Comodo Dragon with Sandbox Technology ?

Yes, you have probably noticed that the program “Sandboxie” is getting more and more popular. A sandbox is like a firewall, which will prevent data leakage in an completely isolated file system.

There is no browsers on the market today that have an built in Sandbox in the browser. And I think this is an great idea for the future. It would increase the security of browser a lot, and you would not need to use 3rd party programs like Sandboxie to make the browser safe.

Chromium based browsers are pretty much sandboxed already. Which is why it wasn’t pwned in Pwn2Own.

Indeed, Comodo Dragon is “already sandboxed” :slight_smile:

Instead of having an add on to something, Comodo Dragon comes with sandboxing included!

This is why its secure :slight_smile: and this is why it doesn’t need sandboxie :slight_smile:


So you mean it is 100% meaningless to use sandboxie with dragon ?

I have not tried sandboxie myself yet, but I had plans to do it this week.
Anyway, I will still try it and see if it does something.

pretty much…yes…

I don’t know of any malware that could jump out of Dragon’s sandbox (or chromium sandbox)…if you see any, pls let us know so that we can fix asap…


Well I know for instance from my own experience with chrome, that I many times get a java trojans.
Which I had to delete many times with trend micro online scanner. I doubt this would happen if I did run sandboxie.

can you pls share with us few examples. thank you…


For instance the TROJ_JAVA family.

it goes under many names. TROJ_JAVA.AQ, TROJ_JAV.AX, TROJ_JAVA.AQ, TROJ_JAVA.AT
It does exist many more variants, but htese are all I can remember. I get these with dragon.
They can be found in an temp folder outside the dragon folder, so if Dragon was Sandboxed I doubt this would happen.

Anyway I will install Sandboxie in a couple days, I have my suspicions on which site that I get this java trojan from constantly.

In the link I posted earlier…“Therefore, it is impossible for us to prevent against a flaw in the OS security model itself.”

So if these “Trojans” are exploiting a flaw in the OS, then there is nothing Chromium-based browsers on Windows can do.

Many many programs make use of the Temp directory, so it isn’t unlikely that Dragon were to write there on a temporary basis. Even with Sandboxie, I am sure it would write there.

I question TROJ_JAVA because for the most part I only see it being declared by Trend Micro and even then is it a TRUE Trojan? Was browser security really compromised or was a plug-in to blame?

The difference between dragon and sandboxie is, if you would run Sandboxie, Sandboxie would first tell me that TROY_JAVA.xx wants to load into my system. I could then just tell Sandboxie to terminate the processes… and no harm would be done, cause it all run in an isolated filesystem.

Atleast Dragon should inform me as user that this file want’s to load. and you could click yes/no if you want to give it access, just like an firewall.

I think it is a bad answer to blame the OS, cause the trojan itself is downloaded “THROUGH” Dragon, because lacking security layer. This kind of trojans should not get into the system in first place. That is here where Sandboxie comes in, it acts like an “firewall” for the web browser.

How Dragon and web browsers use external software and cookies is something that can be improved.

It might be true that chroium have Sandbox elements, but it is not a true sandbox. Then Java trojans and other stuff would not be able to load into the system as it do.

And yes it seem to be mostly Trend Micro who report these trojans, some of them report as “High” risk" …I am actually not sure myself what they are capable of.

Would it really? You yourself said you haven’t used it.

There is plenty of videos on youtube which explain how Sandboxie works in practice.
So I have a pretty good idea how it works.

How it SHOULD would and how it operates are two different things. I would be very interested to see how Sandboxie operates with your Java Trojans though.

Yes, I do not claim myself to be any kind of security expert.

But If Understand correctely how Sandboxie works it will run all data in an isolated space in both hdd space and memory space. If for instance a java application would want to run outside the Sandbox, then the java application what not be able to detect anything outside the Sandbox. This mean it would be impossible to let java applications leak to temp folders like it does today.

If some one have any better idea how the Sandboxie works just let me know.

Or just try it yourself…it is free.

While I could try it myself, I won’t because you are the one that has access to these Java Trojans. :wink:

So are we having these Java trojans bypassing chromium based browser or not?

can someone pls show us if its true…

User23344: you said it was possible, but you haven’t yet provided neither a sample nor a proof of these bypassing chromium based browsers.

can you pls provide it asap.

thank you


I think it has happened on my computer, I use CD to open malware sites so I could get the exe in there and some of them load java, I have found some dropped trojan files in my system32/drivers folder. Do I know what files they are, nope. But they were there, about 3 or 4 of them that I found with hitman pro.

Were you able to confirm the site that caused the infection by comparing those system32/drivers last modified date and your browser history?

What was the affected OS? What were the plugins (not extensions) installed at the time?

It is really awkward to relate with ongoing discussion without any reliable and verifiable information (sample aside)

if u can get more info, it would be great to fix this hole…

thanks Languy99.


Nope I wasn’t I will keep an eye on it more from now on, but I can tell you they were not there before I started searching for malware becasue I scan my computer with hitman pro everyday before and after I am done looking for malware.

os is windows 7 32bit , and the only plugins are java and flash just like I have on the other browsers I use.