navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI incompatible to Sandboxie, making system vulnerable again

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
rzlm6g PSI incompatible to Sandboxie, making system vulnerable again
Member 11th May, 2014 20:37
Ranking: 0
Posts: 2
User Since: 13th Apr, 2014
System Score: N/A
Location: DE
Last edited on 11th May, 2014 20:42

This is a copy of a thread of mine with the same subject - unfortunately I only noticed today that there was a reply from April. The original thread is locked now so I must answer this way.
http://secunia.com/community/forum/thread/show/148...

Anthony,
you got me wrong, I must have explained poorly. I said that PSI is trying to update Flashplayer 12 to 13 although the outdated version is running in a Sandboxie environment.
From your answer I suspect that you assume the Flashplayer should be located outside the sandbox, and another outdated copy of a Flashplayer is in the sandbox.

But that is not the situation:

Outside the sandbox, there is no Flashplayer. The *only* existing Flashplayer is v.12 (outdated) *in* the sandbox. Still, PSI finds it and starts an installation of a second Flashplayer outside of the sandbox.
You also explain that I can delete the contents of the sandbox. True, but not what I want to do. Because I want the sandbox to secure not only the barebone browser, but also the plugins, I need to install them all into the sandbox, and hence it makes no sense to delete the sandbox contents else I need to re-install the complete firefox environment every time I go to the internet.
So, again: There is *no* version in SysWOW64, the *only* version is (on drive E:) inside Firefox's sandbox, but PSI takes it as if it were existent on C: and *creates* a 2nd v.13 outside the sandbox on C:, not updating v.12 - btw. how can you know v.12 was in use then?

Thank you for not being mean because I answer so late.

EDIT It may be possible to install plugins outside and force them to run inside with the 'forced programs' / 'forced folfers' thingy. But I wouldn't like to trust in that because it's really clumsy to maintain and difficult to install plugins from the firefox app which is in the sandbox to outside the sandbox. This all does not only affect files, but also registry entries - and by just keeping everything inside, it's simple and safe.

No one has replied to this thread yet - be the first
This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+