Comodo and Hugin

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
1

Hello
I use Hugin, an open source app to build photo panoramas. Hugin uses 5 executables. To assemble a panorama, Hugin creates a .bat file in which it writes the calls to the those 5 executables with the relevant parameters. My problem is that Comodo sees each new .bat as new and asks me for permission to run the executables. Each time I create a new panorama, Hugin creates a new .bat and Comodo asks me my permission 5 times (or sometimes even 6 times). I know the scheme Hugin uses to create the .bat files, I know where Hugin puts them, and of course I know the precise name and location of the 5 executables. Is there a way to tell Comodo that any make####-1.bat calling c:\Program Files\Hugin\nona.exe is OK? Or is there a way to tell Comodo that anyone can call nona.exe? Or any other solution to avoid this tiring situation?

2

Hello;

Do You know where these batch files are located?

Jake

3

If possible were there is a number that changes each time use a wildcard.

Example for ####-1.bat would change to *-1.bat or *.bat including the rest of the path that does not change before *.bat

Dennis

4

@jacob: yes, the current version of Hugin puts them in the same folder as the pictures themselves, which makes sense.

5

@Dennis2: I understand how wildcards work, but I don’t know where I should put them. I am guessing there must be a way to use wildcards in rules, but I couldn’t find out where.

6

Hello Davitof;

If you create a group it will be easier to handle this one program

CIS > Defense+ > Defense+ Computer Security Policy > Protected Files and Folders > Groups > Add > “Hugin” > Apply > Select Hugin > Add Files > Browse (Browse to the installation directory C:\Program Files\Hugin > Highlight This Folder > Click the Arrow point to the right > Apply (You should have under the group of Hugin “C:\Progarm Files\Hugin*” Apply > Apply>

go To Computer Security Policy > “Defense+ Rules” > Add > File Group > Hugin > Treat As > Trusted Application

Did this help?
(All is from memory)

Jake

7

Jacob. Excellent memory! I implemented your rules and I’ll test them tomorrow. I’ll report back. Thanks

8

Ok; i’ll be awaiting your reply :slight_smile:

Hope all goes well

Jake

9

Sorry, it does not work. Maybe this is only to be expected, after all the make####-#.bat are not generated in Program Files but in a subfolder of my photo folder.

I can see 2 kinds of solutions, but I can’t find out how to implement any of them:

  • tell Comodo to stop worrying about any(/some specified) program(/s) called by any batch named something like make####-#.bat
  • tell Comodo to accept any call to some specified executables like c:\Program Files\Hugin\nona.exe

Or maybe (which would be of course much more secure) a combination of the 2 previous:

  • tell Comodo to accept any call to nona.exe from a make*.bat.

Any idea how I could implement this?

10

Please post a screenshot of your Defense+ logs when you try to run the program.

Dennis

Edit Will have a look I think there was a similar problem a few months ago, if I remember correctly the only we succeeded was to create a entry in Groups for the .bat file and then use that group in Defense+ rules.

11

Here is the screenshot. BTW, I was wrong, all batch files are created in the user temporary folder. This makes sense since the batch files are not needed after.

[attachment deleted by admin]

12

This is a awkward one without creating a security risk as the .bat file creates all the processes if you make it a trusted application after that any .bat file will be trusted.

What you need to do is use the path of the .bat file in groups then only allow it to start only processes in the C:\Program Files\Hugin* folder.

Please ask if you are not sure what I mean.

Dennis

Edit The end of the file group would be \make*.bat and in Defense+ applications you could set the rest to block for the group rule and in Run a executable add C:\Program Files\hugin\bin*

13

I discovered that Hugin created batch files in 2 folders: the user temporary folder and the panorama folder (I don’t know if it is the source or the destination folder, since I always put the final panorama in the same folder as the source pictures). The problem is that of course this folder varies, although in my workflow it is always a subfolder of d:\Images_hugin. My first reaction was to create a folder d:\Images_hugin\WorkForComodo and set it up in Comodo. Then I discovered Comodo accepts jokers in paths, so here is my final solution:

  • In Protected Files & Folders, I modified the Hugin group to
    c:\Users[user_name]\AppData\Local\Temp\make*.bat
  • d:\Images_hugin*\make*.bat
  • In Defense+ Rules, I edited the Hugin group: I don’t consider it as a trusted application anymore but I added the executables I know it can run in it’s normal process.

… and it works!

Thanks for the help.

14

Thanks for posting back with the solution.

Glad you manage to sort it all out.

Best Wishes

Dennis