A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.
Can U reproduce the problem & if so how reliably?:
Every time.
If U can, exact steps to reproduce. If not, exactly what U did & what happened: 1:Install CIS 2:Manually sandbox any app (for example explorer.exe or VLC) 3:Note that when this app is sandboxed you cannot view most of the folders on D-drive (before and after screenshots attached).
If not obvious, what U expected to happen:
When an app is sandboxed as FV it should still show all folders on D-drive
If a software compatibility problem have U tried the conflict FAQ?:
NA
Any software except CIS/OS involved? If so - name, & exact version:
N/A
Any other information, eg your guess at the cause, how U tried to fix it etc:
Not sure.
[/ol]
B. YOUR SETUP
[ol]- Exact CIS version & configuration:
CIS 7.0.313494.4115
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
HIPS - secure mode, Autosandbox - off, Firewall - user rules, AV - On access scan
Have U made any other changes to the default config? (egs here.):
See attachment
Have U updated (without uninstall) from CIS 5 or CIS6?:
no
[li]if so, have U tried a a clean reinstall - if not please do?:
N/A
[/li]- Have U imported a config from a previous version of CIS:
No
[li]if so, have U tried a standard config - if not please do:
NA
[/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Microsoft Windows 7 Максимальная Version 6.1.7600 build 7600 x64-based PC (“6.1.7600.16385”)
no SP, admin account, no VM
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=no b=no
[/ol]
I’m not entirely sure I understand the issue you are reporting? Are you saying that you set that particular folder on D-drive as a shared folder for the Fully Virtualized Sandbox. You then found that within the Virtual Desktop interface you could not save to that folder?
Is that correct or am I misunderstanding the issue? If I am misunderstanding please explain, as specifically as possible (with screenshots if possible), exactly what you are experiencing.
In sandbox have protected and share folders. All has been visible in drive "D:", but protected folders are empty. It’s correct.
After changing windows ACL in drive "D:" in sandboxed “explorer.exe” no visible some share folders and protected folders (see screen for no sandboxed and sandboxed explorer.exe).
So is the issue that when explorer.exe is sandboxed many folders on the external drive are not visible?
If so, can you please show me screenshots showing me what rules have been created for protected and shared folders? I’m trying to wrap my head around this issue.
I think the best way to approach this is to reinstall CIS by following the advice I give in this post. You can export your configuration before reinstalling, but after reinstalling do not initially make any changes to the settings, or import the old configuration. Until we figure this out please see what happens with a default configuration. Do those folders still become invisible?
Also, I believe that CIS treats all hard-drives other than C-drive as external hard-drives. Thus, that may at least be part of why you are seeing the behavior you are seeing. Please try reinstalling and let me know what happens.
I was unable to delete the CIS. During uninstallation appeared as a blue screen and CIS not include in installed programs list, but not fully uninstalled.
Thank you for checking that. I have edited your first post.
I’m still trying to narrow down exactly what the core of the problem is. Please look over your first post and let me know how well I have captured it. From my understanding all of the folders on d-drive should still be visible. Thus, my thinking is that is the core of the issue. Do you agree, or have I misunderstood the issue?
Fully sandboxed application is invariant of way of start. All sandboxed application (notepad, torrent, media player) have the same behavior (setted in settings as fully virtualized).
In 7
There were also modified other access rules on the system drive (possible side effects on the COMODO configuration)
Probably, it is necessary to specify that after change ACL that COMODO completely uninstalled with Comodo Forum and Comodo Forum and installed again with default options.
Do you mean that for any of these programs if you try to browse to find other files almost all of the folders in D-drive are invisible?
Yes. This behavior for all programs. Even if you enter the full path to the file manually, they do not find it.
So do you mean that now there are no changes to the configuration, but that this still happens?
Yes!
It seems that there are any weird side effects from ACL of "C:" drive.
Although no additional prohibitions in C-drive, like, not settles. Neither before nor after the new installation.
May need to check the ACL folder COMODO, but I don’t know what folders and what they should ACL.
Okay, I have edited the first post and changed the title of this bug report. Let me know if you see any problems. If you see no problems I will forward this as a bug to the devs.
This behavior in a virtual machine with a clean system do not repeat
It seems the problem is not in the sandbox, but in the fact that the new plant can not verify the integrity of the COMODO system that is apparently violated the file system ACL.
If not obvious, what U expected to happen:
When an app is sandboxed as FV it should still show all folders on D-drive
Probably we should add:
Installation and diagnostics, does not reveal problems with the ACL or any other problems. But must do it with user-friendly messages.
