Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Sandbox (Auto-Containment) have a bug on Windows 10?
Message
<blockquote data-quote="AtlBo" data-source="post: 718892" data-attributes="member: 32547"><p>Been meaning to get back to this. Yes, I had a number of locations in the sandbox blocked using protected folders. I had forgotten about this until I was reminded of the element by a Comodo forums poster. I had always thought that those choices were connected to the HIPs setting for "Protected Files/Folders". Well, they are not as far as I can tell. I left them enabled wondering why anything could still write to the locations LOL...I never got any HIPs alerts with them there for Protected Folders.</p><p></p><p>So, to clear it up. Using HIPs Protected Folders affects the sandboxing. Apps can't write in the sandbox in those locations (in the sandbox...no writes outside). Interestingly, it has no affect on the HIPs as I would have expected, so anyway. When I removed those locations, I can now running a virtualized app save in the sandbox to Documents, Desktop, etc. and "Do not virtualize access to..." seems to work now, where it did not before. I assume it was the same HIPs setting for Protected Folders that kept that from working, since removing them caused the setting to work for various areas I added to "Do not virtualize..."</p><p></p><p>I think Comodo should straight up attach the Protected Folders element to HIPs and not worry about where things write in the sandbox. Use the various levels of restrictions to define that. Then let HIPs monitor in the sandbox as it normally monitors and pick up on mysterious or possibly dangerous writes that way. All the HIPs settings have the capacity for exclusions (pic).</p><p></p><p>[ATTACH]182528[/ATTACH]</p><p></p><p>It wouldn't take long to have the Protected Files/Folders setting trained as long as user didn't try too many files. So any time an app wants to make a change in a protected location, you should get the prompt from HIPs, unless there is already a "Remember this setting" exclusion in Modify for the Protected Folders HIPs rule. Didn't see that behavior here on Safe Mode when I named Protected Folders. Comodo HIPs monitoring category options:</p><p></p><p>[ATTACH]182529[/ATTACH]</p><p></p><p>Maybe one of you guys knows why or if I am doing something wrong. Can't understand why adding to the HIPs Protected Files or HIPs Protected Folders would affect only where virtualized or restricted apps can write in the sandbox without a HIPs alert. HIPs setting affects only Containment output...</p></blockquote><p></p>
[QUOTE="AtlBo, post: 718892, member: 32547"] Been meaning to get back to this. Yes, I had a number of locations in the sandbox blocked using protected folders. I had forgotten about this until I was reminded of the element by a Comodo forums poster. I had always thought that those choices were connected to the HIPs setting for "Protected Files/Folders". Well, they are not as far as I can tell. I left them enabled wondering why anything could still write to the locations LOL...I never got any HIPs alerts with them there for Protected Folders. So, to clear it up. Using HIPs Protected Folders affects the sandboxing. Apps can't write in the sandbox in those locations (in the sandbox...no writes outside). Interestingly, it has no affect on the HIPs as I would have expected, so anyway. When I removed those locations, I can now running a virtualized app save in the sandbox to Documents, Desktop, etc. and "Do not virtualize access to..." seems to work now, where it did not before. I assume it was the same HIPs setting for Protected Folders that kept that from working, since removing them caused the setting to work for various areas I added to "Do not virtualize..." I think Comodo should straight up attach the Protected Folders element to HIPs and not worry about where things write in the sandbox. Use the various levels of restrictions to define that. Then let HIPs monitor in the sandbox as it normally monitors and pick up on mysterious or possibly dangerous writes that way. All the HIPs settings have the capacity for exclusions (pic). [ATTACH]182528[/ATTACH] It wouldn't take long to have the Protected Files/Folders setting trained as long as user didn't try too many files. So any time an app wants to make a change in a protected location, you should get the prompt from HIPs, unless there is already a "Remember this setting" exclusion in Modify for the Protected Folders HIPs rule. Didn't see that behavior here on Safe Mode when I named Protected Folders. Comodo HIPs monitoring category options: [ATTACH]182529[/ATTACH] Maybe one of you guys knows why or if I am doing something wrong. Can't understand why adding to the HIPs Protected Files or HIPs Protected Folders would affect only where virtualized or restricted apps can write in the sandbox without a HIPs alert. HIPs setting affects only Containment output... [/QUOTE]
Insert quotes…
Verification
Post reply
Top