Sandboxie is a program for Windows that puts applications on the operating system in a sandbox to improve security. A sandbox separates programs run in it from the underlying operating system and other software or data, effectively preventing those programs from making permanent changes to the system.
Even malicious software is restrained to the sandbox which means that it cannot infect the operating system itself and that all traces of it will be removed from the system once the sandbox is terminated.
Software that is run in the sandbox is isolated from the system which makes it ideal for testing purposes, and to improve the overall security of the system by running applications that are often targeted by malware developers in the sandbox.
Sandboxie has been around for years, and its developer Ronen Tzur has added new features regularly to the program in that time. Today, it is one of the best -- many say the best -- sandboxing solution for Windows.
Sandboxie is a shareware program. A free version of the application is offered for download on the program's homepage that misses a couple of features and will display a reminder after 30 days of use that you should upgrade to the paid version of the software. It remains fully functional though and the author notes that users are encouraged -- but not required -- to upgrade to the paid version.
The paid version offers two additional features that are not available in the free version of the software. You can force programs to run in the sandbox; this means that they will be launched in the sandbox environment regardless of how they are started which makes the whole process more comfortable for the user.
The second feature lets you create and use multiple sandboxes on the system, and run the same program in multiple sandboxes at the same time.
It is available for the reasonable price of €15. Pricing changed in recent time. Sandboxie for Home Use requires a subscription that is available for $20.95 per year.
Note: Sandboxie 4.06 was used for the initial review, Sandboxie 5.26 was used for the update.
Installation of Sandboxie is straightforward. The program is compatible with 32-bit and 64-bit versions of Windows. The installer is clean and does not hold any surprises. Sandboxie needs to install a driver on the system which it does during installation.
The application displays software compatibility information on first start. It highlights detected applications on the system and recommends compatibility setting for these. You can remove programs from the list and add new ones, and hide future software compatibility dialogs.
Sandboxie opens the main Sandboxie Control interface afterward. A default sandbox is available right away. Previous home versions of Sandboxie limited use to a single sandbox. This restriction appears to have been lifted as I could create new sandboxie using Sandbox > Create New Sandbox in the unregistered version.
To run programs in a sandbox, select Sandbox > DefaultBox > Run Sandboxed > Run from the toolbar menu.You may also right-click on any sandbox and select "run sandboxed" from the context menu to do so.
Web browsers, Email clients and Windows Explorer are displayed here directly, but you can also use the menu to run a program from the start menu or any program that is available on the system.
It is alternatively possible to drag and drop applications -- or their shortcuts -- into the Sandboxie environment to run them sandboxed.
Sandboxie adds a context menu item to Windows Explorer which you can also use to run programs or files in the sandbox.
In addition to that, you can also create shortcuts for sandboxed programs. To do so, do the following:
You can run the shortcut whenever you want to load the software it links to in the selected sandbox.
Note: If you run a program in a sandbox, it means that it won't be able to interact with data on the system in a permanent fashion by default. This may be problematic in some cases. Say you run Firefox in the sandbox and the browser updates itself to a new version.
When you close Firefox or terminate the sandbox, the update is gone and you will be asked to update again next time you run the program.
In the case of updates, be it program updates or updates to add-ons, it is best to run the program outside of the sandbox during the update so that it can update just fine provided that is what you want.
Registered users who force programs to run in the sandbox can disable forced programs for a short while using the tray icon menu.
The same is true for downloads that you make and any other content that changes. If you need the change to be permanent, you need to disable the sandbox functionality or use built-in controls.
Sandboxie offers controls to bypass the sandbox in certain cases.
Sometimes, you may want to allow programs access to certain files on the underlying system. In the case of web browsers, you may for instance want to keep new bookmarks, passwords and session cookies.
Sandboxie offers default controls for popular programs such as the Firefox or Internet Explorer web browser, Thunderbird and Outlook email clients, and various other products such as security software, download managers or PDF readers.
Firefox users can for example enable direct access to passwords, bookmarks, cookies or sessions directly here.
While you could navigate to the sandboxed folders to move files out of it while the sandbox is up and running, it is often better to use Sandboxie's Quick Recovery or Immediate Recovery features instead.
Whenever you close a sandbox, or run Quick Recovery manually, contents of select folders will be scanned for files that you have saved to them while the sandbox was up and running. The default locations are the downloads folder, My Documents, Favorites and the Desktop.
The idea here is to provide you with the means to save files that would otherwise be lost when the sandbox is terminated.
Tip: You can add folders to Quick Recovery under Sandbox > [Name of Sandbox] > Sandbox Settings > Recovery > Quick Recovery.
Immediate Recovery automates the recovery process for you. It monitors select folders on the system and file extensions, and will suggest to move them out of the sandbox as soon as they get saved in a program that is running in the sandbox.
The benefit here is that you do not have to invoke the recovery manually.
Tip: You can disable the Immediate Recovery feature under Sandbox > [Name of Sandbox] > Sandbox Settings > Recovery > Immediate Recovery.
Identifying sandboxed programs
All programs that you run in a sandbox look on first glance just like any other program you run on your system. When you move the mouse cursor to the window border however, you will notice a colored border that is painted around it by Sandboxie. This indicates that the program is sandboxed.
You can naturally also see that in the main program window, as all sandboxes and programs running in them are displayed here at all times.
Another option that you have is to click on File > Is Window sandboxed to find out if a particular program window is running in the sandbox.
In addition to that, it is possible to add permanent indicators to windows. You find the options under Sandbox Settings > Appearance.
The first option that you have is to make the window border that Sandboxie adds permanently visible instead of just when you hover the mouse cursor over it.
The second option is to add an indicator to the window title (#) or to show the sandbox name in the title directly.
Terminating a sandbox
Once you are finished using a sandbox, or more precisely the programs within, you can terminate it. Simply select the delete contents option from the tray icon menu or from the main window's menu bar.
Sandboxie will display a Delete Sandbox window that displays any files that you may want to save before the sandbox is deleted.
By default, the sandbox is not deleted automatically when you close the last program that runs in it. You can change the behavior under Sandbox Settings > Delete > Invocation to automatically delete contents of sandbox.
When you close the last program after making the change, the sandbox itself will be deleted as well.
Which programs should you run in a sandbox?
While it is possible to run any third-party program in the sandbox, it is usually better to run only programs in it if system security benefits from it.
All programs with network or Internet connections like web browsers, email client, messengers or P2P software need to be mentioned in this regard among others.
The reason for this is that they are exposed to attacks from the web, be it through user action, e.g. the download of a new program or file, automatic attacks such as drive by downloads, or indirect attacks where files get downloaded automatically but need to be executed by the user.
You may also want to run any new executable file that you downloaded in the sandbox to verify that it is safe to use.
Sandboxie is an excellent security software for the Windows operating system. It should be used in addition to traditional security programs such as antivirus software, and if configured and used correctly, will improve system security significantly.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.