I’m new to this forum, but I’ve known Comodo for a long time. recently I’ve been using CIS 5.3, which is fascinating. But I have this question, which is when I want to make removable disks to run in the sandbox of CIS using the option - “always sandbox” , like the way Sandboxie does. So I make an input like this - “L:* - untrusted”, L = my removable disk, and the restriction level is untrusted. But I find it won’t work. But the funny thing is that if L= my local disk, the sandbox works then. So I wonder that are there something I understood wrong? If so, how can I make it right, so I can “always sandbox” my removable disks? Any input will be appreciated. Thank you in advance.
Unfortunately, CIS will not create any rules for any application launched from a USB drive, but there is a very sound reason for this.
Given the transportable nature of flash drives, they can, and are, used on systems other than yours. Since CIS cannot know whether the last system the USB drive was used in was clean or not, it makes the assumption that any application launched of the flash drive is always to be treated as untrusted.
Applications launched from a flash drives are ALWAYS asked - you cannot make a permanent rule for them.
While this may be viewed as a bit draconian by some, the Comodo developers have, IMHO rightfully, erred on the side of caution.
it makes the assumption that any application launched of the flash drive is always to be treated as untrusted.
I don't know if I understand this right. You mean any application launched from the flash drive will be treated as untrusted, unless it's been recognized by Comodo either by whitelist or by CAV?
I really like the sandbox part of CIS, which makes the ease of use for novice like me to use CIS, but still I want to see some improvements to be made. So that a battle can be called against SBie( :a0no offense, I like it too) . Unfortunately, till now the only advantage of sandbox of CIS, is because it’s free.