Suggestions +/ Bug ?

Hello Comodo-Team,

while trying out Comodo fw I have noticed the following:

The feature to group applications is just great! But:

In my opinion the creation of “file groups” should be also possible in the Computer Security Policy window itself. It should be possible to group applications by drag and drop applications into a existing file group. This would make it a lot more user friendly.

Well, grouping files in ‘Computer Security Policy’ window would increase the readability, which i thought was the intention of these groups. Just saw they are used for creating protected/quarantined file groups in the first place. Anyway, i think the idea could joined together like this:

My File Groups:
a separate option in common tasks just to create file groups, which can be later added to:

  1. either in ‘My Protected Files’ or ‘My Quarantine Files’
  2. in ‘Computer Security Policy’

This would give the groups a little different but understandable meaning.

[Edited, hope you understand now ^^]


Another thing I noticed which i don’t know if I should call that a bug or not is with Kaspersky Anti-Virus 8.0.0.454.
I set the policies for avp.exe to ‘Trusted Application’ and those I thought would never again get a pop-up tp allow certain stuff. Yet, with these Security Policies I receive Pop-Up’s where avp.exe try’s starting another instance of avp.exe. When setting the policies to ‘Installer or Updater’ the problem is gone.

I understand that ‘Installer or Updater’ policies pass on it’s policies to child processes which is clever. But when a application executes itself (which is probably a security feature, i guess) and it’s a ‘Trusted Application’ then I don’t understand why I receive this Pop-Up at all.

Maybe someone can enlighten me a bit.


(R) anyway…

Great work. Respect!

greetz
snidr

i use the same AV, when D+ asked me about it i added it as windows system application.
and trusted application in the FW.
i have no prob at all, comodo never asks me about avp.
comodo has no specific rules in KAV, in fact there’s nothing in thread and exclusion in KAV, i deleted svchost.exe
people seem to have stranges troubles those days.
was a long time i didnt come, and comodo continues to work with no prob on my 2 machines,1 xp and 1 vista.

ok, but when looking at the policies of both ‘Trusted Application’ and ‘Windows System Application’ they are very same.

Oops, now i get it. :slight_smile:
‘Windows System Application’ allows execution of any application, which ‘Trusted Application’ doesn’t allow. Those I get pop-up when avp.exe executes itself.

So, I wonder if a application isn’t secure to executing itself?
Maybe because due to self modification?

Don’t understand me wrong. I don’t want any vulnerability in comodo. I’m just brainstorming. :wink:

‘Outgoing Only’ here. :wink:

Hehe, I don’t have any real problem. (I’m a coder myself) :wink:

Thx for your response anyway. :slight_smile:

greetz
snidr

u’re probably right by setting KAV as outgoing only in the FW :wink:
I watched KAV connexions and it seems i should better follow your advice and set KAV as “outgoing only” in comodo FW :slight_smile: