Question Looking for non flammable version of an honest question: what makes sandboxie different from Comodo Sandbox?

[cartaphilus]

I used sandboxie and never used comodo. I quit sandboxie when it was abandoned by Sophos. I just recently saw the private open revitalization of the sandboxie project and am thinking of installing it and having it protect my chrome. But honestly I don't know if sandboxing chrome would defeat the chrome sandbox and make more vulnerable. does Comodo the sandbox differently from sandboxie? Can one sandbox chrome without compromising the chrome inherent sandbox?

Basically a breakdown of similarities and differences between comodo sandox and sandboxie or vail?

 

[Bot]

Both Sandboxie and Comodo Sandbox are designed to isolate applications from the rest of your system, but they do have differences. Sandboxie's focus is on web browsers, email clients, and other internet-facing apps, while Comodo Sandbox is part of Comodo Internet Security suite, providing a secure environment for all types of applications.

As for Chrome, it has its own built-in sandboxing feature. Using Sandboxie or Comodo Sandbox with Chrome will not compromise Chrome's inherent sandbox. Instead, it adds an extra layer of protection.

In terms of differences, Comodo Sandbox offers automatic sandboxing of untrusted applications, whereas Sandboxie requires manual configuration. Comodo also includes antivirus protection, which Sandboxie lacks.

Remember, the choice between the two depends on your specific needs and preferences. Both offer valuable protection, but with different focuses and features.

 

[cartaphilus]

Both Sandboxie and Comodo Sandbox are designed to isolate applications from the rest of your system, but they do have differences. Sandboxie's focus is on web browsers, email clients, and other internet-facing apps, while Comodo Sandbox is part of Comodo Internet Security suite, providing a secure environment for all types of applications.

As for Chrome, it has its own built-in sandboxing feature. Using Sandboxie or Comodo Sandbox with Chrome will not compromise Chrome's inherent sandbox. Instead, it adds an extra layer of protection.

In terms of differences, Comodo Sandbox offers automatic sandboxing of untrusted applications, whereas Sandboxie requires manual configuration. Comodo also includes antivirus protection, which Sandboxie lacks.

Remember, the choice between the two depends on your specific needs and preferences. Both offer valuable protection, but with different focuses and features.

Yes but sandboxie can be set to execute specific programs always in a sandbox or right click a program and run in sandbox. This makes sandboxie capability seem as a mirror to comodo????

 

[Bot]

Yes but sandboxie can be set to execute specific programs always in a sandbox or right click a program and run in sandbox. This makes sandboxie capability seem as a mirror to comodo????

Yes, you're correct. Sandboxie does allow you to manually sandbox specific programs, similar to Comodo. However, Comodo's automatic sandboxing feature can be more user-friendly for those who prefer a set-and-forget approach. The choice between the two often comes down to personal preference and specific needs.

 

[cartaphilus]

Yes, you're correct. Sandboxie does allow you to manually sandbox specific programs, similar to Comodo. However, Comodo's automatic sandboxing feature can be more user-friendly for those who prefer a set-and-forget approach. The choice between the two often comes down to personal preference and specific needs.

Interesting so can Comodo run some programs that won't sandbox in sandboxie due to a deeper system integration requirements? Basically requiring lower level file access that tend to fail in sandboxie regardless of allowed permissions.

 

[Bot]

Interesting so can Comodo run some programs that won't sandbox in sandboxie due to a deeper system integration requirements? Basically requiring lower level file access that tend to fail in sandboxie regardless of allowed permissions.

Yes, Comodo Sandbox can handle more complex applications that require deeper system integration. It's part of a comprehensive security suite, so it's designed to handle a wider range of applications compared to Sandboxie. However, it's always best to test specific applications as individual results may vary.

 

[wat0114]

I haven't used sandBoxie in years, so I've no comparison to Comodo's containment feature.

I have run Firefox and Floorp browsers, the latter of which is Mozilla-based, in Comodo's container and it seems to work fine, preventing downloaded files from touching the real system, instead placing them in a "containerized" Downloads folder. I downloded ccleaner (crap cleaner) from Floorp and tried to execute, but Andy Ful's WHHL (Windows Hybrid Hardening Light) WDAC enforcement blocked it from executing I would have to have disabled WDAC enforcement before executing it, but at any rate, Comodo will contain the execution. Some snips below.

Contained Apps:



ccleaner download contained and execution blocked by WHHL WDAC:

******** WDAC blocked events for EXE and DLL files ********
***********************************************************

Event[0]:
Event Id = 3077
Local Time:  2024/08/03 12:01:51
Attempted Path = C:\Users\me\Downloads\ccsetup626.exe
Parent Process = C:\Program Files\Ablaze Floorp\floorp.exe
PolicyName = UserSpace Lock
UserWriteable = true[/code

You can temporarily run a program in the container by right-clicking the program shortcut and choosing: "Run in COMODO container" or you can even set up an Auto-containment policy to force the program in containment every time it's run.

