Author Topic: Whitelist control  (Read 30000 times)

Offline Stefan4

  • Newbie
  • *
  • Posts: 5
  • Kudos +0/-0
Whitelist control
« on: August 13, 2015, 06:22:25 PM »
I know this is probably a very silly question but I installed securaplus and removed all of the certificates and compacted the database, I only want to trust what I currently have installed. After this as a test I downloaded open office. I was expected to be prompted to accept the installation/application and instead, the application installed and was automatically trusted, why has this happened?

Thanks

Offline hendy

  • SecureAPlus Developer
  • Sr. Member
  • *****
  • Posts: 351
  • Kudos +16/-0
Re: Whitelist control
« Reply #1 on: August 13, 2015, 08:34:45 PM »
Did you also delete the restricted application list? Probably your browser is no longer in the list. Because the browser is signed, if it is not in the restricted app list, it can turn into an installer. This will mean that whatever files that it downloaded wll be automatically trusted.
« Last Edit: August 14, 2015, 09:02:11 AM by hendy »

Offline Stefan4

  • Newbie
  • *
  • Posts: 5
  • Kudos +0/-0
Re: Whitelist control
« Reply #2 on: August 13, 2015, 08:46:58 PM »
That makes sense. No I left the restricted application list but I guess that's what's happening. I will add it in and give it a try. Thanks :)

Offline Stefan4

  • Newbie
  • *
  • Posts: 5
  • Kudos +0/-0
Re: Whitelist control
« Reply #3 on: August 16, 2015, 05:05:45 PM »
so, I have tried adding my browser into the restricted list, and still no joy, though I'm sure this is the problem. I am using windows 10 and Microsoft edge. I have added Microsoftedge.exe and  MicrosoftedgeCP.exe into the restricted list. Can anybody help with what program I need to add into the restricted list?

Offline hendy

  • SecureAPlus Developer
  • Sr. Member
  • *****
  • Posts: 351
  • Kudos +16/-0
Re: Whitelist control
« Reply #4 on: August 17, 2015, 09:02:00 AM »
You need to add one more: browser_broker.exe
We will add those files into the list on our next release. Thank you for informing us.

Offline Stefan4

  • Newbie
  • *
  • Posts: 5
  • Kudos +0/-0
Re: Whitelist control
« Reply #5 on: August 17, 2015, 03:16:20 PM »
Great, that worked thank you :)

Now, my final problem is that I can still install and run apps from the windows store, I'm assuming there some more programs that I need to add to the restricted list.

Thanks

Offline hendy

  • SecureAPlus Developer
  • Sr. Member
  • *****
  • Posts: 351
  • Kudos +16/-0
Re: Whitelist control
« Reply #6 on: August 18, 2015, 09:52:16 AM »
Windows store is using the same process as what Windows usually use to perform Windows update, to download and install the applications. To restrict this process will cause an issue in the automatic Windows update, which will mean that everything updated by Windows will not be trusted. This may cause the OS unable to run properly because the new files will get blocked. Even let's say if we are able to restrict the process, there will be an issue in how to trust the files that download by Microsoft Store. According to our observation, currently the applications are stored at C:\Program Files\WindowsApps forlder. This folder is protected by Windows. If you are trying to access this folder from Windows Explorer, you will get access denied.

Offline Stefan4

  • Newbie
  • *
  • Posts: 5
  • Kudos +0/-0
Re: Whitelist control
« Reply #7 on: August 19, 2015, 02:01:41 AM »
Ok, makes sense. From what I have read, all store apps are signed by Microsoft so as long as apps aren't side loaded I should be fine. I was just wanting to use white listing to minimise the attack surface and prevent users installing random applications.