Wrong again. Sandboxie is humble attempt to prevent stuff from making permanent changes to PC instead of preventing it from accessing data on host filesystem or phoning the data from host computer to remote server. I experimented a lot with sandboxie and found the whole idea totally useless. For isolation of dangerous processes full virtualization like VMware Workstation is required. And virtualization will not protect secrets in event when host operating system is compromised by malware.
Do malicious processes escape the sandbox or make permanent changes to the system? No. That's what Sandboxie is for.
If you don't want malware recording keystrokes or calling home, don't leave it open in Sandboxie.
Of course, there are better ways, but I think Sandboxie is still useful in some cases.
i think what mysteryminer meant is that on a malware-compromised host, the actual sandboxie exe might be compromised, and do all sorts of nasty things that 'regular' sandboxie wouldn't do, including let certain malicious processes escape and make permanent changes to the host.
