Elevated privileges alert

[Guest]

[peci1]

Hi, yesterday I updated to version 4 of Comodo Firewall. I like configuring defense+ to a high level of security (relatively much alerts), but I don't see the point of being alerted of a program trying to get elevated privileges on win7 - because the system anyways asks me for granting the privileges.

I looked for an option to disable just these alerts, but I don't see any option for disabling just these. Can you please give me an advice? (I don't want to disable any other alerts)

[Ovidiu G.]

Hi, yesterday I updated to version 4 of Comodo Firewall. I like configuring defense+ to a high level of security (relatively much alerts), but I don't see the point of being alerted of a program trying to get elevated privileges on win7 - because the system anyways asks me for granting the privileges.

I looked for an option to disable just these alerts, but I don't see any option for disabling just these. Can you please give me an advice? (I don't want to disable any other alerts)

Hello,

Did you have updated CIS to version 4.1 and have Sandbox enabled? In this version the elevated privileges alert is a little bit changed i.e. you can click "Sandbox" button and run from beginnig a application with restrited rights. When you disable UAC on Win 7 and change CIS to Proactive Security Configuration, you will gett less alerts and more security. It is only a suggestion.

Ovidiu  

[peci1]

Hello,

Did you have updated CIS to version 4.1 and have Sandbox enabled? In this version the elevated privileges alert is a little bit changed i.e. you can click "Sandbox" button and run from beginnig a application with restrited rights. When you disable UAC on Win 7 and change CIS to Proactive Security Configuration, you will gett less alerts and more security. It is only a suggestion.

Ovidiu  

Thanks for your suggestion, Ovidiu, but it is not good for me. I don't want to disable the UAC.
I haven't read any information about sandbox yet, but I would think that a sandboxed program cannot make permanent changes to the system, does it?

[Ovidiu G.]

Thanks for your suggestion, Ovidiu, but it is not good for me. I don't want to disable the UAC.
I haven't read any information about sandbox yet, but I would think that a sandboxed program cannot make permanent changes to the system, does it?

Indeed, a sandboxed application cannot make permanent changes to the system. You can find out more about Sandbox here: http://forums.comodo.com/defense-sandbox-help-cis/introduction-to-the-sandbox-t53268.0.html;msg377448#msg377448

I have this configuration on my computer (Win7) and D+ on Safe mode and I had no problems so far.

[peci1]

Indeed, a sandboxed application cannot make permanent changes to the system. You can find out more about Sandbox here: http://forums.comodo.com/defense-sandbox-help-cis/introduction-to-the-sandbox-t53268.0.html;msg377448#msg377448

I have this configuration on my computer (Win7) and D+ on Safe mode and I had no problems so far.

Thanks for the link. I see now that I don't want to use sandbox by default. I still try to find an elegant solution, but unsucessfully...

[mouse1]

Thanks for the link. I see now that I don't want to use sandbox by default. I still try to find an elegant solution, but unsucessfully...

If you untick 'automatically detect installers', under sandbox settings that should help. Installations may then fail if you have the sandbox enabled though.

Also any files that still give this alert you can define as installer/updaters in the computer security policy. I suggest that you don't do this for any files you may use to run unknown software - security risk!

Best wishes

Mouse

[peci1]

If you untick 'automatically detect installers', under sandbox settings that should help. Installations may then fail if you have the sandbox enabled though.

Also any files that still give this alert you can define as installer/updaters in the computer security policy. I suggest that you don't do this for any files you may use to run unknown software - security risk!

Best wishes

Mouse

Thank you, this seems to help... Adding a rule for regularly used applications isn't a problem, my question was mainly pointed to installers.

[Tags:]