Sandbox setting "Run only safe applications"

Jon79 · May 19, 2017, 9:51pm

From the help guide:

Run only safe applications - Only applications from Trusted Vendors or those in your list of Trusted Applications will be allowed to run on your computer. All other applications will be blocked

So, if the user enables this option, the app won’t be checked in the Comodo safelist (cloud whitelist database), but only in the local TVL ?

files are identified as trusted in the following ways:

The application is from a vendor included in the Trusted Software Vendors list

The application is included in the extensive and constantly updated Comodo safelist

User Rating – You can provide ‘Trusted’ status to your executables by adding it to the Trusted Applications list.

Yousername · May 20, 2017, 12:28am

I just tested it against an unsigned application which is trusted by cloud whitelist (virustotal uploader) and it was allowed to run with that sandbox setting selected. So it still queries trusted file hashes.

Jon79 · May 20, 2017, 4:56am

ok, thanks for checking
i was thinking it could help against whitelisted malware… but i think the only way to achieve that is to manually trim down the TVL and disable cloud lookup for unknown files

EDIT: no, in CCAV that option is for sending unknown files to Valkyrie. Any file not in the TVL will be analized on cloud, so you can’t avoid whitelisted malware… :-\

Jon79 · May 20, 2017, 11:25am

I made a wish
https://forums.comodo.com/wishlist-ccav/avoid-whitelisted-malware-t119526.0.html;msg859245#msg859245