 

[cartaphilus]

Yes, Comodo Sandbox can handle more complex applications that require deeper system integration. It's part of a comprehensive security suite, so it's designed to handle a wider range of applications compared to Sandboxie. However, it's always best to test specific applications as individual results may vary.

I presume neither solution would be able to sandbox a multiplayer game anti cheating software like Easy Anti Cheat (EAC) due to ring zero requirements?

I am always very very weary of any gaming software from having a root level access. It's basically a white hat rootkit that's just one exploit away from making your system useless.

 

[Bot]

I presume neither solution would be able to sandbox a multiplayer game anti cheating software like Easy Anti Cheat (EAC) due to ring zero requirements?

I am always very very weary of any gaming software from having a root level access. It's basically a white hat rootkit that's just one exploit away from making your system useless.

You're correct. Anti-cheat software like EAC operates at a very low level (ring 0) to detect and prevent cheating. Sandboxie and Comodo Sandbox operate at a higher level, so they're unlikely to be able to sandbox such software effectively. It's always important to ensure any software with root access comes from a trusted source to mitigate potential risks.

 

[cartaphilus]

I haven't used sandBoxie in years, so I've no comparison to Comodo's containment feature.

I have run Firefox and Floorp browsers, the latter of which is Mozilla-based, in Comodo's container and it seems to work fine, preventing downloaded files from touching the real system, instead placing them in a "containerized" Downloads folder. I downloded ccleaner (crap cleaner) from Floorp and tried to execute, but Andy Ful's WHHL (Windows Hybrid Hardening Light) WDAV enforcement blocked it from executing I would have to have disabled WDAC enforcement before execuing it, but at any rate, Comodo will contain the execution. Some snips below.

Contained Apps:

View attachment 284725View attachment 284726

ccleaner download contained and execution blocked by WHHL WDAC:

View attachment 284727

******** WDAC blocked events for EXE and DLL files ********
***********************************************************

Event[0]:
Event Id = 3077
Local Time:  2024/08/03 12:01:51
Attempted Path = C:\Users\me\Downloads\ccsetup626.exe
Parent Process = C:\Program Files\Ablaze Floorp\floorp.exe
PolicyName = UserSpace Lock
UserWriteable = true[/code

You can temporarily run a program in the container by right-clicking the program shortcut and choosing: "Run in COMODO container" or you can even set up an Auto-containment policy to force the program in containment every time it's run.

Ok fine!!! You twisted my arm. I will try Comodo containment just for the sake of browsing tracking being dumped up on closure of the browser and the ability to *maybe* sandbox other software

 

[wat0114]

I presume neither solution would be able to sandbox a multiplayer game anti cheating software like Easy Anti Cheat (EAC) due to ring zero requirements?

I am always very very weary of any gaming software from having a root level access. It's basically a white hat rootkit that's just one exploit away from making your system useless.

not sure, but maybe check as per below snip...



Never tried this, but maybe someone else knows.

 

[cartaphilus]

not sure, but maybe check as per below snip...

View attachment 284728

Never tried this, but maybe someone else knows.

Cool! I am just afraid of this option being global since whatever EAC needs access to you don't want any malware to have access to. So by enabling the folders for EAC will defeat the purpose of sandbox. But I can see it being an option where the folders that don't require virtualization are some random mom and pop level folder that one needs to store let say output files.

 

[wat0114]

Cool! I am just afraid of this option being global since whatever EAC needs access to you don't want any malware to have access to. So by enabling the folders for EAC will defeat the purpose of sandbox. But I can see it being an option where the folders that don't require virtualization are some random mom and pop level folder that one needs to store let say output files.

Yeah I guess you'd have to experiment and see how restrictive you can make some of the gaming files and folders without crippling things. I don't know what level of restriction is placed on a program that is containerized via right-click option, although I suspect it's weak, but with user-created Auto-container policy for a selected program, you can choose the restriction level you want. Just keep in mind, ofc, that too restrictive could cripple things.



There might be an easier way to enforce containment on a selected program full time, but so far this is the only way I know how

 

[cartaphilus]

Yeah I guess you'd have to experiment and see how restrictive you can make some of the gaming files and folders without crippling things. I don't know what level of restriction is placed on a program that is containerized via right-click option, although I suspect it's weak, but with user-created Auto-container policy for a selected program, you can choose the restriction level you want. Just keep in mind, ofc, that too restrictive could cripple things.

View attachment 284730View attachment 284731View attachment 284732

There might be an easier way to enforce containment on a selected program full time, but so far this is the only way I know how

Awesome THANKS! I will have fun tomorrow playing around with this!

 

[rashmi]

I have little experience with Sandboxie. Comodo containment can definitely run more programs than Sandboxie. However, Comodo containment is not a light virtualization like Shadow Defender, so some programs may not work with it. Comodo auto-containment uses the settings applied in the containment section. With manual setup, you can choose the containment level, while the context menu option uses the default Run Virtually/Fully Virtual (if I remember well).