shutdown allowed by sandboxed applications [?]

I consider sandboxed applications that shutdown my computer quite annoying. Why does CIS allow it by default ?

As for example, a batch file with the following content,

shutdown /l

will log off the user.

Derivatives of shutdown are also allowed by default. It is a bypass as the purpose of a sandbox is to disallow such actions. :slight_smile:

CAMAS seems to hang up so there is an issue.

shutdown.exe /s /t 00

SHA1: 19277a33aa95de4c079ced0d9ca25f9b8b792d69

as you have may noticed, every level higher that “partially limited” prevents this action.
It was discussed in the past, and we have been told that it’s due to (if I remember right) usability.

Thank you for the answer.
I was referring to the right-click action “Run in COMODO Sandbox”. I forgot to mention.

May I ask you about your CIS version?
Is it the latest 7.0.317799.4142 ?

Currently it is possible for apps sandboxed as fully virtualized to shutdown the computer by using commands such as that. However, it has already been reported to the devs. Thus, no bug report is needed. I just hope it is fixed sooner rather than later.


Actually, upon further investigation it appears that the devs have marked it as Fixed. Therefore, if it is still replicable in this version please do create a formatted bug report for it. I can then re-open the entry in the tracker.


Yes- latest version.

It can be replicated. If possible, could you tell me a #date of the bug? “Fixed” might be referring to Dev version.

Actually, never mind about the bug report. Steps for replication have been entered into the tracker by mouse1. Thus, there is no need for a new bug report.

Thanks for pointing out this vulnerability.

OK. Thank you. :smiley: