Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
number092022-03-05 21:46:41
System administration
number09, 2022-03-05 21:46:41

I'm going to prevent users from running executable files, what are the ways to make exceptions?

I want to prohibit the launch of executable files, starting with a complete ban and then exposing exceptions. From what locations can you immediately allow programs to run?

C:\ProgramData
C:\Program Files
C:\Program Files (x86)

something else to work?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vasily Bannikov, 2022-03-05
@vabka

Maybe just enter a white list of those programs that can be run, and prohibit everything that is not on the white list pointwise?
There shouldn't be any executables in ProgramData.
What programs your users use for work - only these users know.
So you need to look where they start from there.

Report
R
Roman Bezrukov, 2022-03-06
@NortheR73

Have you looked at Software Restriction Policies ?

Similar questions
A
appplemac2012-11-13 13:46:27
How to make L2TP VPN work with only external IP address? 0Reply
D
d3ZORg2012-11-13 14:13:35
What means to centrally collect logs? 6Reply
L
Leonid2015-12-22 14:24:15
How to start comprehending 1C as a system administrator? 3Reply
L
lekam2020-05-31 20:32:03
How to make a link to a local resource if the server is behind Cloudflare? 1Reply
V
Vitaly2021-08-16 15:38:23
What do you recommend for streaming music? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question