It’s a bit difficult for me, I’ll leave it as it is. Thank you all for participating
1 Like
But why do my browsers work in Comodo Sandbox in a proactive mode? And I did not turn off any sockets!
Browsers Catsxp and MS Edge. But others also worked without problems.
Possible instructions to sandbox browser with Proactive Security active:
(Credits to cruelsister1 @ YouTube)
// Comodo Sandbox Browser
Step 1:
Containment > Auto-Containment > Add > CRITERIA > Edit > File Location > Browse > Files > "<browser.exe>" > OK
> OPTIONS Tab > "Set Restriction Level" *Checked* = "Partially Limited" > OK
Step 2:
Firewall > Application Rules > Add > Browse > Files > "<browser.exe>"
> Select "Use Ruleset" > "Web Browser" > OK
Hello, do you have a video showing how to do it step by step, because I tried to do it with what you said and I couldn’t reproduce it.
Sure, I found the video and I’m sharing the link with a timestamp. Now the video is 7 years old and there was a comment from someone saying they couldn’t get it to work with Firefox…
https://youtu.be/vktNQCwB2UY?t=227
1 Like
I did the test step by step as the video says, but this message appears preventing me from continuing…
The message says: “The rule cannot be added, as it may affect the stability of the system. Try reducing the scope of the rule and try again.”
Well, there is no way for me to reduce the rule.
If anyone knows how to do it, I would be grateful.
These instructions shown above are for cases when you need your browser to always be launched in Containment with a simple double click of the left mouse button.
I use my browser with Containment and without it (sometimes even at the same time). When you need to in Containment, I just open the context menu on the browser icon on the desktop and choose the line “run in Comodo Containment.” I don’t know any instructions, I don’t remove any sockets, I don’t understand, why you can’t start the browser on Containment and go on the Internet …
What am I doing wrong? Or you?
Seems to work for some and not for others unless you don’t have this in your HIPS Protected Objects (even with HIPS disabled)
Greetings dear Xiao_Fan-Qilin. Perhaps the fact is that the AUTO CONTAINER is configured to “run virtually” with the “limited” restriction
Automation has nothing to do with it, I run browser manually.
It’s amazing that for me and for several users who have already posted here in this topic, which has over 390 posts, it has already been said that it doesn’t work.
It could be that it’s your version, we’re using the most recent one.
If you’re using the most recent one, something has been done, because only you are getting it and no one else is getting it.
Check your version, if it’s the same, check other settings according to the post that was made here in this forum.
Cheers;
1 Like
If you wrote it to me, then I have CIS 12.3.3.8140.
That makes sense then. In .8162 they added a fix to deal with a containment vulnerability issue where the set containment level was being ignored and only being contained as partially limited. The fix included adding Windows Sockets interface into the HIPS protected objects which has proven to block network connection for contained apps.
1 Like
OK, then I will not update to 8162+ as much as it turns out …
But there is a question - why make changes that worsen use by the product?
1 Like
It actually improved the security of containment but I guess for those who want to browse in a sandbox, it’s an issue and I’ve not really investigated an effective while still secure workaround.
2 Likes
That’s interesting that you’re using the version with the revoked certificate. That was two versions ago. That was the last version not affected by the bug which makes the program unusable if you uncheck “Rate applications according to their vendor rating” under File Rating Settings. There’s been some regressions…
This version was installed in the system before the certificate problem. And after that I updated the system more than once, but I did not reinstall CIS. And the problem of the certificate somehow bypassed me. 
Hello friend, @Xao_Fan-Tzilin you better update your CIS to the new version, because it will be better for you with the new security that has been implemented.
Hugs.
Greetings, dear EricCryptid and New_Style_xd. I installed the program “Sandboxie Plus 1.15.8 (David Xanatos)” to work with browsers in the sandbox and everything works fine.
I also use this program, since CIS does not work in the PROACTIVE configuration.
This program works with the internet. What we need is for the CIS team to fix this.
But if they don’t fix it, I’m using another sandbox. How are you using it, my friend? @nik.luckin
1 Like