App Review Comodo Sandbox (Auto-Containment) have a bug on Windows 10?

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

What do you think is a bug or not and is this take down Comodo security?


  • Total voters
    21

Av Gurus

Level 29
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Comodo Sandbox (Auto-Containment) is set to Restricted Mode but when you run some files with Admin privileges it run that file as Partially Limited.
This happens in Windows 10 and with UAC turned ON.
If UAC is turned OFF in GPE then this is not happens.

Here is a short video demonstration:



EDIT:
Here is a topic about that in Comodo forum:
Comodo Sandbox (Auto-Containment) bug? - Bug Reports - CIS
 
Last edited:
5

509322

Comodo Sandbox (Auto-Containment) is set to Restricted Mode but when you run some files with Admin privileges it run that file as Partially Limited.
This happens in Windows 10 and with UAC turned ON.
If UAC is turned OFF in GPE then this is not happens.

Here is a short video demonstration:



EDIT:
Here is a topic about that in Comodo forum:
Comodo Sandbox (Auto-Containment) bug? - Bug Reports - CIS


Why don't you ask COMODO engineering ?
 

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
I ask on Comodo forum, where else to ask?
I have encountered the same bug..when i asked their support they said we haven't received any sort of thing like you said..but we will luk on to it
They dont care anything we say...only they listen if we are a paid customer:notworthy:
I dont know how this company around till date...They are a SSL security provider..thats it
Great post @ Av Gurus
 

Av Gurus

Level 29
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
For now nothing on Comodo forum about this bug.

Clipboard01.jpg
 
5

509322

I ask on Comodo forum, where else to ask?

Go straight to the top of COMODO.

There are COMODO staff members on the COMODO forum. Send them a PM. You can send Melih a PM with a link to your video and ask him who at COMODO you should contact to get an answer. You can send a PM to BuketB. She manages the quality improvement program at COMODO. You can send a PM to Haibo Zhang (ask Melih how to contact him), he is, or was, the Director of COMODO Engineering - China.

If you ask Melih a straight question, he will answer you. It might take a while, but he will answer. He answered my questions every time I posed one to him.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Funny thing about this to me is that I can't say it's a bug with Comodo. Well, the broken sandbox is a bug. However, I wonder if the limitation being set to partially limited could be tied to this bug somehow, as in any other restriction broke the sandbox beyond repair on W10. In that case, I guess it would be part of the broken sandbox bug.

The other thing I have considered is the difference between operating systems. Could Comodo have just decided that Partially Limited in Windows 10 will get you the same security as Restricted in former versions (i.e. W7)? Not going to put it past Comodo to decide something like this, especially if their view of the intention of the privilege elevation alert is to give you an opportunity to run the process in a more risky way. Maybe the difference with W7 simply reflects that they decided not to change it, thinking who cares or that W7 is less secure in the first place? That's how bonkers it can be not knowing what they are thinking. Just maybe Comodo is thinking this is the way to give you more security than actually running completely unrestricted under Windows system restrictions only o_O:rolleyes:

Has anyone chronicled whether the sandbox breaks in Windows 7? Maybe that would provide some useful information on what might be happening with this bug if anyone is available to test. Thanks very much to @Av Gurus for following through with this bug with Comodo and for the thread. I am sure it means alot to Comodo at the important levels to hear concerns like this one...
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You can't expect Comodo to behave as expected. We see this over and over again.
But in truth, it is unfair to just bash Comodo all the time. There are plenty of "respectable" security softs that have bugs and don't always do what they are supposed to. I don't want to give a list, or EVERYBODY will hate me...
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Well, I think you should fix this error, those of Comodo, Aver if of MT take us into consideration.
But ... I do not want them to think that I am defending this error.
But the software that is free of Bugs that throws the first stone.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Sounds like native W10 defenses take up where Comodo's partially limited protection ends. That or maybe W10 UAC won't permit some of the restrictions in "limited" or "restricted"?

My perception is that "Restricted", "Limited", and "Partially Limited", with regards to the Comodo settings, are each defined by Comodo. This I believe is a separate definition for the terms than what Microsoft might attach. Only a suspicion. Maybe someone is more familiar than I on this topic. Only saying this because I believe "Partially Limited" is more restrictive by Comodo's standard than even "Restricted" would be by Microsoft's definition of that term (as in limited user account /resttricted)...

I guess one question might be whether this is an issue in Comodo's program or a W10 issue. Maybe Umesh will have more to say if queried. I think more information would help.

Still the breaking sandbox there too to think about...
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top