed to work when I set it up. I am not able to check right now if it works. Why is it invalid? Something I should change to give read access to this folder?

Thanks

Thanks Mitch. I did include that, as well as the line to use with AdBlock, just in case anyone else wanted to know what line to use for the Firefox Add-on called Paste Email Plus. I like it, for those long text entries that I use often - just right click the text entry box, and select the text to enter in the box. It's not for sensitive information, though I do use it to quickly enter a few email addresses or login ID's.

ReadFilePath- http://www.sandboxie.com/index.php?ReadFilePath
Well, I 'thought' it was an older, no longer used setting - but I see now that it does still have a page, so I guess you are good. Maybe Tzuk can confirm that setting is still doing what you want it to do, since that is where your betting stuff is. Everything else is cool?

When I try these together, downloading a file to My Documents produces a box that says "My Documents can not be found" - so you might want to test a download yourself on this.

Hello again. I did not see your last replies until now. (I use the notify by email function, but did not receive notify).

Thanks again for replies.


As I dont want to dl anything to Mydocuments folder I deleted this: RecoverFolder=%Personal% If I need to recover (I seldom do) I recover to desktop. But I did test earlier and was not able to dl anything to Mydocuments with this setting.

I just did some online banking. Could not open pdf-documents (I could before without the need for changing the settings). But this was easily resolved by doing this:

ProcessGroup=<Restricted>,Start.exe,SandboxieDcomLaunch.exe,SandboxieRpcSs.exe,firefox.exe,PDFXCview.exe
ProcessGroup=<Internet>,firefox.exe,

At first I also gave the PDFXCview.exe internet access, but after reading your post over again I realised I did not have too.

Do you happen to know what needs to be added to make my HP printer (Photosmart 2710 all-in-one) work inside SBIE? There are so many different files in the HP folder.

Hope you dont mind I still use this thread, or should I start a new one as my startup problems are resolved?

Personally, I would rather it stay right here, so everyone can see the entire process.

Good, those settings are a guide. Option #2 is first decide what you want to run in that sandbox. And then decide which of those need internet access.

Hmmm, my Brother Printer works fine with no extra settings. If this is a Firefox add-on, you may need something.

As I use IE, almost everything is a true child process (WMP, PDF, etc etc) but with Firefox I know that there are quite a few add-ons that cover it all. There are lots more better at Firefox than I am on the board, and I am sure they will jump in if you need to post more. So I would say to just leave everything here.

One thing you could try is to run Firefox in a sandbox without any of the restrictions that you have now. That will tell us if it is the settings in there already that is preventing it. You may want to consider an "Extra Secure" sandbox for Firefox, and a second sandbox that has less restrictive settings. And run Firefox in the less restrictive box as needed. Just a thought.

Also, maybe run that printer folder as a ForceFolder in a new sandbox with no restrictions, try printing something and watch SandboxIE Control and see if anything starts up. Then try those exe files in your current sandbox, like you did with the pdf viewer.

Thanks for your replies. But it doesnt really matter anymore because I give up on this printer issue.

I tried to print when running outside SBIE and without Online Armors "Run Safer" feature. But still I cannot print. It happens very often. Some times when I plug out and in the printers power cable it does work. I dont know why. But I know one thing for sure: I will never ever buy another HP product! So much (censored) follow when you buy a HP printer. I think I have 3 different HP folders under "MyPrograms" folder. And theres a lot of things in the System32 folder too. It never work as expected. (This printer did cost me a lot too)