strongly suggest!

Add blocked files here ,so that you can control individual apps access the blocked files. That will be very useful.

[attachment deleted by admin]

Not sure what do you mean. You can define Block Files via Protected Files/Folders → Blocked Files/Folders. Also you can make you own blocked files to be used here in Defense+ → My Blocked Files. Maybe you mean add some specifif block. But Block when what? What action should be monitored. Please describe more specific what exactly you mean.

add in Protected Files/Folders → Blocked Files/Folders ,it also can be read, it can’t be created, but can be read.
Let me put it this way, if you flocked a file ,this file can’t be read by any app, but there is one app you want it to read this file ,you can allow it in this option.
And with this option, you can control particular app to read or not read particular files. The point is, Protected Files/Folders can’t control file’s reading,but blocked files can.

Some other hips apps, can control files‘ reading creating modifying deleting separately, but comodo is much less convenient, adding this option will make a big progress, and it’s easy to achieve by comodo with current app frame.

This is a goog suggestion!

Let me give some examples:
1、Autorun.inf is a dangerous file,it can used by virus automaticly running an app to infect you computer. you may want to add it in the blocked files, but sometimes you want to view it to see what’s in it, why don’t we let notepad be able to open it? no harm for that.
2、Cookies is a sensitive folder, it contains your password record and so on, you must don’t want any app can read it randomly,but you should allow web browser read it,otherwise you can surf properly.
3、You have a personal document, you don’t want anyone open it except yourself, it’s normally opened by notepad,you can prohibit notepad from reading this file, only allow a unpopular document reader that only you konw where it is to open it, this way, you protected you private info.
4、Some apps have multiple functions, but some of them are useless and annoying for you, but you can’t disable it. we know an app only can carry out a particuler function by reading particular files. we can prohibit this app to read them,so that wo can fail some its funtions.
5、Smoe apps like a spy, they secretly collect some info in your computer for their benefit. without monitoring reading behavior you don’t even know what they are doing.

I think this facility is already available in CIS. Details are availablle in the help section as a tutorial with an imaginary file accounts.xls. It is located at Defence+ Tasks Overview-My protected files. In case of difficulty locating the same, you can type ‘excel’ in search option of Help and it will show the relevant example. The tutorial has explained the same with an example and hence should be handy.

I have personally not implemented the same, but I hope this could be useful to you and meet your wish.

Thanks for replying, but I don’t think you get this right. Let me quote the section here:

"Users can choose to selectively allow another application (or file group) to modify a protected file by affording the appropriate Access Right in ‘Computer Security Policy’ . A simplistic example would be the imaginary file ‘Accounts.xls’. You would want the Excel program to be able to modify this file as you are working on it, but you would not want it to be accessed by a potential malicious program. You would first add the spreadsheet to the ‘My Protected Files’ area by clicking the ‘Add’ button then ‘Browse…’ to ‘Accounts.xls’. Once added to ‘My Protected Files’, you would go into ‘Computer Security Policy’ and create an exception for Excel so that it alone could modify ‘Accounts.xls’. "

Over all,the keyword is “modify”,but mow we want to control the “reading”. adding a file in blocked files can do so,but it can’t be read by any app, it’s too extreme, it’s too inflexible ,sometimes even a virus, we still want to read it with some toos in order to analyse.

I am a layman, but I think my suggestion could do the trick for point No. 1 and 3.
For keeping personal files I think we have other options also like password protect or using ‘my private folder’ of Microsoft (you may get a version by searching in the internet). [I personally feel using MS Word is better than notepad].
I don’t know whether you can give exception to firefox.exe for point No.2.
I didn’t get point No.4 so, no comments.
For point No.5 we can only rely on some good antispywares like Superantispyware, MBAM etc.

These are just suggestions which I feel. If your actual requirement is something else, (like extreme cautious disk monitoring) may be some other forum members may help you.

