I am running BOINC scientific distributed computing client. For those who are unfamiliar with it, the software periodically downloads executables from the project server, saves them into a specified folder (“D:/ProgramData/BOINC/projects/projectname/” in my case) and then runs the executable to perform the computation and reports results back.
Since HIPS has no option to allow an executable to execute other executable without asking (why is there only Ask or Block, but not Allow?), or to permanently ignore whole folder (when I put a folder into Trusted Files, it marks all present files in it as Trusted, but files which appear there later would not be Trusted), is there some way how can I run BOINC without either babysitting Comodo, or disabling HIPS?
Taking a sharp in the dark here, as I’ve never used Bonic, also assuming your using Comodo 6.x
Go to Task (green flip arrow) > Advanced Tasks > Open Advanced Settings > Security Settings > Defense+ > HIPS >
Find your HIPS rule for the BONIC process, click edit. Click modify next to Run as executable.
In the new window right click, Groups. In the File Group manager window expand the bottom tab.
Click Add, select New Group, name it something like BONIC, then Click Add and select Folders, then browse for “D:/ProgramData/BOINC/projects” and it should add it to the BONIC group as “D:/ProgramData/BOINC/projects/*”
Thanks, that seems to work. Altrough I still think you should have an option to allow an executable to directly run any other executable if you really trust it. There is no reason to not include “Allow” in there, when others perhaps equally exploitable options have that setting available.
OK, it seems to work, since the alert frequency has decreased drastically, but I still get an alert from time to time… Its like sometimes Comodo HIPS forgets the rule to allow the folder is in place, even though most of the times it respects it.