modify protected directory / run exe

Help for v3
#1

hi there,

being new here I’ve used kerio firewall some years now before installing CPF. I’m having my problems with Comodo Firewall but I’m still coming back - so it can’t be too bad, can it? :wink: Well having said that I’d like to solve some issues with v3 so I’ll hopefully grow more content with CPF as time goes bye:

#1 The first problem is this message I receive from time to time: “[application name] is trying to modify a protected directory”. How can I define rules that allow applications (prior to getting that message) to modify directories? I can’t seem to find any trigger in the rules sets where I could allow applications to modify directories although I trust them.

#2: access rights in defense+: Why is there no “Allow” in the “computer security policy” - “access rights” -section for “Run an executable”? I’d like to define really trusted applications that can do what ever (!) they want. But there’s always something that Comodo wouldn’t allow and ask (in my eyes) unimportant stuff as I will allow it to that trusted application anyway! I’d say either it’s a trusted application or it isn’t. And that’s what I’d like to mirror in my rule sets. For more restricted applications I can still switch single things to “Ask”…

Thanks beforehand for any help and please excuse any wrong typings as English is not my mother language.
SubZero

#2

Hi,

  1. computer security policy/application name/edit/access rights/protected files and folders
    (if i understood you correctly)

  2. select predefined policy “windows system application”

#3

thanks very much for the quick reply (:HUG)

#1: I must have overseen that - at least it looks like what I’ve been searching for

#2: I’ll try if that helps although I doubt it: The “Windows System Applications” predefined rule set also has only “Ask” and “Block” as options for “Run an executable”… so how should that help? ??? But anyway I’ll try it. :slight_smile:

again thanks for the help!

Regards
SubZero

#4

Yep, it is really set to ask, but it has * in allowed exceptions which means that every executable is allowed to run without any alert. Btw, if you add * to exceptions manually (any app in custom policy), you’ll receive same result.

#5

wow, that is a really useful information. Thanks very much! :■■■■