Vista Ultimate + CIS (free version) v4.1.150349.920
I get sandbox pop ups and I choose to keep program sandboxed. The file in question gets added to My Pending Files and under Defense+ Events there is an entry that shows that the file has been sandboxed - Limited.
Hi dogdog;
I have had the same questions about the entries in the Sandbox.
I just tested it with MS Word and now ‘Word’ shows up in:
HKEY_LOCAL_MACHINE\SYSTEM\VritualRoot\winword.exe
and
C:\VritualRoot\winword.exe
with 3 sub-directories;
HarddiskVolume1
HarddiskVolume2
HarddiskVolume3
I chose MS Word because it is not signed with a certificate
I use Word 97. (Old program)
Have now found the entries in the Registry - I was looking at the wrong key!!!
However still no entries under C:\vritualroot.
Do I have to do anything other Tools → Folder Options → View and “Show hidden files and folders”???
How quickly are the files and folders under C:\vritualroot\ deleted??
There is nothing under C:\vritualroot\ even though the sandboxed application is still running.
It seems to me that only the apps you personally add to the sandbox will show in “C:\VritualRoot”
Make sure you have the file system virtualization and registry virtualization turned on.
Under the Sandbox Settings, make sure there are checkmarks beside both.
As for everything showing in the virtualization system, or registry, I don’t know if everything will show up.
Also make sure when you add an app to the sandbox, you go into the “Advanced Settings” tab and put a checkmark beside “Enable file system virtualization” and the registry virtualization.
Check out the Comodo help, Note: When I click on “?What do these settings do?” I get “This program cannot display the webpage”. but you can get to the Sandbox help by making sure the “Contents” tab is selected, then under “Defense+ …”
If I specifically instruct to run an application in the sandbox eg: via Defense+ → Sandbox → Run a Program in the Sandbox then a file system is created under C:\VritualRoot.
But if Comodo puts an application automatically in the sandbox either because Comodo does not recognise the application or because the application was added to the list of files to be sandboxed and hence Comodo automatically sandboxes the application, then there are no files under C:\VritualRoot. However there are entries in the Registry under HKEY_LOCAL_MACHINE\SYSTEM\VritualRoot.
It seems odd/strange that there should be different treatments for a sandboxed application.
Can anyone elaborate/explain why this should be how Comodo works??
I would have thought that the sandbox treatment by Comodo would be the same however the application became to be sandboxed.
The “Introduction to the Sandbox” was very helpful and I now understand its workings much better.
While I now understand the difference between the treat of automatic sandboxing and manual sandboxing, I do not understand the logic of having two different treatments. Why isn’t everything treated the same as process for manual sandboxing??
I think that one particular problem in understanding is that the process is called sandbboxing. Calling it a sandbox creates expectations of how the process works (ie like Sandboxie). I think that the understanding would be easier if it had a different name!!
2) While I now understand the difference between the treat of automatic sandboxing and manual sandboxing, I do not understand the logic of having two different treatments. Why isn't everything treated the same as process for manual sandboxing??
Virtualisation in theory would give the best combination of compatibility and security, but is complex to fully achieve on modern OS. So maybe its a slow burn on developing that - C. probably don't want to put it in a role where it *has* to be used. The meanwhile solution is the autosandbox one - if that works well enough maybe virtualisation will never be used in this context, and become an additional optional privacy feature. I'm guessing of course.
3) I think that one particular problem in understanding is that the process is called sandbboxing. Calling it a sandbox creates expectations of how the process works (ie like Sandboxie). I think that the understanding would be easier if it had a different name!!
