new features

  1. provide option to automatically save virus database to manual location which is available in kaspersky

  2. provide option to clean submitted files list.

  3. when i right clicked firefox which is in quick launch, there is no option to run in sandbox. so provide this option for all locations.

some one told me that next CIS version has full virtualiaztion of automatic sandbox. if this is true they is there need for partially limited…limited…etc…

I really see no reason to remove these restrictions.

There is full virtualization in the manual sandbox and it has these rights restrictions. Sandboxie (which everyone loves to compare to the CIS sandbox…) allows you to lower the rights of sandboxed applications as well.

if CIS sandboxed any application, that means it is completely isolated from the real system. so why these restrictions like partially limited, limited…because what ever that sandboxed application do, it doesn’t effect the real system.

This is the highest possible condition, which may not be what everyone wants from Sandbox. That is the reason why CIS Sandbox provides different levels of Sandboxing.

sorry i didn’t understood? please explain me…thanks for reply…

Presently, the levels indicate different conditions of what to and what not to include or exclude from virtualisation.

For example, in Partially limited mode more operations like saving to desktop or reading from filesystem etc are commonly allowed, it makes things more easy for new comers, a sandboxed application can still do more common and non dangerous tasks.

In restricted or above levels, the sandoxing is a bit thorough and more restrictions apply on the sandboxed application. This is not much user friendly as it can crash or hang many applications because they do not get enough previleges to work. But, it gives more security.

In the next version i.e., CIS 6, we are expecting a different strategy and level of visualization which may change this scenario.

but when i use sandboxie, the application which is sandboxed will do what ever i want without any problem. why not in CIS? i think u didn’t understood my point. if the file is sandboxed i.e., isolated from system, why restrictions…?

It all depends on what you want to program to be able to do… As I already mentioned, you can lower access rights in Sandboxie if you wish. Whether or not you see any point to this doesn’t mean others wouldn’t want to use these settings.

if sandboxed application can’t do harm to real system, why restriction?

There is always the chance that a malware can leak out of the sandbox. Nothing is 100%.
That is way sandboxie offers an option to increase restrictions (drop rights) or you can simple use a SUA/LUA.

But yes, i hope comodo offers in the new AS (virtualizattion), a way to install programs without worrying about restrictions. Basically a way to install programs even with administrative rights, without corrupting the program.

As Peter5 mentioned, if something does get out of the sandbox, it will be limited by what it can do on your system do to the access rights imposed upon it.

For example, say you run as an administrator on your system. You have something inside Sandboxie. It jumps out and basically has free reign on your system because you’re running it with administrator privileges. However, if you’d dropped the rights on the application, if it jumps out, it’s basically running as a limited user account. The damage it could do is greatly reduced.

Think of it as another layer of security.

These are all the restrictions you can impose on sandboxed applications with Sandboxie. Sandboxie - Restrictions Settings

thnks for the reply. now i understood and i don’t have any doubts.