sandbox feature (answered)

On a clean install I have added Google’s Chrome browser to the sandbox as “fully virtualized.” I then loaded the browser, which has a green border around it reflecting its supposedly sandboxed status. To test, I then attempted to install the AdBlock plugin.

With the browser being “fully virtualized,” I would have expected this operation to fail. However, it did not and the plugin installed itself just fine. The installation persisted through closing and re-loading the browser. How is an application “fully virtualized” if it’s able to make modifications like this?

I like Comodo, but it seems the “sandbox” creates a false sense of security.

Did you install Adblock Plus on the sandboxed Chrome or the unsandboxed Chrome?

Also, if you did install it on the Sandboxed Chrome was it also installed on the unsandboxed Chrome?

I don’t think you’ve understood the purpose of the fully virtualized sandbox. The FV sandbox will allow you to do pretty much anything, download malware and what not but all these modifications are only in the virtualized environment and when you restart you will be back to normal however if you run the virtualized applications again they will still have the modifications. So you can now run the “Reset Sandbox” and boom all the changes done by FV sandboxed chrome and malware are now gone and are back to as before you ran the virtualized applications or made the changes etc.

Hope you understand what I’m trying to say.

Edit: But then we have another issue, the fact that browsers like Chrome syncs the settings, so if you install an extension inside the FV chrome, and you have sync on, this will come back to the non-FV chrome. This is indeed a problem and hence you should turn off any syncing inside the FV applications.

AdBlock was installed in the sandboxed Chrome, but I have misunderstood how the sandbox functions, as SanyaIV says. I was not aware it maintained state between sessions of an application being loaded; the “Reset” feature cleared all the changes made by Chrome and they were not actually stored outside the sandbox.

Thank you for your responses, and sorry for my misunderstanding.

No problem. The Fully Virtualized sandbox can be a little confusing at first.

If you have any other questions feel free to ask.


If I right click on a browser shortcut on my desktop and select “Run in COMODO sandbox” will it run it as fully virtualized?

I think so. Please try it and make sure it’s working correctly for you. All FV sandboxed apps run with a green border.