Sandbox prevents PlayWithSix working

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?:
    Yes

  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    1: Enable Sandbox on Partially Limited (Firewall on Custom and HIPS on Safe Mode but if I disable just Sandbox the problem disappears)
    2: In PlayWith Six http://play.withsix.com/ try to update a mod
    3: After a while, PWS reports an error and is unable to update the mod. The error is ‘HostListExhausted’ so it appears as if it was unable to connect to the server.

  • If a software compatibility problem have U tried the conflict FAQ?:
    Yes

  • Any software except CIS/OS involved? If so - name, & exact version:
    No

  • Any other information, eg your guess at the cause, how U tried to fix it etc:
    PwS uses one or both of zsync.exe and rsync.exe to update mods, which are both in C:\Users[username]\AppData\Local\SIX Networks\Shared\tools\cygwin\bin and are allowed to be run as exceptions in the PwS HIPS rule. Adding C:\Users\Main\AppData\Local\SIX Networks\Shared\tools\ as an exception in the Sandbox doesn’t help though and the Sandbox is still preventing them from being able to connect to the server and update the mods.

[/ol]

B. YOUR SETUP
[ol]- Exact CIS version & configuration:
7.0312140.4101

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    Firewall, HIPS, Sandbox

  • Have U made any other changes to the default config? (egs here.):
    Of couse. I’ve created Firewall and HIPS rules and disabled Website Filtering and enabled Enhanced protection mode for HIPS at least. There’s probably other changes I’ve forgotten about.

  • Have U updated (without uninstall) from CIS 5 or CIS6?:
    Yes

[li]if so, have U tried a a clean reinstall - if not please do?:
No

[/li]- Have U imported a config from a previous version of CIS:
Yes

[li]if so, have U tried a standard config - if not please do:
Yes. This resulted in repeated prompts saying that rsync.exe and zsynce.exe were running isolated and clicking on “Don’t isolate this program again” still resulted in further popups saying it was being run isolated, although eventually these stopped and PwS did update the mod successfully. Telling it not to isolate those programs again has not created an exclusions for them in the Sandbox settings.

Checking the HIPS rule for PwS, this time in addition to exceptions for rsync.exe and zsync.exe, it had one for C:\Windows\Microsoft.NET\assembly\GAC_32\Awesomium.Core\v4.0_1.7.3.0__e1a0d7c8071a5214\awesomium_process . There are also allowed application HIPS rules for that program and zsync.exe, which weren’t there before. If I delete all three HIPS rules and set popups to verbose mode and enable Create rules for safe applications, the next time I start PwS it doesn’t prompt me at all, it updates the mod fine and when I check it’s created the HIPS rules for PwS, zsync.exe and awesomium_process automatically and silently.

Even more strangely, if I delete all three HIPS rules again, disable ‘Create rules for safe applications’ and restart PwS, this time it doesn’t prompt me at all but it updates the mods fine and when I check it hasn’t created any HIPS rules!

Although ‘enable enhanced protection mode’ is unticked after changing to the default config, I haven’t rebooted and it says it needs to in order to enable/disable that, so I assume it is still just as active as when I was using my own config, so that can’t be the difference that is making it work now.

[/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 7 x64, UAC disabled, Administrator

  • Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
    Avast antivirus
    [/ol]

[attachment deleted by admin]

Well I ticked ‘enable enhanced protection mode’ and rebooted and PwS still works and updates the mods without prompting me at all and when I check, it’s created rules in HIPS for PwS (withSIX-Play.exe) and awesomium_process but not for rsync.exe. I don’t understand why it’s not asking me for permission anymore though before creating the rules.

I changed the Firewall mode from Safe to Custom and then got some popups for that but I got one for AvastSvc.exe which is now stuck on the screen and I can’t do anything, so I’m going to have to reboot!

Comodo and Avast do not always play well together. You do not really need Avast AV with Comodo Internet Security installed. You should also update to the latest CIS as it has bug fixes. Here is the link: http://cdn.downloads.comodo.com/cis/download/installs/3000/standalone/cispremium_installer.exe. Good luck. :slight_smile:

I’m just using Comodo Free Firewall, so I need a separate AV.

It seems to be working OK now with the default profile anyway, I just need to stop it automatically creating HIPS rules without asking me now.

So do you still believe there is a bug in CIS?

If so please do update to the most recent version and make sure the same issue occurs with that one.

Thanks.

Okay, as it seems this is likely a fixable issue, and not a bug, I will move this to the HELP section of the forum. However, if this is a bug, let me know and I can move this back for consideration.

Thanks.

I’ve had to leave Sandbox disabled for now as some stuff just wasn’t working with it enabled.

I’ve just had to disable it on my brother’s PC as well as it was preventing Ant Movie Catalog from connecting to the Internet. I disabled the Firewall, then HIPS but only after disabling Sandbox (and restarting AMC otherwise it’s left running Sandboxed I guess) and re-enabling the Firewall and HIPS, did I get a HIPS popup asking if I wanted to allow it to do something. He was also unable to launch the Window Repair (AIO) tool Tweaking.com - Windows Repair Free/Pro until after I’d disabled the Sandbox and again a HIPS popup appeared.

So for whatever reason having Sandbox enabled is preventing the HIPS popup and not giving me the opportunity to tell it to Allow something or set an App as an Allowed Application and it is being blocked and thus doesn’t work.