Sandboxie est ce qu'on pourrait appeler un programme de protection d'ordinateur, mais pas dans la même catégorie qu'un antivirus ou autre anti-malware. Dans les grandes lignes, il permet de créer un espace sécurisé où ira s’exécuter un logiciel souhaité (un navigateur internet, un programme quelconque) et toutes les modifications apportées par le logiciel isolé ne se répercutera pas en dehors de l'espace protégé.
Par exemple, dans le cas d'une navigation sur internet avec un navigateur isolé, si vous téléchargez un fichier exécutable qui s'avère être un virus (on parle beaucoup des CryptoLocker ou d'autres logiciels de rançons), le malware ne modifiera que les fichiers à l'intérieur de l'espace protégé laissant ainsi tous les documents et photos personnelles en dehors de cet espace intact.
Sandboxie est un logiciel devenu gratuit pour une utilisation personnelle depuis la version 5.31, des modifications ont été entrepris pour une transformation en logiciel open-source. Ainsi, depuis avril 2020, un autre développeur a repris le développement sous forme d'un fork appelé : Sandboxie Plus.
Il est compatible de Windows 7 à Windows 11.
Sandboxie Plus / Sandboxie Classic
Versions actuelles : 1.13.3 / 5.68.3
Windows 32 et 64 bits
[1.13.3 / 5.68.3] - 2024-03-16
Added
- added certificate usage guide link to support page
Fixed
- fixed issues with "IsProtectScreen=y" 3656
- fixed issue with hotkeys and changed default suspend all hotkey to Shift+Alt+Pause
- fixed issue with suspended state not being updated when the global hotkey was used
- fixed issue with new ** pattern failing in some cases
[1.13.2 / 5.68.2] - 2024-03-07
Added
- added menu entry to restart SandMan as admin #3581 (thanks Yeyixiao)
- added option to block taking screen capture/screenshot of sandboxed processes (thanks Yeyixiao)
- it can be enabled with "IsProtectScreen=y"
- see the sandbox option "Prevents getting an image of the window in the sandbox" in SandMan UI
- added option to prevent sandboxed processes from interfering with power operations #3640 (thanks Yeyixiao)
- it can be enabled with "BlockInterferePower=y"
- see the sandbox option "Prevents processes in the sandbox from interfering with power operations" in SandMan UI
- added new pattern mechanism using a
**
as a placeholder to indicate an arbitrary path element not containing a\
1ff2867
Changed
- reworked option for suspending all processes in SandMan (introduced in 1.13.1) #3582
Fixed
- fixed privacy mode, NormalFilePath and symbolic link issue #3660
- fixed access to Recycle Bin in an Application Compartment sandbox with data protection #3665
[1.13.1 / 5.68.1] - 2024-02-27
Added
- added option for suspending all processes in SandMan #3582 (thanks Yeyixiao)
- added "On Terminate" trigger #3584 (thanks Yeyixiao)
Changed
- changed DynData format to add flags
- reverted the new sandbox directory structure for volumes without drive letters #3632
- GUID usage can be re-enabled with "UseVolumeGuidWhenNoLetter=y"
Fixed
- added missing checkbox for API tracing
- fixed incompatibility with Windows ARM64 Insider build 26052 and later
- fixed symlink issue #3537
- fixed file redirection issue in an Application Compartment sandbox #3637
- fixed issues with compartment mode compatibility fallback
- fixed missing maximum password length check #3639
- fixed issue with launching executables from volumes without a drive letter in a sandbox on Windows 1803 and earlier #3627
Removed
- removed UseNewSymlinkResolver setting, as the new mechanism is always used
[1.13.0 / 5.68.0] - 2024-02-10
Added
- added advanced API trace functionality
Changed
- reworked SCM hooking to improve Windows 10 compatibility
- reworked offset dependent handling of undocumented Windows kernel objects
- the required offsets can be now updated independently from the driver
- the DynData blob is digitally signed, when in testsigning mode the signature is however ignored
- when Sandboxie encounters a yet unsupported kernel build, token based isolation is disabled to prevent system instability
- this safety mechanism is disabled on systems participating in the Windows Insider program
- for systems in the Insider program, the latest known offsets are tried
- reworked part of the low level code injection mechanism to add compatibility with Windows Insider build 26040 and later
- enabled CET Shadow Stack compatible flag for core Sandboxie binaries
Fixed
- fixed incompatibility with Windows Insider build 26040 and later
Removed
- cleaned up code and removed obsolete VC 6.0 workarounds