Sandbox setting "Run only safe applications"

From the help guide:

Run only safe applications - Only applications from Trusted Vendors or those in your list of Trusted Applications will be allowed to run on your computer. All other applications will be blocked

So, if the user enables this option, the app won’t be checked in the Comodo safelist (cloud whitelist database), but only in the local TVL ?

files are identified as trusted in the following ways:
  • The application is from a vendor included in the Trusted Software Vendors list
  • The application is included in the extensive and constantly updated Comodo safelist
  • User Rating – You can provide ‘Trusted’ status to your executables by adding it to the Trusted Applications list.

I just tested it against an unsigned application which is trusted by cloud whitelist (virustotal uploader) and it was allowed to run with that sandbox setting selected. So it still queries trusted file hashes.

ok, thanks for checking :slight_smile:
i was thinking it could help against whitelisted malware… but i think the only way to achieve that is to manually trim down the TVL and disable cloud lookup for unknown files

EDIT: no, in CCAV that option is for sending unknown files to Valkyrie. Any file not in the TVL will be analized on cloud, so you can’t avoid whitelisted malware… :-\

I made a wish;msg859245#msg859245