1. What actually happened or you saw:
Comodo allow all programs to connect to internet by default.
Comodo allow unknown programs in Sandbox to connect through internet with Default settings.
2. What you wanted to happen or see:
Comodo allow all programs to connect to internet by default.
Allow user to enable a settings in Firewall or in Sandbox tab to deny any sandboxed programs from connecting to internet with an alert, or give an Ask Alert when a sandboxes program tries to connect to internet.
3. Why you think it is desirable:
then you can keep the Do not show popup alert: allow requests, enabled and only allow trusted programs in trusted files/or files in exclusion to connect to internet, and still deny any unknown programs to share any information the sandboxed program have collected.
Thank you for submitting this Wish Request. I have now moved this to the WAITING AREA.
Please be sure to vote for your own wish, and for any other wishes you also support. It is also worthwhile to vote against wishes you think would be a waste of resources, as implementing those may slow down the wishes you would really like to see added.
By default Comodo allow any unknown to connect to internet regardles if the unknown run in/outside the auto-sandbox.
With this option people can allow all unknown that exist on the computer before Comodo was installed to connect to internet (same as the current default setting)
and at the same time block any new unknown that run in the Auto-Sandbox (that originate from the internet, local share, intranet etc)
Please see enclosed snap, all you have to do is de-select that highlighted option in Firewall settings and you will be asked for unknown app, which by default would be running in Sandbox anyway due to default-deny.
Please state any reasons you may not find it good enough.
""By default Comodo allow any unknown to connect to internet regardles if the unknown run in/outside the sandbox.
With this option CIS can allow all unknown that exist on the computer before Comodo was installed to connect to internet (same as the current default setting 2016)
and at the same time block any unknown that run in the Sandbox from sending data, that are new to the system (originate from the internet, local share, intranet etc)“”
You could also run with Custom Mode, e.g ask for any application,
and with this option you could allow Requests for any program outside the sandbox
(Trusted or program added to sandbox exclusions) and ask for trusted and unknown programs running inside the sandbox.
So you can deny any trusted inside the sandbox from sending data.
(Technically you could have seperate rules for sandboxed applications.)
Was tesing a ransomware in a virtual box (2016) and the ransomware infected the copy of the Sandboxed explorer.exe and since explorer.exe was trusted then it was allowed to connect to internet.
(The ransomware was ofc sandboxed and couldent do any thing to the system)
CIS is a good platform to build and add advanced options for the user.
We have a change coming that will allow to define a firewall rule and you can pick state of application in or outside Sandbox.
So you will be able to control Internet activity for apps inside Sandbox with given file rating.
:-TU