Trust No Program

Restrict read access to whitelist programs

Ideas for enhancements to the software

Restrict read access to whitelist programs

Postby D1G1T@L » Tue Oct 05, 2010 6:19 pm

Uncle Ronen,will it be possible to introduce another roadblock to potential drivebys, by restricting read access to any sandboxed system folders/drives besides programs explicitly allowed (added to a whitelist.)?. I know you have the start/run restricition, but this would be another great safety net.
D1G1T@L
 

Postby tzuk » Tue Oct 05, 2010 10:31 pm

It should be possible by using negating on the ReadFilePath setting. Something like,

ProcessGroup=<TrustedPrograms>,firefox.exe,notepad.exe
ReadFilePath=!<TrustedPrograms>,C:\Windows
ReadFilePath=!<TrustedPrograms>,C:\Program Files

"!" meaning EXCEPT IF here, we're saying that C:\Windows and C:\Program Files are going to be read-only folders EXCEPT IF the program is firefox.exe or notepad.exe.

I'm describing this as INI settings raher than through the GUI because the GUI doesn't support the "!" at this time. (I should fix that.)

But why not use Start/Run Access and be done with it?
tzuk
tzuk
Site Admin
 
Posts: 16076
Joined: Tue Jun 22, 2004 5:57 pm


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 0 guests