Quote: Originally Posted by Kaktussoft
So purely name based. If notepad.exe is allowed:
I put some nasty stuff on usb stick and call the exe notepad.exe. Then run notepad.exe from usb stick which runs some nasty stuff. Fake security in my opinion. Correct me if I'm wrong
Correct. If you add notepad.exe to the list of allowed programs
, then anything named notepad.exe would be allowed to be run by the user(s) unless also on the list of disallowed programs
If the .exe is in a Program Files
type system folder, then a standard user will not be able to rename the .exe anyways.
This is not for malware protection though. It's only to help allow or prevent users from being able to run programs (.exe files) that you the administrator specify.