Skip to content

System Notepad

Validate System Notepad behaviors under the Secure Sandbox.

Objectives

  • Verify file system isolation for Open/Save operations.
  • Prevent data exfiltration via clipboard.
  • Ensure Notepad cannot be used to bypass isolation (e.g., via Open dialog).

Preconditions

  • Windows target with Turbo Launcher and Secure Sandbox.

Controls Under Test

  • runtime.files.contexts.
  • runtime.dataMotion.rules[].

Test Scenarios

IDCanonical IDScenarioProcedureExpected Outcome
SCEN-APP-SYSTEM-NOTEPAD-01HARD-HOST-03Save to HostAttempt Save As to C:\\Windows.Write denied or virtualized (overlay).
SCEN-APP-SYSTEM-NOTEPAD-02HARD-FILES-01Open Dialog NavigationFile > Open; navigate to blocked host path.Folder content hidden or access denied.
SCEN-APP-SYSTEM-NOTEPAD-03DM-CLIP-01Clipboard OutboundCopy text; paste to host.Denied/processed per policy.

Evidence Requirements

  • fileOp events: write/read attempts.
  • dataMotion events: channel, action for clipboard.