Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zzzzzzzzzzzz2020-02-10 16:51:49
css
zzzzzzzzzzzz, 2020-02-10 16:51:49

How to restrict applications access to files in Windows?

There is a desire in Windows to restrict the access of individual applications to files.
As I imagine it in the minimum version:
- there is a list in which for each exe-file it is written, the files in which directories are available to it for reading and in which for writing;
- there is a driver (?) that intercepts "open file" WinAPI calls, checks against the list and, if the directory is not available, returns an "access denied" error code.

I am sure that there should be ready-made software for this task. Please advise.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
L
Lone Ice, 2019-05-30
@daemonhk

I won't help with the lines, but with the "Sun"... https://ru.stackoverflow.com/questions/716975/%D0%...

Report
D
Dmitry Khristoev, 2019-05-31
@Haoss

If you don't want to bother, don't touch it at all.
Blocks on absolutes, build by position in each size. I would do so.

Report
A
Alexey Dmitriev, 2020-02-10
@zzzzzzzzzzzz

Read about APPLocker or Controlled folder access in WIndows Defender - maybe
this is what you need.

Report
A
Alex, 2020-02-18
@asilonos

https://staffcounter.net/ru/dlp/
is able to restrict access for given ##.exe to paths by mask. for example, it can prevent the browser or skype from opening files outside its profile folder - i.e. the user will not be able to attach the file, send it to the cloud. disk or send via skype.

Report
K
Konstantin Tsvetkov, 2020-02-10
@tsklab

Your protection will be bypassed by calling some programs by others.

Report
V
Vladimir Korotenko, 2020-02-10
@firedragon

There is an ACL at the NTFS level, assign special access permissions to a specific group.
No drivers are needed, everything is decided at the OS level.
Another good practice is to assign a list of allowed applications to run through group policy and assign them as a shell, for example, a 1C client or AWP (Workstation)
Describe your task, not your vision, how this can be implemented

Report
D
Diman89, 2020-02-11
@Diman89

Do you need tamper protection software?

Similar questions
P
pomaz_andrew2020-01-16 13:33:50
Is it possible to save a file to a specified path in JS? 1Reply
A
And2017-08-14 12:42:04
Control and logging of web developer's actions, what to do? 10Reply
A
Artem2020-01-20 21:19:32
How to fix laravel migration error? 2Reply
R
Rasul Gitinov2017-08-21 22:53:26
How to track clicks on a specific element? 3Reply
S
stcmd042362017-08-22 16:09:59
What are the libraries for printing documents in c#? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question