Skip to content

Custom Chromium Flags

CustomChromiumFlags is a sandbox setting in Sandboxie Ini available since v1.14.2 / 5.69.2. This setting allows you to pass additional command line flags to Chromium-based browsers when they are launched within the sandbox. Sandboxie automatically injects these flags into the browser's startup command line, enabling fine-tuned control over browser behavior for enhanced compatibility and functionality within the sandboxed environment.

Usage

[DefaultBox]

CustomChromiumFlags=--disable-features=PrintCompositorLPAC --disable-gpu

Syntax

CustomChromiumFlags=--disable-features=PrintCompositorLPAC [<flag 1> <flag 2> ...]

Technical Details

When CustomChromiumFlags is configured, Sandboxie modifies the command line of applications identified as Chromium-based browsers during process initialization:

  1. Browser Detection: The setting applies only to applications classified as Chrome through the SpecialImage configuration or automatic detection4.

  2. Command Line Injection: During kernel initialization, Sandboxie intercepts the process parameters and reconstructs the command line by inserting the custom flags5 between the executable path and existing arguments6.

  3. Child Process Filtering: The flags are only added to main browser processes, not to child processes that contain the --type= parameter, preventing duplication and potential conflicts7.

Default Configuration

Sandboxie includes a default value to ensure browser compatibility:

CustomChromiumFlags=--disable-features=PrintCompositorLPAC

This default flag disables the Print Compositor LPAC (Low Privilege App Container) feature which can cause compatibility issues in sandboxed environments1.

Usage Examples

  • Basic GPU Acceleration Disable: 

    CustomChromiumFlags=--disable-features=PrintCompositorLPAC --disable-gpu

  • Multiple Performance Flags: 

    CustomChromiumFlags=--disable-features=PrintCompositorLPAC --no-sandbox --disable-web-security

  • Debugging Options: 

    CustomChromiumFlags=--disable-features=PrintCompositorLPAC --enable-logging --log-level=0

Security Implications

  • Browser Compatibility: The default PrintCompositorLPAC flag prevents printing-related crashes and ensures stable browser operation within sandboxes
  • Flag Validation: Users should carefully validate custom flags as some may compromise sandbox security or browser stability
  • Automatic Application: The setting automatically applies to all applications defined as Chrome browsers, whether configured manually or detected automatically

Implementation Notes

The setting is processed during DLL initialization when Sandboxie detects a Chromium-based browser. The system:

  • Queries the configuration using SbieApi_QueryConfAsIs with the key CustomChromiumFlags2
  • Allocates additional memory for the expanded command line to accommodate the custom flags
  • Reconstructs the command line by copying the executable path, inserting the custom flags, and appending remaining arguments3
  • Hooks the GetCommandLineW and GetCommandLineA functions to return the modified command line to the application

Browser Support

This setting works with all Chromium-based browsers, including: - Google Chrome - Microsoft Edge (Chromium) - Brave Browser - Opera - Vivaldi - Any other browser built on the Chromium engine

  • SpecialImage - Used to classify applications as Chromium browsers

Related Sandboxie Plus setting: Not directly exposed in UI (uses default value automatically)

  1. Default configuration in Templates.ini: The default --disable-features=PrintCompositorLPAC flag prevents Low Privilege App Container printing issues that can cause browser instability in sandboxed environments. 

  2. Configuration query in kernel.c: SbieApi_QueryConfAsIs(NULL, L"CustomChromiumFlags", 0, CustomChromiumFlags, ARRAYSIZE(CustomChromiumFlags)) retrieves the setting value during kernel initialization. 

  3. Command line modification in kernel.c: The system copies the original executable path, appends the custom flags with proper spacing, and concatenates the remaining arguments to create the modified command line. 

  4. Browser detection in dllmain.c: Applications are classified as DLL_IMAGE_GOOGLE_CHROME through the SpecialImage configuration system, which maps browser executables to the Chrome image type for specialized handling. 

  5. List of Chromium Command Line Switches - https://peter.sh/experiments/chromium-command-line-switches/ 

  6. Command line reconstruction in kernel.c: The system calls SbieDll_FindArgumentEnd to locate the boundary between the executable path and arguments, then allocates expanded memory and reconstructs the command line with injected flags. 

  7. Child process filtering in kernel.c: The condition !wcsstr(ProcessParms->CommandLine.Buffer, L" --type=") ensures that only main browser processes receive the custom flags, excluding renderer and utility processes.