Closed Inter-Process Communication between Test.exe and everything.

*=everything



Your "If" is incorrect, so therefore the result of that "If" is not as you expect. You are miss-writing the instruction
ClosedIpcPath=!<Restricted>,*


"No need" as pertaining to ProcessGroup as ProcessGroup was yet to be invented.

Dogdog, while I understand your interest in IPC, that isn't really the purpose of this thread.

This thread is more generally controlling different aspects of the sandbox. If you want to discuss IPC in depth please start another thread.

Thanks, Pete

That's a good idea. Thanks Pete

First of all - thanks. I had missed that ",*" was part of instruction line. I can now see what is happening and why it works.

I understand your comment about starting a different thread. My only observation is that if people modify the Ini file without understanding how the instruction works then this is a dangerous route. Hence I think that an explanation of why it works does belong in the same thread as how it works. Howevever, if the majority disagree then I will go with the flow.

Again, thanks for your help.

Your welcome DogDog

I've also got the line

ClosedFilePath=!<InternetAccess_Firefox>,\Device\udp

in my configuration. I'm not sure where it came from and is it needed?

I have also seen that line inserted as a 5th line of the internet access settings over at Wilders, and I think it was used here when the Internet Access settings were first created.

\Device\RawIp
\Device\Ip*
\Device\Tcp*
\Device\Afd*
\Device\UDP

All I can tell you is that the top 4 lines are what currently SandboxIE gives you to block internet access. I am no way a network expert or anything so maybe others can chime in better with a desciption maybe on all 5 lines, so everyone can understand what is happening, and whether we should include the UDP line or not.

Thanks Mitch, probably a good idea to add \Device\Udp and \Device\Udp6 to Sandboxie. Looks like those devices implement the "UDP" transport, as opposed to the "TCP" transport, for data going out on the network. And looks like there is also \Device\RawIp6 in addition to \Device\RawIp.

So after this? It'll go from 4 lines to 7?

Thanx Tzuk, I'll edit the early posts in this thread so it is easier to copy/paste. Also "Good Pick-up" goes out to Tarsins,

Mh, this sentence sounds for me this has to be implemented first, or does SB already support \Device\Udp* and \Device\RawIp* ?
I mean, if already implemented, the 'Block All' button would set the options (what it doesn't at the moment).

@Mitch
Why 4 lines for UDP and RawIP? Are the above two lines not sufficient?

@Ruhe;
I do believe that a * will suffice and eliminate two of the lines - just as you say. However, Tzuk stated it as separate lines and frankly, whether or not I have two additional lines in my ini file means nothing to me. So that is why I left it as you see.
Plus, I have something else in mind that is better handled with individual lines. See next post;

Here is something we can play with; I have a sandbox where Internet Explorer is the only program with internet access.

ok so with the new settings we have this;
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\RawIp
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Ip*
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Tcp*
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Afd*
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\RawIp6
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Udp
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Udp6

well I can get (at least as far as I can see right now) everything I need with;
ClosedFilePath=\Device\RawIp
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Ip*
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Tcp*
ClosedFilePath=!<DefaultBox_InternetAccess>,\Device\Afd*
ClosedFilePath=\Device\RawIp6
ClosedFilePath=\Device\Udp
ClosedFilePath=\Device\Udp6

which means that I can block off 4 of the items even from Internet Explorer. I am still able to download, flash still works, can't find any differance yet. Not reccomending, just experimenting.

What I am wondering is whether or not there are any malware or keylogger type items that are sent out via the browser that utilize any of the blocked functions?

Also wondering if we can open up any of the three * items and also block parts of those?

If I'm not sure, the resources that end with 6 are only there on Vista, and implement IPv6 which isn't useful. So they are blocked for sake of completeness but I don't think it makes one bit of difference either way, assuming no program is going to use these resources.

The UDP resource would probably not get a lot of use, but possible for stuff like multiplayer games running in your Web browser.

Thanks Tzuk, I see what you mean - a lot of rope-a-dope just to maybe get .00001 extra. Ok, well that is done. Do you have any plans on adding lines for Internet Access in an update - perhaps as Ruhe points out, with *s?

Also, it seems such a good fitting with ProcessGroup and ClosedIpcPath=! that can we Feature Request that at some point the GUI would handle a procedure as outlined here? I realize that asking for a new page in the GUI is a ton, but as DogDog points out, this would all be a lot more certain if done through SandboxIE Control.