App Review Comodo Sandbox (Auto-Containment) have a bug on Windows 10?

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

What do you think is a bug or not and is this take down Comodo security?

  • Total voters
    21
Av Gurus

Av Gurus

Level 29
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Comodo Sandbox (Auto-Containment) is set to Restricted Mode but when you run some files with Admin privileges it run that file as Partially Limited.
This happens in Windows 10 and with UAC turned ON.
If UAC is turned OFF in GPE then this is not happens.

Here is a short video demonstration:



EDIT:
Here is a topic about that in Comodo forum:
Comodo Sandbox (Auto-Containment) bug? - Bug Reports - CIS
 
Last edited:
  • Like
Reactions: BoraMurdar, ravi prakash saini, Andy Ful and 12 others
5

509322

Av Gurus said:
Comodo Sandbox (Auto-Containment) is set to Restricted Mode but when you run some files with Admin privileges it run that file as Partially Limited.
This happens in Windows 10 and with UAC turned ON.
If UAC is turned OFF in GPE then this is not happens.

Here is a short video demonstration:



EDIT:
Here is a topic about that in Comodo forum:
Comodo Sandbox (Auto-Containment) bug? - Bug Reports - CIS
Click to expand...


Why don't you ask COMODO engineering ?
 
  • Like
Reactions: Tiny, Deleted member 178, harlan4096 and 2 others
Mahesh Sudula

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
825
Av Gurus said:
I ask on Comodo forum, where else to ask?
Click to expand...
I have encountered the same bug..when i asked their support they said we haven't received any sort of thing like you said..but we will luk on to it
They dont care anything we say...only they listen if we are a paid customer:notworthy:
I dont know how this company around till date...They are a SSL security provider..thats it
Great post @ Av Gurus
 
  • Like
Reactions: bribon77, upnorth, AtlBo and 2 others
Av Gurus

Av Gurus

Level 29
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
For now nothing on Comodo forum about this bug.

Clipboard01.jpg
 
  • Like
Reactions: bribon77, upnorth, AtlBo and 2 others
5

509322

Av Gurus said:
I ask on Comodo forum, where else to ask?
Click to expand...

Go straight to the top of COMODO.

There are COMODO staff members on the COMODO forum. Send them a PM. You can send Melih a PM with a link to your video and ask him who at COMODO you should contact to get an answer. You can send a PM to BuketB. She manages the quality improvement program at COMODO. You can send a PM to Haibo Zhang (ask Melih how to contact him), he is, or was, the Director of COMODO Engineering - China.

If you ask Melih a straight question, he will answer you. It might take a while, but he will answer. He answered my questions every time I posed one to him.
 
  • Like
Reactions: ravi prakash saini, Andy Ful, simmerskool and 8 others
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
Funny thing about this to me is that I can't say it's a bug with Comodo. Well, the broken sandbox is a bug. However, I wonder if the limitation being set to partially limited could be tied to this bug somehow, as in any other restriction broke the sandbox beyond repair on W10. In that case, I guess it would be part of the broken sandbox bug.

The other thing I have considered is the difference between operating systems. Could Comodo have just decided that Partially Limited in Windows 10 will get you the same security as Restricted in former versions (i.e. W7)? Not going to put it past Comodo to decide something like this, especially if their view of the intention of the privilege elevation alert is to give you an opportunity to run the process in a more risky way. Maybe the difference with W7 simply reflects that they decided not to change it, thinking who cares or that W7 is less secure in the first place? That's how bonkers it can be not knowing what they are thinking. Just maybe Comodo is thinking this is the way to give you more security than actually running completely unrestricted under Windows system restrictions only o_O:rolleyes:

Has anyone chronicled whether the sandbox breaks in Windows 7? Maybe that would provide some useful information on what might be happening with this bug if anyone is available to test. Thanks very much to @Av Gurus for following through with this bug with Comodo and for the thread. I am sure it means alot to Comodo at the important levels to hear concerns like this one...
 
  • Like
Reactions: Andy Ful, simmerskool, bribon77 and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
shmu26 said:
You can't expect Comodo to behave as expected. We see this over and over again.
Click to expand...
But in truth, it is unfair to just bash Comodo all the time. There are plenty of "respectable" security softs that have bugs and don't always do what they are supposed to. I don't want to give a list, or EVERYBODY will hate me...
 
  • Like
Reactions: ravi prakash saini, woodrowbone, simmerskool and 4 others
bribon77

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Well, I think you should fix this error, those of Comodo, Aver if of MT take us into consideration.
But ... I do not want them to think that I am defending this error.
But the software that is free of Bugs that throws the first stone.
 
  • Like
Reactions: ravi prakash saini and AtlBo
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
Sounds like native W10 defenses take up where Comodo's partially limited protection ends. That or maybe W10 UAC won't permit some of the restrictions in "limited" or "restricted"?

My perception is that "Restricted", "Limited", and "Partially Limited", with regards to the Comodo settings, are each defined by Comodo. This I believe is a separate definition for the terms than what Microsoft might attach. Only a suspicion. Maybe someone is more familiar than I on this topic. Only saying this because I believe "Partially Limited" is more restrictive by Comodo's standard than even "Restricted" would be by Microsoft's definition of that term (as in limited user account /resttricted)...

I guess one question might be whether this is an issue in Comodo's program or a W10 issue. Maybe Umesh will have more to say if queried. I think more information would help.

Still the breaking sandbox there too to think about...
 
Last edited:
  • Like
Reactions: Andy Ful, harlan4096, bribon77 and 2 others

Similar threads

rashmi
    • Like
    • +Reputation
Serious Discussion Comodo Containment "Restricted" Restriction Level
Replies
24
Views
1,805
Comodo
rashmi
rashmi
Trident
    • Like
    • Applause
    • +Reputation
  • Poll
Serious Discussion Pre-execution vs post-execution protections explained
Replies
6
Views
1,071
General Security Discussions
Trident
Trident
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
859
ChromeOS & Linux
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top