Downloaded Compressed File Not Sandboxed After Unzipping And Running [M1209]

1. The full product and its version:
COMODO Internet Security 8.0.332922.4281 BETA
2. Your Operating System (32 or 64 bit) and ServicePack revision. and if using a virtual machine, which one:
virtual machine : virtualbox 4.3.6 r91406
windows 7 sp1 X32
3. List all the configuration changes you did. Are you using Default configuration? If no, whats the difference?:
Default configuration
4. Did you install over a previous version without uninstalling first, or import a previous configuration file?:
Clean install
5. Other Security, Sandboxing or Utility Software Installed:
No
6. Step by step description to reproduce the issue. Or if you cannot reproduce it, what you actually did before it happened, step by step:
1: Download the zip file containing the .bat file through the browser or download management programs
2: Then unzip it into the downloads folder. I tested with both HaoZip and 7Zip, both of which were installed after CIS Beta was installed.
3: Next run the folder by double-clicking on it. You will notice that it runs without restriction.

7. What actually happened when you carried out these steps:
If the app is downloaded directly from the internet (meaning not in a compressed file) and then run it will be sandboxed correctly. However, if it is downloaded in a compressed file, then unzipped on the computer, and then run, it will run with no restrictions.

8. What you expected to see or happen when you carried out these steps, and why (if not obvious):
Regardless of whether an unknown file was initially downloaded in a compressed file, or directly, CIS should recognize it as unrecognized (as it should have been tracked in some way that it was from the internet). It should then be restricted accordingly.

9. Any other information:
A video which clarifies this issue is attached to this post.

[attachment deleted by admin]

How did that .bat file get on the computer? By that I mean how was it transferred to the computer prior to the start of the video.

Thanks.

I downloads the sample from the browser and And i worked decompress sample to Desktop

So am I correct in understanding that originally it was in a zip file?

Is it also correct that after that you used an archive program to unzip it?

If so, what program did you use, and was it installed to your system before or after CIS Beta was installed?

From discussions in the SG I believe that the answers to the above three questions are critical in figuring out what caused this. Also, could either a fellow Mod, or SG member, please send me a PM with links to any tracker entries which are possibly related to this issue?

Thank you.

Thank you.

Thanks. So this is a 7z file, which is downloaded from the internet. You then use a program to unzip it.

Am I correct in assuming you use 7zip to extract the file from the 7z file?

If so, was 7zip installed on your system before or after CIS Beta was installed?

Thanks.

I use a program HaoZip before installed CIS Beta

Thank you. Please update your first post to explain that you downloaded it in a zip file, then unzipped it using HaoZip (which was installed previously to CIS Beta being installed on the computer), and only then did you run it. With the new rules it’s very important to ascertain how the file got on the computer, and how it was modified (including unzipping) after being on the computer.

Also, would you mind uploading the .bat file to a file sharing site directly, meaning not in a compressed file? Then download it and see if the same problem happens. This would therefore allow us to figure out whether HaoZip played any role in this bug.

Thanks.

I’ve re-test on haoZip and 7zip But have not been put in the Sandbox, also if i downloads sample By Direct Link and copy or move sample in desktop or any file without folder downloads Do not application is put in the Sandbox

Okay, please update your first post so that it now concentrates on the underlying bug. The issue, at least to me, seems to be that if it is downloaded in a compressed file, and then extracted, it will now be run unrestricted. Also, in your first post please note whether haoZip and 7zip were installed before or after CIS Beta was installed. I’m not sure, but that information may be helpful.

Thanks.

I edit them

Thank you. I made some more changes to the first post, and altered the title. Does everything look correct?

Please check Bug 1209.

Thanks.

Thank you.

sd ahmad, I made some more changes to the first post, and altered the title. Does everything look correct?

Thank you to modify topic :-TU

It seems everything is true

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again.

The issue has been resolved :-TU

I’m very happy to hear that. I have closed this in the tracker and will move this post to Resolved. If this re-appears in a future build please let me know by responding to this topic.

Thank you.

I need to know something. When you tested this did you use the default configuration or proactive? It seems possible that this is fixed for proactive, but not for default. Thus, it’s important to test this. Please let me know what you find.

Thank you.