Recently I found that clipboard contents are not removed even after the sandbox containers in Comodo Internet Security premium 2025 are reset. It appears that only full resets are possible after full system reboots.
I can confirm the findings described above.
I have disabled (unchecked) “allow contained applications to access the clipboard”.
I run Libre office in the container, type something in Libre, select the text, and then copy it.
Next, I close Libre Office and reset the container.
As an unrelated test, I open notepad (not in container) and paste into notepad - nothing happens (this is good because anything copied from within the container should not be accessible outside the container).
Now I run Libre office in the container again, then paste into libre office, and the original text I copied (from within the container) is still on the container’s clipboard (and can still be pasted) even though the container was reset.
I guess this could potentially allow stealing of information from the clipboard. For example, let’s say you are filling out a loan application online using your browser, which is running in the container. For the sake of accuracy and speed, you open another file in the container that has sensitive financial info (such as Bank names, account numbers, etc), then you copy the sensitive information & paste it into the application. You close the browser, and then empty the container. Now, you open your browser in the container, and surf the internet somewhat carelessly & accidentally get malware. No problem, just reset the container, and malware is gone. uh…wait ! Did the malware steal info on my clipboard? Was there still bank names and account numbers on my clipboard in the container? Malware may be gone, but personal data may have been stolen.
The above scenario is unlikely or and may even be unrealistic, but it does seem to me that emptying the container should also clear the clipboard that exists within the container (erasing all data and programs that were in the container).
1 Like
Hi Whoop-dee-doo,
Thank for reporting.
We will check and update you.
Thanks
C.O.M.O.D.O RT
You’re welcome. A program-level patch and update is in order once the issue is fixed.
If clipboard content hasn’t left sandbox, then this cannot be treated as a major issue.
There are a lot more important issues to be fixed in CIS than this inconvenience.
In general, sandboxed applications should not be used for critical/confidential information if there are rules that will run untrusted applications in same (and only) sandbox.
I’m hoping that someday CIS will adopt Sandboxie approach with multiple independent sandboxes, given that Secure Shopping was deprecated not so long ago.
In the issue the clipboard content didn’t left sandbox but it’s supposed to be eliminated when the container is reset but it didn’t. Hence the confidentiality and integrity aspects of the CIA security triangle has been completely wrecked.