Seperate Sandboxes for legitimate applications. (More layers)

Comodo’s sandbox techinically CAN be used to isolate legitimate applications and the changes they make to the system, but it’s primarily a tool for helping the user identify new yet unknown (even if only to the local database) malware.

Comodo should have features for if/when the user would want to have isolated spaces to run legitimate applications. Complete with forced sandboxing rules for specific containers created, Do not isolate access to folder rules defined for each container and the option to auto block privilage elevation to specified containers. It would also be nice to be able to use each container in virtual desktop mode and to be able to pick and choose which containers you would want to clear at any given time, or even for the containers to be cleared after X-number of days/weeks

For any users that would want to use the sandbox this way, this would be awesome for browsing…certain kinds of websites…or even just to test new software to see if they like it. Maybe they’re like me and they visit unfamiliar websites every day. maybe they want a container specifically for a little one to use so their PC is protected from that little one. Other benefits of doing this include, but are not limited to. Browser based coin miner mitigation and containment. An added layer of defense against drive by downloads and fake virus alert popups. And being able to clear ALL of your browsing data from that session and thereby reverting your browser back to the way it was before containing it.

Hello DrAlrek,

Thank you for submitting the wishes.
First of all I would like to appreciate your effort and Could you please always add a poll on your wish. With the help of the poll results we can able to calculate the user value on our priority list of wishes.

Best Regards,

Never mind! I figured it out!

Sorry, I didn’t see an option to do that. As a comodo staff member, can you add a poll to it like…

Option 1: Yes, I’d love this.
Option 2: Indifferent, but other people would probably like it
Option 3: No. Do not want.

Regardless of how many people would use a feature like this, it would pay to give advanced users more options. The only catch to using a comodo product is that you have to know how to configure it, or at least what to do with the alerts it will give you.

I’m afraid (I don’t know if it is) that the more options (especially user requests), the more vulnerable and unstable the program could become.

Adding a feature to CIS/CFW/CAV that would allow the user to create more sandboxes wouldn’t be too much of a stretch.

Adding timers for when they get deleted wouldn’t be too difficult either.

Adding rules for certain folders to not be virtualized is also easy.

In fact, it would be less complicated than sandboxie. and Sandboxie works great with all of the hacks you can do with it…as long as you do them correctly.

You’d probably need to set a name and location for each one in the file groups. You should see the things I’ve added to the file groups. All of my daily used applications and the folders for all of my personal files.

I’ve set up Comodo’s firewall to enforce my VPN’s connection on my daily used applications too. With file groups and the MAC address of my VPN in the network zones.

If comodo (the company) can make a security product allow a user to do all of that without any risk to the PC or CIS its self, they can give the user an option to create more than one sandbox with specific rules for each one.

I think both of you are right. There could utility value to advanced users AND there could be added confusion to everyday users.

Maybe the only way this could work is if the User Interface is tweaked, presenting a simpler interface and blocking advanced functionality for everyday users, and a full blown interface where all functions are available and configurable.

I’m aware that the UI currently has 2 levels, but the 2 “faces” are just modifications of the presentation layer. All functionality is available and working at both levels. A true scalable UI (scaling in function and presentation) could be the answer, but I wouldn’t hold your breath on it.

Ewen :slight_smile:

What I highlighted to bold. Do that. “Advanced user mode” and “normal mode” or if those names are trademarked, have your lawyers help you come up with two different names for the advanced and normal modes.

LOL. Before we throw a lawyer into the mix, let’s deal with Comodo developers first. ;D

I have no idea why that thought came to mind, especially since the the two names are really generic.

As generic as “Small” “Medium” “Large” “Extra Large” when you’re buying a drink at a restaurant

Yep. Solve the problem first before you spend too much time worrying about how to deliver the solution. :wink: