I’m having trouble sandboxing- WindowsLive Messenger and GoogleChrome. I add them into the sandbox by…
Comodo → Defense+ ->sandbox->add program to the sandbox
However when i shutdown chrome\msn and restart them - I’m having very bad compatibility issues. Chrome crashes and windows live won’t sign in.
Chrome needs the -no sandbox and -single process command line switches, as described in the FAQ.
Best wishes
Mike
You could try running WLM virtualised unrestricted. Or by using ‘Run in’ not ‘Add to’. Wierdly this can make a difference.
WLM could not be run properly out of the sandbox previously, so this is progress maybe?
Best wishes
Mouse
That sucks.+ I can’t even run Iexplorer.exe on anything above limited. I can’t run Utorrent succesfully either ??? in-fact even after the errors and crashes when i check running process i see they are running…(i guess inside the sandbox?) but I can’t terminate them.
I think limited is regarded as reasonably secure, but I’m not a security expert!
Running Chrome via ‘Add a’ with the -no sandbox switch removes its own sandbox and replaces it with the CIS sandbox
Sorry no info on Utorrent, but I suspect the problem is the number of processes limit on sandboxed items. So you could run maybe unrestricted virtualised?
Best wishes
Mouse
Re Utorrent, maybe restrict it to processes = 9 at the utorrent end and run it [edit] limited?
Think its great that you are testing these ‘gates’ by the way. Have not got beyond browsers myself.
Now… maybe CAS…Maybe Outlook?
Best wishes
Mouse
Thx… got Chrome working as sand-boxed. added “no sandbox” at the end of chrome. However - When i download something through chrome it seems that comodo’s file virtualisation is working and the downloads still appear in the appropriate place… eg… Kyle\downloads where as they should be placed in comodo’s sandboxed folder ?
Hmm check to see what is in the mirror folder under Vritualroot?
I have downloads from 4.0 in that folder
Mouse
Nope, Nothing is mirrored in regards to chromes downloads while sandboxed.
OK this is a 4.1 change I think then. Probably assumes that anything downloaded is an installer. When a browser is sandboxed virtulaised 4.1 appears to assume that any installations run from the browser are to be non-virtualised. (4.0 created virtualised installations under these circumstances that sometimes did not function).
I think other browser traces will be virtualised though?
Best wishes
Mouse
Yeh that sounds right from what I’ve seen.
Do you know if there is any plans to make the program more like Geswall\sandboxie\defensewall… ish ?
Bump! ;D
From what I understand, the automatic sandbox will have the highest priority. But this will probably include, at some stage, virtualisation, as defined in the Intro to the Sandbox.
As I understand it manual sandboxing, including virtualisation, may be developed to provide the same (or similar) levels of security, privacy and program functionality as currently provided by Sandboxie. But I am not aware that there are any plans to use all the same mechanisms.
For example there are no plans, I think, to completely virtualise software installations, but more of the things that are achieved by such virtualsation may be achieved using different mechanisms in future versions of CIS. This is in part because the mechanisms used to virtualise installations this are becoming more and more difficult to use as Windows itself becomes more secure.
Best wishes
Mouse