ThinLoader: easily run any program on a Thinstall sandbox

[lococobra]

no program can run from with in a thinstalled app unless its been done by scripting

Obviously you arn't the self proclaimed Thinstall expert you think you are, try actually using the program before you call it fake. It works.

so can someone please tell me the need for this app

Because with it, people who don't have Thinstall can still use it for free, and in a more simplistic way on any of their programs.

[Queue]

No need to rip him that much. As far as he knows, this shouldn't work, or rather, he might not understand what's going on here.



http://tinyload.com/oDKBO

I made an icon for ThinLoader if you want to use it. It's nothing fantastic... the 32x32 icon is based on the ''t'' and ''l'' letters from the Thinstall logo (plus a couple dots). The 16x16 icon is technically an overlapped T and L, but it's made to be iconic rather than readable.

Queue

[freakazoid]

Something worth mentioning: your executable is currently tripping 2 virus scanners (out of over 2 dozen) as AdWare.Win32.Agent.ahg, which is most likely a false positive on the Thinstall code.

Queue

does the latest version still trip up the virus scanners?
i want to be able to use this at work without the IT guy going crazy!

will test this when i get home.

[Queue]

Yes, it trips:
Ikarus
VBA32
Webwasher-Gateway

As long as your work isn't using one of those, it shouldn't set anything off. This is out of 32 different virus scanners; a 3 out of 32 almost always indicates a false positive.

According to av-comparatives.org, VBA32 is the worst major antivirus product that they test. Ikarus and Webwasher-Gateway aren't even tested.

---

Now I kinda feel stupid about asking for the change to ThinLoader's functionality with a subfolder; I really liked the original behavior where it'd use the local computer's Application Data folder if a Thinstall subfolder didn't exist alongside ThinLoader.exe. This served many purposes; reducing wear on my flash drive, saving space on my flash drive if I just wanted to run things sandboxed, leaving computer-specific ThinLoader setups.

I feel dumb. =/

Queue

[pplknownothin]

HAHA...verry nice, just tried it with the uniextract installer and it left no trace on my school computer. I've been waiting for a program like this for a year or so ever since i found out about thinstall. wondered y couldn't it just reroute the files to a different location instead of installing them. You did it, So..Good Job!

[lococobra]

No need to rip him that much.

You're right, that was overly aggressive. I apologize.

Now I kinda feel stupid about asking for the change to ThinLoader's functionality with a subfolder; I really liked the original behavior where it'd use the local computer's Application Data folder if a Thinstall subfolder didn't exist alongside ThinLoader.exe. This served many purposes; reducing wear on my flash drive, saving space on my flash drive if I just wanted to run things sandboxed, leaving computer-specific ThinLoader setups.

Well, I'm sure he could create two different builds, but if you're using AppData, it kind of defeats the purpose of sandboxing apps, since they would no longer be portable.. but I guess I see your point.

[Queue]

Well, they'd still be portable; I'm going by the definition that portable simply means ''able to be run without installation'' however they're not stealth when they write to the Application Data folder instead of your portable drive.

However, I'm mostly wanting ThinLoader for when programs are dumb and want to write to parts of the registry or Windows/System folder on a computer with limited user privileges. Without Admin privileges you still have write access to the Application Data folder don't you?

Either way, it's sucky that it creates an additional subfolder in its original form, but the flexibility of allowing you to choose where the sandbox ends up is, in my opinion, worth the annoyance.

Oh, and don't get wrong, I've already used ThinLoader in a writable environment where the sandbox is on the portable storage; I just also have a read-only-capable flash drive that I use for diagnostics and malware fighting that would benefit from being able to write to the local machine.

---

Let's see, possible ways to improve the ThinLoader application...
- Add *.cmd and *.scr to list of executable types (cmd is the WinNT preferred extension for batch files and *.scr are screensavers which are simply normal executables).
- Consider changing ''choosemain'' to ''set''. It's simpler and coinciders with the ''run'' command-line's 3 letter size.

