X
XP User
Hi all,
XP PRO SP1, incl. all post-SP1-hotfixes, standalone machine. Since I
recognize Software restriction policies to be valuable in preventing malware
from destroying my system, I tried to configure it. I have set the default
rule to "not allowed", and then I created restrictions for %WINDIR% and for
%PROGRAMFILES%, setting them to unrestricted. I also added internet zones,
and I created some hash rules (for the Norton Antivirus- and ZoneAlarm
executables). All rules apply to all users but administrators.
However: when logging on as a poweruser, I get messages from XP that apps
that are in C:\program files are not allowed to run due to a software
restriction policy. So, although the restrictions proces seems to work, it
works quite the opposite from what I expected. I then tried not using the
variables but using the real locations, so: c:\windows, and c:\program
files, but the problem stays the same. Obviously, I'm missing something
here, but I don't have any clue as to what it is:-(.
Can anybody out there shine a light on my error and help me?
Thanks a lot,
Kind regards,
Jos
PS sorry for the cross-posting, but I really didn't know which group would
be most suitable to post my question.
XP PRO SP1, incl. all post-SP1-hotfixes, standalone machine. Since I
recognize Software restriction policies to be valuable in preventing malware
from destroying my system, I tried to configure it. I have set the default
rule to "not allowed", and then I created restrictions for %WINDIR% and for
%PROGRAMFILES%, setting them to unrestricted. I also added internet zones,
and I created some hash rules (for the Norton Antivirus- and ZoneAlarm
executables). All rules apply to all users but administrators.
However: when logging on as a poweruser, I get messages from XP that apps
that are in C:\program files are not allowed to run due to a software
restriction policy. So, although the restrictions proces seems to work, it
works quite the opposite from what I expected. I then tried not using the
variables but using the real locations, so: c:\windows, and c:\program
files, but the problem stays the same. Obviously, I'm missing something
here, but I don't have any clue as to what it is:-(.
Can anybody out there shine a light on my error and help me?
Thanks a lot,
Kind regards,
Jos
PS sorry for the cross-posting, but I really didn't know which group would
be most suitable to post my question.