How do you block some applications (deny read and write ability) from accessing a particular folder on a drive, using Comodo Internet Security? For example, let’s say the folder location is ‘E:/Projects’ (not on the C drive/Windows installation drive).
I don’t want to run the app in the sandbox or put any other restrictions on it, and I don’t want other applications to have no access to the folder, only the selected applications. I tried many ways to do this using the old version of CIS but found no way.
1 Like
You need to use HIPS and it will only deny write access. You add the folder path to protected files HIPS settings then create a HIPS rule and add the same path to the blocked file/folders tab of protected files/folders access right exclusions.
1 Like
You need to use HIPS and it will only deny write access.
The suggestion you have provided there will not deny read rights - i.e the application will still be able to access the file to read it. Is that correct?
Yes, if you want to deny read access then you have to run the application in containment and add the folder to protected data. Otherwise HIPS will only prevent writing to the specified files/folders.
OP:
I don’t want to run the app in the sandbox or put any other restrictions on it
So basically it seems blocking an application’s access to particular folders without putting other restrictions (sandbox/containment/etc.) on it is not possible with Comodo Internet Security.
If anyone does have any way to do this please let me know.
Thanks.
Compress it in password-protected ZIP and nothing will write or read it
1 Like
I have one person here saying it is not possible using CIS.Can anyone else confirm?
Edit: Some of the following post won’t make much sense as the post I was replying to has been removed:
I wanted a solution in CIS if possible, but Windows security looks like reasonable solution as it wouldn’t entail installing any more software. I would do it by running the applications as a specially created user though, as it seems that Windows access permissions for folders/files go by users and groups, not apps.
Not sure what you mean by creating a virtual container in Comodo then moving the “E:/Projects” folder inside the container. I think you may have this mixed up with something else? In my installed version of Comodo, there is only one ‘container’, and it’s not a location where you can move folders and files. You can right click on a .exe and run it in the Comodo Container, so it wont have access to anything except virtualized locations you allow it to access, but this isn’t a viable solution in my case.