1. What actually happened or you saw:
Most programs run directly on windows when i install the wrong program i might still have to reinstall windows.
2. What you wanted to happen or see:
Run all programms that are not windows, system driver or comodo software in a hierachical sandbox with different levels so in the case something gets messed up i can just clean one of the sandboxes instead of reinstalling the system.
Programs that are safe and needet by other programs would run in a higher level sandbox while unknown application would get each an own sandbox.
Add an easy maintain and clean interface to the sandbox system
3. Why you think it is desirable:
It would make the os much more safe, easy to maintain and would keep the os free from virusses as long it cannot break out of the sandbox
4. Any other information:
It would look like this:
Harddisk: Windows, driver and comodo programs
Sandbox Level 1 Trusted Applications that are 100% safe
Sandbox Level 2 Unknown Applications seperated into own sandboxes with only read access to sandbox lvl 1
Sandbox Level 3 Known harmful software with each an own sandbox and no read access out of the sandbox and extra restrictions.
The user should be able to move programs between the sandboxes.
Driver should get an own management system.
The idea behind this is to
Be able to execute Every program in a Sandbox without asking the user and in this way improve the security and use ability of cis
Make sure that a unknows application is sandboxed seperately and therefore can not do any harm to any other program on the computer and does not get access to private data or user files.
What is more would then be a need for some kind of Sandbox manager / browser.
Data Loss is indeed an important subject. You are suggesting that each application should be sandboxed separately in order to minimize the risk. Am I right?
The base idea is to not let anything change the os at all and a wipe of the sandboxes would reset windows to the installation state.
In this sense trusted applications could run in a sandbox where they can still access each other while the untrusted applications should run each in its own sandbox.
Let’s further discuss how the following categories should interact with each other, assuming your previous wish request is implemented + ability to sandbox applications based on file rating, maybe.
Because even if they are labled safe they might
A) Not be safe at all (as example someone highjacks the certificate, or any other reason you have no control over at all)
B) Be safe, not include any malware but abuse the os in a way that will mess it up. slow it down destroy important function of the os or just have a bug that somehow vandalize in some other way.
Here is the flaw and also a huge hole in the comodo defense as i see it. And while A) maybe can be fixed for B) it will be pretty hard to filter the vandalizing programs. But even so there is always something that flys under the radar.
This is why every program should be treated with highmost suspicion and the assumption it willently or accidentally does something bad.
And as such it should be kept away from the os as far as possible.
Sandbox Level 1 Trusted Applications that are 100% safe
That would be like the sandbox we have now but more compatible.
An ability to distinguish two categories of trust in those rules (by vendor group?), and perhaps deal with the category ‘suspicious’ and 'pup’separately (a slight extension to your category).
Then you would have this ability. It would merely need the definition of some rules?
So this wish amounts to a request for 1 and 3 really, and maybe a config with these rules as standard
Am I misunderstanding? Remember that apps to which no rule applies - your hard disk category - are not sandboxed. And you can choose to sandbox files at different levels
“So this wish amounts to a request for 1 and 3 really, and maybe a config with these rules as standard”
Yes. However i don’t know the current rules not since i still have cis 7
I just thought about it and i would say most programs dont need access outside of their context so all could be sandboxed as untrusted with only read access to the standard windows files and the file system.
When a program tries to access a user file outside of its context the user would be prompted to allow or disallow it and define a default for read / write access outside of its context. This could substitute 3.
Also a difference to the sandbox we have now would be that it should be normally visible from the explorer and from other programs.