Disabling "Automatically trust files from trusted installers" yeld no effect

OS: Windows XP SP3 32 latest patches.
CF 4.0.141842.828 Proactive config defaults

Disabling “Automatically trust files from trusted installers” (Defense+ Tasks > Sandbox >Sandbox Settings) doesn’t appear to prevent D+ from automatically adding new entries (unrecognized files resulting the installation of some installer often signed by trusted vendor) to “My Own safe files”.

The latter action appear totally unrelated to the state of “Automatically trust files from trusted installers” (enabled vs disabled).

Implicit mention to such option (‘this setting’ link) is available in “Comodo Internet Security - Understanding Alert” whereas Elevation alerts are described.

5. Run with elevated Privileges Alerts usually occur on running an Installer or an application that requires administrative privileges. If you trust the publisher, you can allow the request. Based on your response, CIS will trust the Installer, treat all the files from this installer as safe files and no alerts will be generated in future on executing the files. However, you can change [u]this setting[/u] under Defense+ Tasks > Sandbox > Sandbox Settings.

It is unclear what disabling “Automatically trust files from trusted installers” actually achieve (whereas it is enabled in all configuration defaults)

The following available testcases pertain installers that generate unrecognized files (thus won’t be trusted if not added to “My safe files”) but are not seemingly affected by changing “Automatically trust files from trusted installers” ( this setting)

  • Notepad++ unsigned installer generate an elevation alert (thus unrecognized installer) but do not add the installed files to “My own safe files” and thus the corresponding applications won’t be trusted.
    “Automatically trust files from trusted installers” state (enabled vs disabled) won’t affect this in any way.

  • Entries to “My own safe files” will BE added for Latest Opera msi installer which is an application digitally signed by a Trusted vendor (Opera Software ASA) but in such case no elevation alert will be displayed for the installer.
    “Automatically trust files from trusted installers” state (enabled vs disabled) won’t affect this in any way.

  • Removing “Opera Software ASA” from trusted vendors will have the installer trigger an elevation alert whereas entries will BE nevertheless added to “My own safe files” whenever “Always trust the Publisher of this file” is left unchecked.
    “Automatically trust files from trusted installers” state (enabled vs disabled) won’t affect this in any way.

  • IDrive Online Backup Classic Version 3.3.3 is a digitally signed installer whose vendor (Pro Softnet Corp) is not featured in " My Trusted vendor". Entries to "My own safe files will NOT BE added for this installer whereas “Always trust the Publisher of this file” is left unchecked on elevation alert
    “Automatically trust files from trusted installers” state (enabled vs disabled) won’t affect this in any way.

  • Adding “Pro Softnet Corp” to " My Trusted vendor" will not have the installer trigger an elevation alert (will be silently elevated) whereas entries will BE added to “My own safe files”
    “Automatically trust files from trusted installers” state (enabled vs disabled) won’t affect this in any way.

NOTES: The above mentioned testases might not apply anymore whereas the insofar unrecognized files (generated by those installers) will be eventually added to Comodo’s own safelist (eg Smartdefrag 1.45 does not apply anymore) and thus cannot be added to “My own safe file” list anymore

Related topic: How does disabling “Automatically trust files from trusted installers” work? (help boards)

Hi,
I came across the same problem!
How can I prevent COMODO from automatically adding files to “My Own Safe Files” list?

I installed two programs: The TOR (only) Win32 installation, which comes as unsigned exe installer. As expected, the newly installed files are added to “My Pending Files”.
In contrast, the files from Vidalia (a GUI for TOR), which are available as MSI package, are placed in the “My Own Safe Files” list. So, since in this case the MSI Application is used, I’m seeing a direct connection to the mentioned setting. It’s definitely disabled in my configuration!

Please fix this as soon as possible. It’s underminding the sense of the Clean PC Mode completely this way!

My configuration:

CPU (32 bit or 64 bit)

  • AMD Turion, 64bit
    Operating System information (including Service Pack Version)
  • WinXP, SP3, 32bit
    Actively-running security and utility applications
  • CIS 4.0.141842.828
    Specific symptoms of the bug
  • Files from “trusted installers” are placed in “My Own Trusted Files” when “Automatically trust files from trusted installers” is disabled
    And steps you can take to reproduce it (step by step).
  • disable the “Automatically trust files from trusted installers” setting and install any MSI package or an application using any other trusted installer.
    Specific steps you have taken to try to resolve it.
  • None, don’t know how to fix it - maybe I should simply switch back to CIS3, which didn’t have this behaviour.
    Brief description of your Defense+ and Firewall+ mode (Custom, Train with safe) plus mention if you modified any setting in ADVANCED section of D+ and F+ (Optional if you post a Comodo Firewall Pro Configuration Report)
  • D+ in Clean PC Mode, Sandbox disabled, Firewall in Custom Mode
  • All settings in Sandbox General Settings tab are disabled
  • Image Execution Control settings: “Files to check” changed to “All applications” group
  • D+ General Settings: Trust applications from trusted vendors unchecked, Block unknown requests, while GUI not running checked,
  • D+ Monitoring Settings: All checked

Same behaviour in CIS 4.1.x.916

Bump, still in .920

Yesterday I installed iTunes. All I got in the my pending files/trusted files list were some dlls. From what I saw, the Quicktime browser plugin dlls. All other files didn’t appear in any list!

I’m back on 3.14 for now.

I have replicated Endymion’s bug with the Opera 10.6 beta installer and CIS 4.1.xx.920

Best wishes

Mouse

bump

It’s been confirmed that this will be addressed in the next major version.

At the moment please assume the ‘trust files’ setting is always on.

Best wishes

Mouse

Thank you for the response.
So for now, I’m simply staying at 3.14…