Notepad is just a example, maybe there are other format files you want to protect, of course you can find another
app like MS word to implement, but now we are using comodo,we want comodo to do it. and comodo can protect all kinds of files.
Now we can’t give exception to anyone ,because when you add a file into blocked files ,no one can read it. that why I came up with this idea.
Other antispywares is a option ,but if comodo can do it, why don’t we just use comodo which we’v already installed. and I said “smoe apps” ,maybe it’s not a real spy ,some normal app also did this kinds of action. they scan you harddisk,collect you info and post them to their host without informing you.

It seems that the tutorial actually explains how to block a file and at the same time give exception to a single program to modify it. That’s why I suggested to look at it. Since this is a wishlist … okay… if it not available and if it is pragmatic, I am sure Comodo developers will definitely look at it.

The tutorial just gave a example showing how to protect a file from being modified. adding a file into protected files can’t protect this file from being read, just modified. Thands for your attention, hope the developers take this suggestion.

I added some ideas from this suggestion to “my” “AIO” list - Point(s) 9.1. If you have some free time please check my post if it’s fitted with your idea.

Thank you!

Suggestions for future version(s) AIO

Thanks for adding it in,“distinguishing folders rights to: create/modify/read” is too extravagant for now,of course it’s wonderful,but it’s too good to be realized.:slight_smile: Just adding existing Blocked Files to Process Access Rights is enough now,it’s easy to layout. You want more ,you get nothing.

supplement: with current comodo, files you add in Protected Files/Folders can’t be created/modified/deleted, add in Blocked Files/Folders can’t be read/modified/deleted, sometimes can’t be created,but sometimes can ,maybe there is a bug there. I don’t think the author want the files you add in Blocked Files/Folders can be created.

I started it with “Add section Blocked Files/Folders to Process Access Rights to
be able to set apllication to deny all access to specified Files/Folders.”
I think that’s it. Then it’s just my opinion for the future. Because of it there
is maybe. It just my point where this should be directed. Just if there will be
sometimes any change in this, try to think about it this way. When there’s
going to change something be ready for the future imporovements. Not ready now.
But when you’re changing things you’ve some structure. But you have to think
for future functions to make it possible with current concept. I don’t want
something now. I’m patient. Just writing things they maybe should looks
like once. So really sorry if it looks like I’m forcing something. Maybe I’m just
a little bit perfectionist.

You are right,we should have comprehensive thoughts about the future. The problem is I am a little eager.:slight_smile: Because I presently have a problem can’t be solved without this function. Not only one ,but this one is most annoying. I am using a app that scan my harddisk everytime it starts, and I must use it, there is no substitute.
Some may have doubts how “Adding section Blocked Files/Folders to Process Access Rights” can do so, actually simplely adding * into Blocked Files/Folders will do. For other apps maybe there will be a little more unconvenient,but as long as the Process Access Rights has the option of Blocked Files/Folders witch you can use to make exception, It will be no problem.

more examples:
Asp have a function called fso can create files by using scrrun.dll, if we add scrrun.dll into Blocked Files/Folders and prohibit web browser from reading it ,can fail its function.
wshom.ocx is a similar file.and slao the msadco.dll.

I can tell that I understand you. Comodo is great in security. But still its
GUI and interface is just weak. I think for standard user, which use just Safe
or Training Mode it’s right. But for advanced user it’s sometimes just fight
with pop-ups and clicking. Maybe it’s just because of direction of developing
for majority of users. Not sure about it. Maybe we also need to be patient for
better tomorrow ;). I’m trying :). Maybe just some answers from developers
should be great. Maybe show us some future plans. Show which of our voices has
been heard. That’s what I miss. I can see always similar suggestions here. But
not any answer. So still only thing we can do for now is wait and hope…

Frankly,I didn’t have a big hope about this,but I want to try my best to see what eventually will happen.It seems like comodo was following firewall’s frame to create the d+,Maybe they were afraid of firewall user to accept the d+. If you have used other d+like app, you will find d+ far less perfect in many ways, I don’t think developers are willing to change the frame, it will be a big project. but I think with current frame making progress little by litte is totally considerable.
Maybe elementary users don’t need this kind of function, but how do you think a new user get to know this app, mostly other users recommended, specially the advanced users which have advanced needs. If they dumped this app,that means the app will lose a lot of potential users.I hope developers will think about that.