Comodo Help Doc - Misleading

Hi there,

I was reading the Comodo help documents on the web, then I noticed that the sandboxing part is kinda misleading. Comodo Help.
I mean the autosandbox part -

Automatically sandboxed applications are run with ‘Partially Limited’ restrictions. More detail: Sandboxed applications are allowed to run under a specific set of conditions or privileges. In CIS, these are known as ‘Restriction Levels’. There are four levels – Partially Limited, Limited, Restricted and Untrusted (‘Partially Limited’ is the default level for applications that are automatically placed in the sandbox). In part, sandbox restriction levels are implemented by enforcing or relaxing the native access rights that Windows can grant to an application. For example, the ‘Limited’ setting applies some of the supported operating system restrictions and grants it access rights similar to if the application was run under a non-admin user account. These restriction levels are fortified with certain Defense + restrictions that apply to all sandboxed applications (for example, they cannot key log or screen grab, set windows hooks, access protected COM interfaces or access non-sandboxed applications in memory. If the user enables virtualization, then sandboxed apps. can’t modify registry keys or modify existing protected files either).

When it comes to the virtualization part, as far as I know, the autosandbox never applies virtualization, and also I read that in this forum, some posts from Comodo veterans. So I think Comodo should have stated that in the document as true as possible.

Also I wanna ask that if I set the restrictions level to “untrusted”, what kind of D+ restrictions can be applied to the sandboxed applications.

My best regards,

it is refering to the manual sandbox. it has both registry and file system virtualization

That the CIS autosandbox is not a true virtualized environment is not news but it is still significant as the term “sandbox” implies that the feature is transparent to the sandboxed program file, when in practice, many things just don’t work with limited rights.

Totally agree, the HELP file should be updated from time to time :slight_smile:

Mabye they should update CIS to reflect the help file so we have virtualization on auto-sandboxed :wink:

That’s the better approach! :smiley:

:-TU been waiting for that since forever, but it doesn’t seem that the response will come “very soon”. :frowning:

Should you be heard! 88)