* Home Help Search Login Register  

Welcome, Guest. Please login or register.
March 22, 2010, 07:39:58 AM

Login with username, password and session length

373656 Posts
41473 Topics
94222 Members
Latest Member: abbbz

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Desktop Security Products & Services
| |-+  Comodo Internet Security - CIS
| | |-+  News / Announcements / Feedback - CIS
| | | |-+  Wishlist - CIS
| | | | |-+  Option To Set Exceptions In "File Groups" For Object Accesses		 « previous next »
Pages: [1] Go Down Print
Author Topic: Option To Set Exceptions In "File Groups" For Object Accesses  (Read 1078 times)
metalforlife
Comodo's Hero
*****
Online Online

Posts: 327
« on: May 29, 2009, 06:31:08 AM »
I would like a feature that allows me to set exceptions for certain applications within a file group for DNS Client Service, Loopback Networking and all objects D+ monitors against direct accesses.

Of all types of access rights, the ones I mentioned above should have a 'Modify' button under the 'Settings' column. Unlike the types of accesses, for which you can set 'blocked' & 'allowed' application exceptions, this one would be different in that the exceptions you set would be from the file group you would be applying the settings to. For instance, if I create a 'file group' of a bunch of applications of which only one does not access the DNS Client Service, I would set a global "allow" but block it for that particular application through the "Modify" interface.

For Direct Disk Access, specially, if possible, there should be an option - along with setting application exceptions - to specify which drive it could/should access.
« Last Edit: May 29, 2009, 06:33:59 AM by metalforlife » Logged
tcarrbrion
Comodo's Hero
*****
Offline Offline

Posts: 541
« Reply #1 on: May 29, 2009, 07:48:12 AM »
It looks like you want to do the sort of thing that made me add this wish list:
http://forums.comodo.com/defense_wishlist/idea_for_increased_security_and_configurability-t38559.0.html

If you could force a pop-up for groups of applications everything without a rule would be blocked with parental mode on and it would be easy to allow if parental control were off. These sort of actions should not be common so you should not get many pop-ups.

Your idea would extend this. It might make it more confusing to use as the exceptions for the top rules would be targets and the exceptions for the lower rules (your ones) would be the application. Some advanced features like this could be invisible unless an advanced option was ticked.
Logged
metalforlife
Comodo's Hero
*****
Online Online

Posts: 327
« Reply #2 on: May 30, 2009, 09:32:05 AM »
The reason behind my idea is a bit different. I am looking for more flexibility when setting rules for file groups. Since having multipe entries for one application is not possible, I thought that where and when found necessary to set exceptions within a file group, it could be added through the interface - as I have ideated.

As applications are grouped on the grounds of behavioural similarities, it is highly likely that one or many application(s) in a file group might require access(es) which is/are specific to it/them. It is also very likely that one of these accesses, if allowed for applications that do not need it, will render the system vulnerable.

That is why I had thought up this idea so that accesses could be set on a per-application basis within file groups.

Quote from: tcarrbrion on May 29, 2009, 07:48:12 AM

Your idea would extend this. It might make it more confusing to use as the exceptions for the top rules would be targets and the exceptions for the lower rules (your ones) would be the application. Some advanced features like this could be invisible unless an advanced option was ticked.

Won't be a probelm as Defense+ would search all across the "Computer Security Policy" for a matching rule. I feel, an order-based rule preference is better applicable to the firewall.
Logged
tcarrbrion
Comodo's Hero
*****
Offline Offline

Posts: 541
« Reply #3 on: May 30, 2009, 02:52:52 PM »
If you had my "force prompt" idea you could set up a predefined security policy with this in and give this to different applications without using a group. You could then let each application override the predefined policy as required and there would be no need to save exceptions within the group.
Logged
metalforlife
Comodo's Hero
*****
Online Online

Posts: 327
« Reply #4 on: May 31, 2009, 10:11:34 AM »
I don't understand how that would work. For object accesses, it is one single entity the application would be accessing. How can you set a force-prompt as an exception in a file group?

Another way to implement my wish would be having system-wide rules (I had proposed this idea in another thread). That would work much better. This way, you will click on an access (for example: physical memory) and add a list of allowed and blocked applications. When you create a file group, in which, to one of application you would like to block access to the physical memory, you would tell the D+ to consult the global settings (This would be a check box at the end of the row of an access).

- Application rules would override global rules.
- When no application rules are found, global rules are in effect.
- If, for an application, you want D+ to refer to the global rules you would tick the check box (see above).
Logged
tcarrbrion
Comodo's Hero
*****
Offline Offline

Posts: 541
« Reply #5 on: May 31, 2009, 12:00:08 PM »
My last post was about single application entries and not groups. I prefer the use of file groups myself.

I have tried to explain my ideas better in my most recent post here:
http://forums.comodo.com/defense_wishlist/idea_for_increased_security_and_configurability-t38559.0.html
Logged
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.051 seconds with 18 queries.
Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com