Programs Creating Their Own Defense+ Rules

Why is it that programs are allowed to create their own Defense+ rules?
In the ‘Computer Security Policy’ with Defense+ I keep seeing many programs I’ve installed with rules which I haven’t even authorized.
Some of these rules allow access and allow changes to protected files and folders including windows files folders and registry keys.

In one program under Defense+ rules the program has created a ‘Custom policy’.
Then under the ‘Protected files /folders’ column it has checked ‘Ask’.
Then under ‘Exclusions’ there is a rule added.
Within this rule under ‘allowed Files/Folders’ tab it has ‘Root’ folder then the * symbol, meaning this program has the right to access and alter any file or folder on the entire system!

How can a program be allowed to create a rule to alter any file or folder on your entire system?
Surely this should be authorized by the PC owner during installation where most people would say no.

Why is it that programs can create rules within Defense+ in the first place, as only the PC owner/administrator should be allowed access to and Create Defense+ Rules in the first place.

Some programs will be allowed to alter any file it sees fit including protected files / system files.

I don’t want anything allowed to access to my protected files.

Who is allowed to create Defense+ Rules?

Defense+ > Defense+ Settings > General Setting tab

is Create rules for safe applications checked?

Can you list the programs that are making their own rules it maybe helpful to the mods…

Yes I have ‘Create rules for safe applications’ checked.

Does this mean when you say an application as safe, Comodo creates Defense+ rules to allow it to alter files within its own root folder,
or the root folder of the PC?

All I see is a symbol for root folder then an * symbol. Meaning the root folder.

But the root folder of what?

Defense+ team should shed a light on what rules are created for safe applications.

The rules are learned, based on what access the program requests. Depending on the security profile and level of inspection, the program will ask a pop up, otherwise if its in the trusted list it will automatically allow create rules to allow the appropriate access. I personally I don’t see a reason to use the create rule for trusted applications, as a large rule list slows down performance, and its not much more secure. If you want to use rules instead and have max security you should use a higher security profile like paranoid mode instead of safe mode, but this comes at the cost of performance for processing large amounts of rules.