Use the sandbox (impossible to whitelist an application)


I’m trying the Sandbox function,
having quickly disabled it as my users were not able to print anymore from a pdf opened with Acrobat reader.

I was thinking “ok, Adobe Acrobat Reader” is not by default trusted by Comodo, instead of Outlook, so… let’s go to define a specific exception.

And I tried,
And I tried,
And I tried…

defining full path of Adobe in the “files” exception: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
from “Do not Virtualize access to the specified files/folders” → no effect.
tried also with *\AcroRd32.exe defining a “trusted category” in the "files group variables…

defined a new group of programs, putting the AcroRd32.exe inside… no effect…
Any idea ?

The online help did not helped me

Maybe one thing: this seems to happen only to PDF files that I have on “P:” that are virtual drives… but I don’t see any setting that says “C:\ is a local drive, trusted everything else shall be blocked”.

Hello @rbo ,

The option that controls this behavior is “Do heuristic command-line analysis for certain applications” from HIPS > HIPS Settings. Keep in mind that this option will take effect even if HIPS is disabled, so in order to disable it you will have to enable HIPS (in case that is disabled) then disable the option. After that you can disable HIPS if you want to.

As a side note, on October 8th we will release a major upgrade to the entire C1 platform, including ITSM module that has this containment disabled by default for PDFs and moreover you will be able to control the behavior of this setting by disabling it for some applications only or even add more applications to the list.

Please let us know if this works.

Yes it is working,
in fact the Comodo support assisted me to configure this setting which solved my issue with adobe.