When BB is in "blocked" mode - no popup and no log entry recorded [V6][M588]

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
#1

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?: yes, 100%
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
  1. Enable BB and set it to “blocked” mode.
  2. Find & run any untrusted application.
  3. Observe no on-block popup.
  4. Check logs to see no entry for this action.
  • If not obvious, what U expected to happen:

[li]Other BB modes show popup when application gets auto-sandboxed for the first time, similar to this one (it’s from kb pages):

But in “blocked” mode there is no such popup. IMHO it should be as well.

  • When BB is in less restrictive modes there is corresponding log entry for sandboxing action in “Defense+ Events” like “Sandboxed As; Partially Limited”.

For “blocked” mode there is no such log entry. IMHO should be “Sandboxed As; Blocked” or other more adequate text.

The only log event existing for all modes is when “Unrecognized Files” list is updated - in “Configuration Changes” as “String Added; Sandbox: Alert Timeout” and exe path as a value.

[/li]- If a software compatibility problem have U tried the conflict FAQ?: no

  • Any software except CIS/OS involved? If so - name, & exact version: no
  • Any other information, eg your guess at the cause, how U tried to fix it etc: not fixable
  • Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware) attached config, diagnostics file and KillSwitch report, please PM for password
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: 6.2.285401.2860, custom (attached)

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: AV (stateful), FW (custom), BB (blocked)
  • Have U made any other changes to the default config? (egs here.): yes
  • Have U updated (without uninstall) from a CIS 5?: no
    [li]if so, have U tried a a clean reinstall - if not please do?: n/a
    [/li]- Have U imported a config from a previous version of CIS: yes, previous revision
    [li]if so, have U tried a standard config - if not please do: no
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: XP, SP3, 32b, DEP, admin, no VM
  • Other security/s’box software a) currently installed b) installed since OS: a=no b=no
    [/ol]

[attachment deleted by admin]

#2

Although I absolutely agree with you that a BB popup when the BB is in Blocked Mode would be very very helpful, I do not believe that this is a bug. Sadly, this appears to be the intended behavior for applications run while in Blocked Mode.

Thus, I will move this to the wishlist section of the forum. Hopefully Comodo listens and will add the ability to create alerts for applications run while the BB is set to Blocked Mode.

Thank you.

#3

Actually, after further discussion with other Mods, I have changed my mind and believe that this is certainly worth forwarding as a bug. Thus, I will move it back to the main bug reporting board.

Thank you.

#4

Okay, after further thought I have decided that this cannot be classified as a GUI bug. Thus, could you please edit your first post so that it is in the main format, with all requested files attached?

Thank you.

#5

PM sent.

#6

Changed format.

#7

I can replicate this as well.

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again.

#8

Can you please check and see if this is fixed with the newest version (6.3.294583.2937)? Please let us know whether it is fixed or you are still experiencing the problem.

Thank you.

PM sent.

#9

2937 - confirmed, still no clear information what happened other than OS/Total Commander error (no access to file).

#10

Thank you for checking this.

I’ve updated the tracker.

#11

Yep same here I can confirm this. I hope Comodo will add a popup when BB is in Blocked mode.

#12

Thank you for checking this.

I have updated the tracker.

#13

The devs have informed me that they believe that this is fixed for CIS version 7.0.313494.4115. I will therefore move this to Resolved.

If this is still not fixed for you please both respond to this topic and send me a PM (including a link to this bug report).

Thank you.