Code: Select all

AutoItSetOption("TrayIconHide", 1)
If $CmdLine[0] = 0 Then
   $var = IniRead("T:\\ThinLoader.ini", "ThinLoader", "Launch", "Unset")
   If $var = "Unset" Then
         $var = FileOpenDialog("Choose program to launch into ThinLoader sandbox", ".", "Executables (*.exe;*.scr;*.com;*.bat;*.cmd;*.pif)|All Files (*.*)")
         If @error Then
            MsgBox(4096,"","No File(s) Chosen")
         Else
            Run($var)
         EndIf
      Else
         Run($var)
         If @error Then MsgBox(4096,"ThinLoader","Error Executing "+$cmd+":\n"+@error)
         EndIf
ElseIf $CmdLine[1] = "set" Then
   If $CmdLine[0] = 2 Then
      IniWrite("T:\\ThinLoader.ini", "ThinLoader", "Launch", $CmdLine[2])
   Else
   MsgBox(0, "ChooseMain", "Choose default program to launch with ThinLoader")
   $var = FileOpenDialog("Choose default program to launch with ThinLoader", "T:\", "Executables (*.exe;*.scr;*.com;*.bat;*.cmd;*.pif)|All Files (*.*)")
      If @error Then
         MsgBox(4096,"T:\","No File(s) Chosen")
      Else
         IniWrite("T:\\ThinLoader.ini", "ThinLoader", "Launch", $var)
      EndIf
   EndIf
ElseIf $CmdLine[1] = "run" Then
   If $CmdLine[0] = 2 Then
      Run($CmdLine[2])
   Else
   $var = FileOpenDialog("Choose program to launch into ThinLoader sandbox", ".", "Executables (*.exe;*.scr;*.com;*.bat;*.cmd;*.pif)|All Files (*.*)")
   If @error Then
      MsgBox(4096,"","No File(s) Chosen")
   Else
      Run($var)
   EndIf
   EndIf
EndIf

I mainly changed capitalization a little and adjusted the open file windows.

---

May we get more details about what settings are used by Thinstall?

Namely, what folders are/aren't sandboxed? I seem to be able to write to My Documents, while C drive's root and the system folders are sandboxed (this is good). Are other drive's sandboxed? Is My Documents the only non-sandboxed part of the file system?

Is the registry entirely sandboxed (again, good if so)?

Queue

[m^(2)]

Well, they'd still be portable; I'm going by the definition that portable simply means ''able to be run without installation''

The definition that's in use here says that they are "able to be run without installation and keeps important settings when moves".

Namely, what folders are/aren't sandboxed? I seem to be able to write to My Documents, while C drive's root and the system folders are sandboxed (this is good). Are other drive's sandboxed? Is My Documents the only non-sandboxed part of the file system?

Is the registry entirely sandboxed (again, good if so)?

It's fully configurable.

[crownixx]

Ideally I want to dig up a very simple and small file manager that I can embed within the sandbox and use as my default application when I run ThinLoader.

I had the same idea as Queue but only thinstalling file manager is enough. Within thinstalled file manager, we could simply browse folder/file,create folder,delete,move,copy or run other application.

One more advantage, let say i run winrar setup within thinstalled file manager.The winrar will installed within thinstall sandbox plus all its file association.Next time when i run thinstalled file manager, it will see the winrar file association.Just double click any archieve file it will fire up your thinstalled winrar..

[jordan]

I forgot to mention it, both My Documents and the Desktop are already on Merged mode by ##Attributes.ini. External drives are too, on the Package.ini. Rest of places are WriteCopy.

[freakazoid]

I wasn't able to get certain programs thinstalled in ThinLoader working that were already regularly installed on the host computer.

One big request that would be great would be adding a distinguishing character in the title bar of any ThinLoader program, so you can tell what program is a ThinLoader program.

Sandboxie uses the [#] character... maybe add a [*] character at the end of the title bar if possible?

[Enormator]

Hm I just tried this with Safari and it says I should reinstall the application when I try to run it on a different computer than mine
EDIT: AAAHHH my fault^^ sorry

first think then post first think then post first think then post first think...

EDIT2: Can we upload thinstalled apps into the app list? Is it legal to do this in example to Safari? This would be the last good browser missing in the list.

[Queue]

Unless iamzenitraM happens to have some full license (ThinLoader's license reads as ''Internal development license'' so I presume it's not legitimate), I imagine TPFC won't be hosting any ThinLoader-Thinstalled programs.

Beyond that, I'm not sure what Safari's redistribution rules are.

Queue

[Enormator]

Is it legal to use this modified Safari for private purposes? Do I just have broken the law?

[Queue]

It might depend on the country you're in. Since, under most circumstances, it's impossible to know if a person has modified software for their own use, even in a country where it would be against some law, a situation would never arise where it would be known that you did modify it.

To be completely on the level, you need to make sure that the software you're using says it's ok to modify it for personal use in the license, and that that the software you're using is either free, or if not free, that you have a license to use it.

In the case of Safari, the EULA is clear about redistribution:
''[Section] 3. Transfer. You may not rent, lease, lend, redistribute or sublicense the Apple Software.''

Section 2, subsection C says:
''...you
may not copy, decompile, reverse engineer, disassemble, modify, create derivative works of, incorporate into or compile in combination with your own programs, rent, lease, lend,
sublicense or otherwise redistribute...''

However, the EULA also keeps implying that you'll only be using Safari on an ''Apple-labeled computer'' so take this EULA with a grain of salt. They're putting in as much as they can to cover their butts in case something breaks and even have a section saying you shouldn't be using Safari in Nuclear Facilities, Airplane-related locations or on life support machines.

Honestly, in the end, it's up to you. If you've gotten Safari running portably and are only using it for personal use, you should have nothing to fear.

Queue