Add Ability To Create Multiple Sboxes For Running Apps Fully Virtualized [M493]

1. What actually happened or you saw:
All programs run as fully virtual are executed in the same sandbox.

2. What you wanted to happen or see:
Users should be able to create multiple sandboxes. They could either create a single one for each app or choose which sandbox to run the new file in.

3. Why you think it is desirable:
This way users can use a separate sandbox when i know the sandboxed environment would not work regularly otherwise.
One way users could use this would be to have sandboxes that are separated from each other so they can have a sandbox that’s more safe for programs the user is not certain about, and a really messy sandbox where users can use more dangerous things.

4. Any other information:
There would be one default sandbox in which apps are handled when clicking execute in sandbox while the other sandboxes could be created and maintained by the user by manually setting rules.

Thank you for submitting this Wish Request. I have edited the first post and the title. Please let me know if everything looks correct.

Chiron, please check bug 493 in the tracker.

Thank you captainsticks.

As captainsticks pointed out, this Wish has already been added to the tracker previously by one of my fellow mods. Thus, instead of having this Wish go through voting I will move it directly to the Verified Wish Reports section.

Thank you.

No beta version of the ability to change the position of the folder location VTRoot, and yet I got the idea when HIPS stands on learning better position to do that would comodo icon changed and it would be clear that it is in “training”, as when you forget to put back it turns out that setting Cleared though because learning everything installed and used, all memorized.

This one is getting a bit old :frowning: I still very much like to see that.

Please take action on this. It’s a great way to bring the sandbox more into focus.

I would like to see serious development in this area with regards to virtualization. For example, why not sandbox an application with no restrictions…as long as it is being monitored in its sandboxed state? If the application turns out to be undesirable later, the program can be deleted and its sandbox removed. Another consideration is use of special alerts for behaviors (HIPS/Firewall/Viruscope) of the contained application and perhaps some special considerations from Viruscope with regards to the activities of sandboxed items (->higher sensitivity and greater communication with the cloud). Alerts could indicate, like for example the viruscope alerts (which are different) than the standard alert) that the setting will be for a sandboxed application. There are so many nice considerations to this type of thinking, with the application simply making ALL its changes to the sandbox, yet having no restrictions.

Comments are welcomed. I would love this idea in a new dialog of the settings area of Comodo and/or within a new access button on the widget.

I posted something similar to this in the wishes for the beta. The ability to make more containers with forced virtualization rules for specific applications would be awesome.

Context menu entries to allow the user to start applications in a different sandbox even when said application is set to always be virtualized a specific sandbox would be cool too. Meaning if lots of apps are set to be virtualized into a sandbox by the name of “sandbox A” but if the user wanted to sandbox one or more of those applications into “Sandbox B” and then another instance of one or more of those apps in “sandbox c” as well then there would be a prompt to allow the user to do that that could be invoked through a context menu click of a shortcut. A lot like sandboxie can do.

I would also want virusscope to monitor everything running inside of every container and the ability to set a timer of days/weeks for selected containers to be automatically cleared.

“Do not virtualize access to:___” rules specific to each sandbox would also be awesome. And the ability to block access to certain folders and files to selected sandboxes would be nice too.

And finally, the ability to run a virtual desktop is each sandbox complete with password protection and automatically blocking privilege elevation to selected sandboxes would also need to be a thing.

Hi AtlBo & DrAlrek,

Thank you for your valuable wishes.I will inform this to our Developing Team,they will decide on the best way for implementing it and we are always ready to add some additional features as per user perspective.

Best Regards,
PD

I wished for this in the beta section a while ago. Glad to see there’s a good chance they’re going to do it.

Even if a huge portion of your userbase would never use a feature like this. It’s good to give the users lots of options to make work the way they want to make it work.

Comodo has never been for the average user, so there’s no sense catering to users that would be confused by options like these.

Sorry, I couldn’t find the option to edit my post.

would it be something like the example of the print?

Not quite. We’re talking about making multiple containers specifically for legitimate applications. In case something gets downloaded without the user being made aware of that file being downloaded. Or if the user wants to make a specific container to run in virtual desktop mode to protect their computer from their kids or friends.

A lot like sandboxie, but with comodo’s virusscope monitoring everything going on in each one. And specific virtualization exceptions for each container. specific privilege escalation rules for each one Specific blocked access to certain folders for each one.

The wish I made in the beta section talks about all of the benefits of doing that.

Any updates on how you guys might end up implementing a feature like this?