Sandbox Virtualisation - Mini FAQ [v4/5]

SANDBOX VIRTUALISATION

[ol]- What is virtualisation

[i]Please help us improve this Mini FAQ by posting suggestions to the ‘Sandbox help materials - Feedback’ topic here.

This introduction has been prepared by a volunteer moderator – with input from many other moderators and Comodo staff members (Thanks everyone, especially Egemen). It has been produced on a best endeavours basis - it will be added to and corrected as we find out more about the sandbox. Please note that I am not a member of staff and therefore cannot speak on behalf of Comodo.[/i]

Updated: 12 June 2010 to reflect CIS version 4.1.xxx.920
Updated: 13 September 2010 to reflect CIS version 5.0

Virtualisation means keeping copies, called ‘virtual copies’ of the files and registry keys created or updated by a program in one place. Typically these are kept under one header key in the registry and in one directory on the hard disk. A sandbox can virtualise some or all of these files & keys. When the program wants to access a virtualised file, the sandbox software ensures it accesses the virtual copy, if a virtual copy exists. It does this by intercepting and redirecting such communications.

Virtualisation offers control over software by restricting the effects of the software to one location. It does this (in the main) without impairing your ability to run the software because the files and keys still exist.

In particular the CIS virtualisation is designed to offer:

[ol]- Protection. Protection against the effects of malware or badly coded programs, by localising these effects, while allowing the programs to run.

  • Privacy. The ability to remove all usage traces created by a program, but not the ability to completely remove the program itself. (It is not yet clear whether Comodo is going to place much emphasis on this purpose, though the virtualisation design can support it. For example there is not even a usage trace deletion facility yet.). [/ol]

N.B. Virtualisation in CIS is usable but still not mature - so it may not completely achieve the above purposes. We expect it to improve greatly in forthcoming releases.

Manually sandboxed software is virtualised by default
Automatically sandboxed software is not yet virtualised, but is likely to be in forthcoming releases. This will allow file and key access restrictions to be relaxed on sandboxed software so it will run better.

CIS virtualises all files and keys created by software except any files and keys created by software installers which are not subsequently updated. Such files and keys tend to be program files and keys related to inter-program communication. By avoiding virtualising these files and keys CIS avoids the need to use undocumented OS facilities to intercept communications [1]. These undocumented facilities have been withdrawn in 64bit Windows. (Communications between programs and data do not require the use of these undocumented facilities).

Footnotes
[1] More recent programs may not be installer based (eg programs downloaded and run ’on the fly’), but communications between such programs can in general be intercepted without the use of undocumented OS facilities.

Installer software. CIS dos not create virtual copies of files or registry keys created by installers

Installed software. CIS creates virtual copies of all files and registry keys created or modified by the software after installation. It ensures that these virtual copies, not the installed copies, are written to, read or (in the case of executables) run. Where files and registry keys are not created or modified after installation the installed copies are read from or (in the case of executables) run.

All other software. CIS creates virtual copies of all files and registry keys created or modified by the software, except software downloaded into default browser download directories. It ensures that these virtual copies, not the installed copies are written to, read or (in the case of executables) run.

What happens to sandbox file/key access restrictions? Where keys and files are virtualised normal sandbox restrictions on accessing these keys/files are lifted