Releases: sandboxie-plus/Sandboxie
Release v1.12.5 / 5.67.5
Release Notes
The latest update brings notable improvements and fixes to Sandboxie-Plus.
Key enhancements include the integration of Date & Time display in the Sbie Messages tab, and a streamlined the box creation process, allowing for more versatile box types. Among the various fixes, issues with sandboxed processes and stability concerns in SandMan-v1.12.3 have been addressed, ensuring a more reliable and efficient user experience.
We also announce a change in our update policy: automated update download & installation now requires an active supporter certificate to use the stable channel. Users on the preview channel with all the experimental potentially buggy test builds can still use auto update without a certificate. Users on the stable channel from now on will instead receive a update notification guiding them to our manually download page.
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.12.4 / 5.67.4
Release Notes
This build has a bug regarding Chromium-based browsers, please update to 1.12.5
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.12.3 / 5.67.3
Release Notes
This build brings a lot of usability improvements, most notably the ability to auto force all removable media (Requires a supporter certificate).
In the settings, exceptions can be specified, based on the volume serial number to exclude selected devices from forced sandboxing.
This build also enhances on the global hotkeys, two new hotkeys "Alt + Break" have been added to bring the sandman window in front with the top most flag set, and "Ctrl + Alt + F" to toggle disabling of forced processes, furthermore the terminate all hotkey "Shift + Break" (panic hotkey) has been improved, individual sandboxes can be configured to be excluded from a blanket global terminate all command, however when the panic hotkey is invoked 3 times with < 1 sec between presses it will terminate all boxed processes, no exceptions.
Also worth mentioning is an improvement to the service handling which allows to install and run the GOG launcher sandboxed in a reduced isolation box with the following configuration:
UnrestrictedSCM=y
RunServicesAsSystem=y
NoSecurityIsolation=y
Template=RpcPortBindingsExt
Further work is ongoing to make GOG work in a standard sandbox.
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.12.2 / 5.67.2
This build fixes many issues and adds some new functionality.
This is a unsigned pre-release build, a final build is scheduled for the end of this week.
For a full list of changes and fixes please review the full Changelog.
Release v1.12.1 / 5.67.1
This build fixes a couple of issues, among them an issue with Firefox 120.
For a full list of changes and fixes please review the full Changelog.
Release v1.12.0 / 5.67.0
Release Notes
This build brings a lot of usability improvements most notably the ability to auto force all removable media (Requires a supporter certificate).
In the settings exceptions can be specified, based on the volume serial number to exclude selected devices form forced sandboxing.
This build also enhances on the global hot keys, two new hot keys have been added "Alt + Break" to bring the sandman window in front with the top most flag set, and "Ctrl + Alt + F" to toggle disabling of forced processes, furthermore the terminate all (panic hotkey) hot key "Shift + Break" has been improved, individual sandboxes can be configured to be excluded from a blanket global terminate all command, however when the panic hotkey is invoked 3 times with < 1 sec between presses it will terminate all boxed processes, no exceptions.
Also worth mentioning is an improvement to the service handling which allows to install and run the GOG launcher sand boxed in a reduced isolation box with the following configuration:
UnrestrictedSCM=y
RunServicesAsSystem=y
NoSecurityIsolation=y
Template=RpcPortBindingsExt
Further work is ongoing to make the GOG work in a standard sandbox.
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.11.4 / 5.66.4
Release Notes
This is a maintenance release fixing a various issues and adds minor improvements
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.11.3 / 5.66.3
Release Notes
This is a maintenance release fixing a few issues, and updating the 7z library to 23.01 which fixes a security issue present in previous versions of this library.
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.11.2 / 5.66.2
Release Notes - New Features and Enhancements
Sandboxie-Plus 1.11.x comes with a new component ImBox.exe which in combination with new service and driver mechanisms enables exciting new functionality. The ImBox.exe is a block device proxy for the ImDisk driver (which can be installed using the add-on manager introduced in 1.10.x) and is capable of creating dynamic RAMDisks as well as mounting Encrypted Box Images using DiskCryptor's robust and reliable AES-XTS implementation.
-
The RAMDisks integration is available to all project supporters with a valid supporter certificate, it allows for seamless RAMDisk usage once configured on the add-on options settings page and enabled for selected sandboxes. The RAMDisk can be mounted without a drive letter providing a seamless experience, the appropriate Folders on the shared RAMDisk are linked to the default box root folder locations. The RAMDisk is NOT persistent this means that all data stored on the RAMDisk vanish once the system is rebooted, making such a sand box ideal to store transient confidential data.
-
The Encrypted Box Image feature uses encrypted container files to store a boxes root directory (containing all files and the boxes registry hive) the mounted encrypted volume is by default guarded by the driver such that only processes runnign within the sandbox (and essential sbie+ components) can access the files stored on that volume. In combination with the "ConfidentialBox=y" option, host process read access to sandboxed processes memory is effectively blocked, ensuring no rogue process on the host can access confidential data in RAM belonging to sandboxed processes. The combination of this mechanisms creates secure enclaves, which ensure data processed within an enclave can not leak to the host (except for user configured OpenFilePath locations) and is protected even when the host would to be compromised (only adversaries which obtained kernel level privileges can bypass these mechanisms).
Note: As the new Box Encryption feature opens up a completely new branch of use-cases, which would merit being a separate product on its own, it requires a separate advanced encryption option which must be obtained in addition to a valid supporter certificate, except for the following certificate types: Contributor, Patreon, Huge and Large, all others need to be upgraded using a upgrade key which can be obtained on the web store and has to be entered on the support page.
Also for more clarity the available certificate scheme was restructured Small was renamed to Subscription, Medium to just Personal, Large was removed and a Family Pack subscription was added.
For a full list of changes and fixes please review the full Changelog.
You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.
Release v1.11.1 / 5.66.1
This is a maintenance release it fixes various bugs and issues, see the full changelog for details