Releases: sandboxie-plus/Sandboxie
Release v1.15.1 / 5.70.1
Release Notes
This build fixes a couple issues with 1.15.0 and updates compatibility to the latest windows insider build.
For a full list of changes please review the change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.15.0 / 5.70.0
Release Notes
This build of Sandboxie Plus version 1.15.0 introduces several impactful enhancements, focusing on user-specific operations and security improvements. A notable addition is the new user proxy mechanism, which enables user-specific operations, as well as support for Encrypting File System (EFS) through the user proxy. By adding the configuration 'EnableEFS=y' to the sandbox, users can now leverage EFS within the sandbox environment. Furthermore, a breakout document feature has been implemented, allowing users to specify certain file paths and extensions that can escape the sandbox. However, users are warned to avoid paths terminated with wildcards as they may open up security vulnerabilities, enabling the execution of malicious scripts outside of the sandbox.
In terms of security, a new mechanism has been added to restrict access to box folders, allowing only the user who created the folder to access it by setting 'LockBoxToUser=y'. Additionally, users now have the option to retain the original Access Control Lists (ACLs) on sandboxed files or modify them, providing more flexibility in access management, this may introduce compatibility issues though. Another new feature is the 'OpenWPADEndpoint=y' option, which allows to open system proxy configuration access. On the technical side, improvements have been made to the startup processes for SandboxieCrypto and Sandboxed RPCSS, as well as refinements to the user interface controls.
These updates mark a significant step forward in both the security and functionality of Sandboxie Plus.
For a full list of changes please review the change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.10 / 5.69.10
Release Notes
This build fixes various issues and adds a few features, for a full list of changes please review the change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.9 / 5.69.9
Release Notes
This build fixes various issues and adds a few features, for a full list of changes please review the change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.8 / 5.69.8
In this release, we have introduced several new features and improvements that significantly enhance the user experience and provide greater flexibility in system operations. Most notably, users can now effortlessly obtain free 10-day evaluation certificates directly from the support settings page within the UI. These certificates are hardware-locked to the user's machine and allow for up to three requests per hardware ID, making it easier to test and evaluate the system with minimal setup.
Furthermore, new options have been added to increase privacy and security, such as the ability to modify the Windows Product ID in the registry to a random value and to return random values for disk serial numbers and network adapter MAC addresses when queried by applications. These features add an extra layer of obfuscation to protect against unwanted system identification.
Other enhancements include the ability to terminate all processes when Sandman exits, a new option for configuring DropConHostIntegrity directly from the UI, and an improved shared template feature in the New Box Wizard. The number of available shared templates has increased to 10, and the template names can now be easily updated by adjusting the corresponding settings.
In terms of fixes, we have addressed several key issues, including improving the "HideDiskSerialNumber" functionality to prevent application crashes, correcting the format of encrypted proxy passwords, and resolving an issue related to the "NtQueryDirectoryObject" function to avoid easy sandbox detection. These updates contribute to a more stable and secure environment for users.
For a full list of changes and fixes please review the full change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.7 / 5.69.7
In this release, we have introduced several new features and improvements that significantly enhance the user experience and provide greater flexibility in system operations. Most notably, users can now effortlessly obtain free 10-day evaluation certificates directly from the support settings page within the UI. These certificates are hardware-locked to the user's machine and allow for up to three requests per hardware ID, making it easier to test and evaluate the system with minimal setup.
Furthermore, new options have been added to increase privacy and security, such as the ability to modify the Windows Product ID in the registry to a random value and to return random values for disk serial numbers and network adapter MAC addresses when queried by applications. These features add an extra layer of obfuscation to protect against unwanted system identification.
Other enhancements include the ability to terminate all processes when Sandman exits, a new option for configuring DropConHostIntegrity directly from the UI, and an improved shared template feature in the New Box Wizard. The number of available shared templates has increased to 10, and the template names can now be easily updated by adjusting the corresponding settings.
In terms of fixes, we have addressed several key issues, including improving the "HideDiskSerialNumber" functionality to prevent application crashes, correcting the format of encrypted proxy passwords, and resolving an issue related to the "NtQueryDirectoryObject" function to avoid easy sandbox detection. These updates contribute to a more stable and secure environment for users.
For a full list of changes and fixes please review the full change log.
Known Issues
A sub set of older certificates is not properly recognized, when you experience issues with your large certificate please downgrade to 1.14.6 this issue will be fixed in 1.14.8, we are sorry for the inconvenience.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.6 / 5.69.6
This build fixes various bugs and adds some minor improvements.
For a full list of changes and fixes please review the full change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.5 / 5.69.5
This build fixes various bugs and adds some minor improvements.
WARNING: this build has an issue with windows 7 and 8/8.1 please wait for 1.14.6 if you are still on Win 7.
For a full list of changes and fixes please review the full change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.4 / 5.69.4
This releases fixes a few issues with 1.14.3 and provides a production ready 1.14.x build.
For a full list of changes and fixes please review the full change log.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.14.3 / 5.69.3
In the 1.14.x release line, several significant updates and fixes have been introduced to enhance the functionality and performance of sandboxed processes. These enhancements are aimed at providing users with a more robust and versatile experience, ensuring smoother and more secure operations.
One of the major updates is the introduction of the ability to force sandboxed processes to use a predefined SOCKS5 proxy. This feature allows for more controlled and secure network interactions. Additionally, the capability to intercept DNS queries for logging or redirection has been added, providing administrators with greater oversight and flexibility in managing network traffic. Notably, support for SOCKS5 proxy authentication based on RFC1928 has been incorporated, thanks to Deezzir's contributions, who also developed a Test Dialog UI for the SOCKS5 proxy. It is important to note that utilizing the Proxy and DNS features requires an advanced type certificate.
The release also introduces a new command line option, /fcp /force_children, to the start.exe utility. This option enables the initiation of a program outside the sandbox while ensuring that all its child processes are sandboxed, enhancing security without compromising flexibility. Additionally, a new feature allows for the limitation of memory usage and the number of processes within a single sandbox through job objects. This was made possible by Yeyixiao's contribution and can be configured using "TotalMemoryLimit" for overall sandbox memory limits and "ProcessMemoryLimit" for individual process limits.
Further improvements include the addition of a new "Sandboxie\All Sandboxes" SID to the token creation process, which fundamentally alters the token creation mechanism. This feature can be activated with the "SandboxieAllGroup=y" setting. Users can now also configure the "EditAdminOnly=y" setting on a per-box basis, providing more granular control over administrative permissions. Additionally, a new UI option allows users to start unsandboxed processes while forcing child processes into a sandbox, and the "AlertBeforeStart" option prompts a warning before launching a new program into the sandbox if the initiating program is not a Sandboxie component.
Moreover, the update introduces a mechanism to block unsafe calls via RPC Port message filtering and a template to prevent sandboxed processes from accessing system information through WMI. A new "Job Object" Options page has been added, consolidating all job object-related options for easier management. Several critical fixes have been implemented, including resolving Chrome printing problems and various bugs affecting sandbox properties and program launching. Compatibility with Steam running sandboxed has also been improved.
Compatibility with Windows build 26217 has been validated, and dynamic data has been updated accordingly. Finally, an issue with an early batch of Large Supporter certificates has been resolved, ensuring smoother operation and fewer disruptions. These updates collectively enhance the security, performance, and usability of sandboxed processes, providing users with a more reliable and efficient environment.
For a full list of changes and fixes please review the full change log.