I would like a feature that allows me to set exceptions for certain applications within a file group for DNS Client Service, Loopback Networking and all objects D+ monitors against direct accesses.
Of all types of access rights, the ones I mentioned above should have a ‘Modify’ button under the ‘Settings’ column. Unlike the types of accesses, for which you can set ‘blocked’ & ‘allowed’ application exceptions, this one would be different in that the exceptions you set would be from the file group you would be applying the settings to. For instance, if I create a ‘file group’ of a bunch of applications of which only one does not access the DNS Client Service, I would set a global “allow” but block it for that particular application through the “Modify” interface.
For Direct Disk Access, specially, if possible, there should be an option - along with setting application exceptions - to specify which drive it could/should access.
It looks like you want to do the sort of thing that made me add this wish list:
https://forums.comodo.com/defense_wishlist/idea_for_increased_security_and_configurability-t38559.0.html
If you could force a pop-up for groups of applications everything without a rule would be blocked with parental mode on and it would be easy to allow if parental control were off. These sort of actions should not be common so you should not get many pop-ups.
Your idea would extend this. It might make it more confusing to use as the exceptions for the top rules would be targets and the exceptions for the lower rules (your ones) would be the application. Some advanced features like this could be invisible unless an advanced option was ticked.
The reason behind my idea is a bit different. I am looking for more flexibility when setting rules for file groups. Since having multipe entries for one application is not possible, I thought that where and when found necessary to set exceptions within a file group, it could be added through the interface - as I have ideated.
As applications are grouped on the grounds of behavioural similarities, it is highly likely that one or many application(s) in a file group might require access(es) which is/are specific to it/them. It is also very likely that one of these accesses, if allowed for applications that do not need it, will render the system vulnerable.
That is why I had thought up this idea so that accesses could be set on a per-application basis within file groups.
Won’t be a probelm as Defense+ would search all across the “Computer Security Policy” for a matching rule. I feel, an order-based rule preference is better applicable to the firewall.
If you had my “force prompt” idea you could set up a predefined security policy with this in and give this to different applications without using a group. You could then let each application override the predefined policy as required and there would be no need to save exceptions within the group.
I don’t understand how that would work. For object accesses, it is one single entity the application would be accessing. How can you set a force-prompt as an exception in a file group?
Another way to implement my wish would be having system-wide rules (I had proposed this idea in another thread). That would work much better. This way, you will click on an access (for example: physical memory) and add a list of allowed and blocked applications. When you create a file group, in which, to one of application you would like to block access to the physical memory, you would tell the D+ to consult the global settings (This would be a check box at the end of the row of an access).
- Application rules would override global rules.
- When no application rules are found, global rules are in effect.
- If, for an application, you want D+ to refer to the global rules you would tick the check box (see above).
My last post was about single application entries and not groups. I prefer the use of file groups myself.
I have tried to explain my ideas better in my most recent post here:
https://forums.comodo.com/defense_wishlist/idea_for_increased_security_and_configurability-t38559.0.html