Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zzzzzzzzzzzz2020-02-10 16:51:49
css
zzzzzzzzzzzz, 2020-02-10 16:51:49

How to restrict applications access to files in Windows?

There is a desire in Windows to restrict the access of individual applications to files.
As I imagine it in the minimum version:
- there is a list in which for each exe-file it is written, the files in which directories are available to it for reading and in which for writing;
- there is a driver (?) that intercepts "open file" WinAPI calls, checks against the list and, if the directory is not available, returns an "access denied" error code.

I am sure that there should be ready-made software for this task. Please advise.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
L
Lone Ice, 2019-05-30
@daemonhk

I won't help with the lines, but with the "Sun"... https://ru.stackoverflow.com/questions/716975/%D0%...

Report
D
Dmitry Khristoev, 2019-05-31
@Haoss

If you don't want to bother, don't touch it at all.
Blocks on absolutes, build by position in each size. I would do so.

Report
A
Alexey Dmitriev, 2020-02-10
@zzzzzzzzzzzz

Read about APPLocker or Controlled folder access in WIndows Defender - maybe
this is what you need.

Report
A
Alex, 2020-02-18
@asilonos

https://staffcounter.net/ru/dlp/
is able to restrict access for given ##.exe to paths by mask. for example, it can prevent the browser or skype from opening files outside its profile folder - i.e. the user will not be able to attach the file, send it to the cloud. disk or send via skype.

Report
K
Konstantin Tsvetkov, 2020-02-10
@tsklab

Your protection will be bypassed by calling some programs by others.

Report
V
Vladimir Korotenko, 2020-02-10
@firedragon

There is an ACL at the NTFS level, assign special access permissions to a specific group.
No drivers are needed, everything is decided at the OS level.
Another good practice is to assign a list of allowed applications to run through group policy and assign them as a shell, for example, a 1C client or AWP (Workstation)
Describe your task, not your vision, how this can be implemented

Report
D
Diman89, 2020-02-11
@Diman89

Do you need tamper protection software?

Similar questions
A
Albadur2019-09-16 22:10:11
How to install a site on Django in the ISPmanager panel? 3Reply
D
Dmitry Polyakov2017-04-17 10:00:39
How to check if there is content in a particular post? 2Reply
D
Dean Ex2015-04-25 17:09:57
Does the headphone plug affect the sound quality? 3Reply
J
Julian Lodkin2021-04-04 18:20:20
Why is this not working correctly? 0Reply
F
Froggyweb2017-04-25 16:37:25
Gulp 4 + browserify + error Watcher crashes on js error? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question