Block Drivers

Block Drivers

This feature has been deprecated in SBIE version 4.+ and up. It is not longer supported.

BlockDrivers is a sandbox setting in Sandboxie Ini. It specifies whether Sandboxie will allow sandboxed programs to load drivers into the operating system. However, this setting does not govern the installation of new drivers -- see more below.

Usage:

   .
   .
   .
   [DefaultBox]
   BlockDrivers=n

Specifying n indicates that a sandboxed program may load drivers into the operating system. If this is not done, Sandboxie will deny the driver load attempt, and instead issue message SBIE2103.

Note: Disabling the protection afforded by BlockDrivers is not recommended.

Driver Installation

Before a driver can be loaded, it must first be installed. Driver installation is not affected by the BlockDrivers setting. To allow driver installation, you should add the following OpenKeyPath setting:

OpenKeyPath=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services

And you should additionally open the driver file, using OpenFilePath. This is needed because the driver path that will be set in the registry (in a key created below CurrentControlSet\Services) will typically not point inside the sandbox.

OpenFilePath=c:\program files\MyNewSoftware\SoftwareDriver.sys

Note: Allowing sandboxed programs to install drivers is not recommended.

Related Sandboxie Control setting: Sandbox Settings > Restrictions > Low-Level Access

Open Source sandbox-based isolation software