If I add my files and folders to a group of Protected folders, does it mean that all applications in the list of “unrecognized” apps won’t access these files and will not be able to send my files anywhere through the internet?
it means you will be alerted when any unrecognized application attempts to modify those protected files/folders. HIPS wll deny write access but does not stop read access.
How do I prevent reading these files? I don’t want these files to be sent to the internet by any service or app.
you should add your files to protected data folders
that cis help page
6.4.4.5. Protected Data Folders
The data files in the folders listed under the ‘Protected Data Folders’ area cannot be seen, accessed or modified by
any known or unknown application that is running inside the container.
Tip: Files and folders that are added to ‘Protected Files’ interface are allowed read access by other programs but
cannot be modified, whereas the files/folders in ‘Protected Data folders’ are totally hidden to contained programs. If
you want a file to be read by other programs but protected from modifications, then add it to ‘Protected Files’ list. If
you want to totally conceal a data file from all the contained programs but allow read/write access by other
known/trusted programs, then add it to ‘Protected Data Folders’.
conteined apps stand for unrecognized
but you wanna any apps can’t access your files you add them to blocked files but i dont know you can access this files after adding to blocked files so you do it your own risk for second option sorry for bad english
6.4.4.2. Blocked Files
CIS allows you to lock-down files and folders by completely denying all access rights to them from other processes
or users - effectively cutting them off from the rest of your system. If the file you block is an executable, then neither
you nor anything else is able to run that program. Unlike files in ‘Protected Files’, users cannot selectively allow
access a blocked file.
Looks like COMODO will prevent files from being read by an app if I make files protected and contain the app making it untrusted or restricted. If COMODO guys could clarify this…
you should add to protected data folders and comodo guys are at holiday since a month ı think
I can add it to protected data but also I have to make the application CONTAINED, which means it should be added to contained list. But in that list there are a few options - run virtually, run restricted etc. I don’t want to run this app virtually because it should update normally, but I don’t know what exact limitations are in Run restricted mode. So COMODO help gives general explanation and does not explain anything it just creates more questions so I need someone from comodo team to ask questions
you can ask same questions at malwaretips forum they re advanced users of comodo and give you some detailed info at comodo thread you can ask users like cruelsister etc
Ok