Thanks for submitting the bug report in standard format.
Could I enquire:
- Whether User1 and User2 were admin or normal user accounts?
- Whether the same happens if you disable Avira and reboot first
Thanks for taking into account the issue I reported.
Thanks also for your suggestions.
Indeed it appears that “sometimes” the issue doesn’t occur.
I ran several tests and I’m currently unable to determine the conditions for which the problem happens.
So I need more time in order to discover the triggers and post a more precise bug report.
OK will leave here for the moment, awaiting that information.
(Answers to my questions would also be greatly appreciated).
I have found that fast switching several times quickly between admin and limited users causes a D+ error. That may help in pinning this down.
Anything further on this?
I’ve found the root issue: comodo graphical user interface (GUI) is not in sync with rules currently applied!
For example if you apply a rule in one user session and switch to another user session previously opened, then the new rule is correctly applied BUT doesn’t appear in GUI (this is the issue). And so, if you close this GUI, the rule is removed.
Here’s an updated scenario (run with Avira disabled):
Boot Windows 7 64-bit computer
At login screen, logon with USER1
Return to login screen, without logging off (select “Switch user” and not “Log off”)
At login screen, logon with USER2
Double-click on notepad.exe and check it works
Open comodo GUI
Add a rule for preventing notepad.exe to be run by explorer.exe
Close comodo GUI
Check the rule is correctly applied: double-clicking on notepad.exe no longer works
Return to login screen, without logging off
Return to USER1 session previously opened
Check the rule is correctly applied: double-clicking on notepad.exe doesn’t work for this user either
Open comodo GUI
Observe that the rule is NOT present. This is the issue!
Close comodo GUI
Observe the rule is no longer applied: double-clicking on notepad.exe now works. The rule has been lost. This is also an issue!
This scenario has been replicated with USER1 and USER2 as standard users and also for USER1 as admin user and USER2 as standard user.
The Defense+ rule is only an example: firewall rules or other settings (such as parental control) are “managed” the same way.
In fact the configuration settings are read only once for a user session (when it’s created) and never reloaded, even if they are changed in another user session.
Thanks for some very useful additional analysis, and an excellent bug report.
Forwarding to verified now.
What you did: Changed Firewall Rules in one user account, other users did not see the changes. Last man logging out had his configuration saved, so any changes made by other logged-in users were lost.
What actually happened or you actually saw: Each user has his own firewall configuration state, independent of other users. Users each seem to have own firewall ruleset in memory, which won’t change if other users change firewall rules.
What you expected to happen or see: When a user changes firewall rules, they are reflected in all logged-in users.
How you tried to fix it & what happened: Uninstall, re-install. Behavior remains same.
If its an application compatibility problem have you tried the application fixes?: N/A. Could be Windows 7 Fast User Switching. I have UAC cranked up to Maximum.
Details (exact version) of any application involved with download link: N/A
Whether you can make the problem happen again, and if so exact steps to make it happen: Can vary logins / logouts / rule changes , and it happens every time. The last user logging out has his firewall configuration saved. I don’t know whose rule configuration would “win” if multiple users are logged in and the machine is re-booted.
Any other information (eg your guess regarding the cause, with reasons): Each user has an in-memory copy of the rules.
- A step-by-step recreation of the problem, with Comodo screenshots.
CIS version: Firewall + Defense+ 5.0.162636.1135, base out-of-the-box configuration with Stealth Ports wizard run to enable LAN access, and removing ICS check box (running behind a NAT router, no ICS):
Have you updated (without uninstall) from CIS 3 or 4, if so have you tried reinstalling? No update, have tried reinstalling. No Effect.
Have you imported a config from a previous version of CIS, if so have U tried a preset config? No. Using nearly-vanilla configuration.
Defense+ and Sandbox OR Firewall security level: Firewall is Safe Mode, Defense+ is Safe Mode, Sandbox is Enabled.
OS version, service pack, no of bits, UAC setting, & account type: Windows 7 Professional x64, UAC is maxed, User A is Administrator, User B is normal User. (Users A and B are the two users doing this, in the attached document.)
Other security and utility software running: AVG Antivirus 2011. No Windows Firewall, no Windows Defender.
Virtual machine used (Please do NOT use Virtual box): None (except I used VirtualBox simply to create a firewall rule from a triggered Firewall alert, but I’ve replicated this with manual method of firewall rule creation)
[attachment deleted by admin]
Thanks. This has been reported by another user so I will merge.
Yes, I just noticed! I hadn’t searched for a few days, it took me a while to get myself together to put the bug report together.
FYI, this issue is still present in CIS 5.3.
FYI, this issue is still present in CIS 5.8.
Still present here to. Egemen, or other dev, feedback would be appreciated if possible.