SRWare Iron/Google Chrome crashes in Avast 7 Sandbox with Drop my rights

Hello,

I am new here and I just upgraded to Avast Internet Security 7.0.1407 and I noticed that running SRWare Iron and Google Chrome with “Drop administrative rights and run virtualized applications as limited users” both crashes and I cannot connect to any page.

In comparison, I ran SRWare Iron with Sandboxie 3.64 and I can connect even thought I select Drop my rights in SBIE. I have also used OA Premium’s RunSafer previously (not while with Avast) which acts as a limited user on browsers and I can browse okay.

Please see image below.


http://img688.imageshack.us/img688/9721/avast7sandboxdrop.jpg

Anybody seen that phenomenon the two Chromium based browsers? With Firefox it’s okay.

I remember when I was with version 6.0.1367 I can surf okay with both browsers set to run in sandbox mode.

The pc is an AMD Phenom II 840 (3.2G) X4 QUAD CORE AM3 PACKAGE DDR3 4GB Ram. AIS 7.0.1407 Windows 7 x32, Comodo Internet Security ver 5.9, Malwarebytes Pro(on-demand), Sandboxie 3.64, Keyscrambler Pro 2.9.

I can’t seem to place an avatar yet and my pc spec…where can I place it…?

Thanks.

Personally if I were running the browser in the AIS sandbox, I wouldn’t bother with DropMyRights. I don’t know if DMR might be getting it pants in a twist as I don’t know how it might do what it does whilst in the sandbox. I would certainly try them without DMR in the AIS sandbox.

Are you also running those browser under DMR and inside sandboxie (as I would have though it would have similar issues, but its sandbox might not be so tightly bound as AIS) ?

I use it exclusively for internet facing applications on this XP Pro system, but I don’t use a sandbox for those applications. On my win7 netbook, obviously DropMyRights doesn’t work, so there I might run in Sandbox.

@DavidR,

Reply is appreciated. Thank you.

Personally if I were running the browser in the AIS sandbox, I wouldn't bother with DropMyRights. I don't know if DMR might be getting it pants in a twist as I don't know how it might do what it does whilst in the sandbox. I would certainly try them without DMR in the AIS sandbox.
-- Yes, I have tried it without DMR and everything works fine. Reminds me of Avast IS ver 6 which I believe does not support DMR yet.
Are you also running those browser under DMR and inside sandboxie (as I would have though it would have similar issues, but its sandbox might not be so tightly bound as AIS) ?
-- No I was running Avast Sandbox with DMR only. I have only the fre version of Sandboxie and as limited as it is I'd like to use Avast Sandbox for my other browsers.

Been a long time user of SBIE with Drop my rights enabled. When I use OA Premium I use RunSafer for browsers which I understand is a limited-user scenario. I just can’t seem to see why on that 2 applications Drop my rights(SBIE) and being in a “limited-user scenario”(RunSafer) I have no problems but when I use Avast’s Sandbox with DMR both browsers crash and cannot connect to anything.

Earlier I removed Comodo and installed Online Armor Premium ver5.5. The result was the same as that in the image on the first post.

Strangely enough, I booted to my other partition (I dual-boot Windows 7 x32 with XP SP3)and checked the Avast Sandbox behavior. It was not the case. The XP SP3 has Avast IS ver7 with all components and Malwarebyutes Pro as realtime. Sandboxie as on-demand for Firefox.

Please see image attached.


http://www.freeimagehosting.net/t/nchc1.jpg

Mundy :slight_smile:

I don’t think it is a case of not supporting DMR, but what it attempts to do to limit the user privileges whilst isolated inside the sandbox.

And given your new image, the avast sandbox is already covering that by dropping administrator right and may well be a conflicting action, where sandboxie isn’t trying to limit/drop administrator rights. So essentially you don’t need DMR (as mentioned in my first post) when running the browser in the avast sandbox.

I don’t profess to knowing the inner workings of the avast sandbox, but when you have two applications attempting to do the same thing, there is a risk of conflict.

Fast reply huh :slight_smile:

Well, yeah I may opt to not use DMR. But care to comment on the XP SP3 behavior in my second post…What may be the thing here as to why in XP it’s okay with DMR checked?

Thank you for the assistance again. I was also having a hard time to post a reply in Windows 7 x32 as I do not see the Captcha on all the browsers (in Avast Sandbox) so I booted to XP thus I saw the difference of the behavior.

I can’t comment as I’m using the avast free version so I can’t test it.

@DavidR,

Oh :slight_smile: I appreciate the help.

Another observation here if I may,

Booted to Windows 7 x32 now and I see that when I set Google Chrome and SRWare Iron as “RunSafer always” in OA Premium and then I run Google Chrome/SRWare Iron in Avast Sandbox with DMR all is okay like the behavior in the XP partition.

When I set both browsers to “Run Normal always” in OA Premium same observation as that in the first post. Both Chrome based browsers crashes.

When I was still with Comodo, the D+ sandbox is “off” and browsers are “not set” to run as limited user. Both Chrome based browsers also crashed.

If I am correct both Comodo’s sandbox for browser and Online Armor RunSafer are in the scenario of limited user.

I thought it was the HIPS and the Behavioral Shield of Avast that was clashing(both OA Premium and Comodo has HIPS)but when I disabled/enabled the Behavioral Shield of Avast, the same results are obtained on “RunSafer always” / “Run Normal always” --in OA Premium.

Sorry again, I have never used either product.

Well avast will tell you that the Behavior Shield isn’t a HIPS in the general interpretation of it. You only have to look at the Behavior Shield activity. I have Outpost Firewall Pro and that is a HIPS firewall and I haven’t had any conflict in that regard. However I deselected the Monitor the system for unauthorised modifications as both my firewall and WinPatrol Plus take care of that.

@DavidR,

Thankks for the reply. I have disabled DMR now and will continue to surf in that way now. Your a nice guy thanks for the help.

You’re welcome.