1. What version of CIS, or Comodo Firewall, are you currently using:
Comodo Internet Security 7.0.312140.4101 RC
2. What actually happened or you saw
In the current version of CIS, Behavior Blocker only has the ability to automatically sandbox the files using a pre-defined level of security, or to block the file.
3. What you wanted to happen or see
My wish is for the ABILITY/OPTION to do this as the unknown file is trying to run. So instead of having it automatically sandboxing the file as, lets say Fully Virtualized. It gives me an alert in which I can choose these things:
Option 1: Sandbox as… (When clicked it will drop down a list from where you can choose the level of security you want to sandbox the application as)
Option 2: Allow (When clicked it will drop down a list from where you can choose either to allow for the session or also add the file to the Trusted Files list.)***
Option 3: Block (When clicked it will drop down a list from where you can choose either to Block once, Block for Session, Always Block or to Block and Delete.
Of course this would be an OPTIONAL setting and it doesn’t matter to me if it’s enabled or disabled by default.
***HIPS should still be active for the file if HIPS is enabled and you click “Allow” for the BB alert.
4. Why you think it is desirable
Improves usability and allows different ways to work with CIS that was previously impossible.
Please let me know which version of CIS you are currently using. I just changed the format slightly as I realized that was missing, and want to make sure each post if complete before moving.
Thank you for adding the version number. I’m currently not sure how best to word the title and the poll so that they best capture this idea in the limited space. Please let me know what you think of my recent edits. I think it can be phrased better, and would really like to hear your thoughts about the wording. By the way, I think this is a great wish, and one which I would love to see implemented.
I like the wording you proposed and have now added it.
Thank you for submitting this Wish Request. I have now reset the poll and moved this to the WAITING AREA.
Please be sure to vote for your own wish, and for any other wishes you also support. It is also worthwhile to vote against wishes you think would be a waste of resources, as implementing those may slow down the wishes you would really like to see added.
It is essential because without this feature CIS can cause problems, example:
I run an uninstaller
The uninstaller launches some scripts
Scripts get sandboxed
Scripts can’t execute some operations because they are sandboxed
The uninstaller terminates, scripts get deleted by the uninstaller
Maybe those scripts should have done some things but they couldn’t because they were sandboxed by CIS. I can’t even relaunch those scripts because the uninstaller terminated and its scripts got deleted.
If at least 20 people vote for this, and at least 75% of those people vote yes, I can forward this to the devs for consideration. Please be sure to vote for it, and encourage others to vote for it as well.
I would like to thank everyone who has voted on this particular enhancement. As there have been 20 or more votes, and more than 75% of those votes were positive, I have added this to the tracker for consideration by the devs. However, do note that even though this wish will be considered by the devs, it does not necessarily mean that it will be implemented. I will update this topic when I have any additional information.
I’d vote for this too. In CIS 8.2.4951 as released this week, this can still be a problem, particularly when installing/uninstalling. A good example of software that is tripped over by this is KC Software’s sumo_lite.exe program.