Windows 7 AppLocker
November 20, 2009 8:02 AM Subscribe
Am I doing something wrong with Windows 7 AppLocker?
My company has an old piece of software, basically Win98-era (old enough to predate the assumption of being installed in the "Program Files" directory), that we must continue to support.
I have successfully installed and run it under Windows 7.
A customer has asked us if our software will work with Windows7's "AppLocker" feature. So I read up on it, and did the first brain-dead test: For all users, deny any executables running from C:\Foo\. I made sure that everything that said "Enable This Rule" was enabled.
But, even as a non-privileged user on the system, I can still go in and run C:\Foo\Bar.exe
I even enabled the "Application Identifier" Service, and still Bar.exe runs just fine.
Does the AppLocker only work with more modern applications? Did I miss a configuration option? Or am I missing something else?
My company has an old piece of software, basically Win98-era (old enough to predate the assumption of being installed in the "Program Files" directory), that we must continue to support.
I have successfully installed and run it under Windows 7.
A customer has asked us if our software will work with Windows7's "AppLocker" feature. So I read up on it, and did the first brain-dead test: For all users, deny any executables running from C:\Foo\. I made sure that everything that said "Enable This Rule" was enabled.
But, even as a non-privileged user on the system, I can still go in and run C:\Foo\Bar.exe
I even enabled the "Application Identifier" Service, and still Bar.exe runs just fine.
Does the AppLocker only work with more modern applications? Did I miss a configuration option? Or am I missing something else?
Response by poster: The application runs just fine without problems, Nyarl.
This question could just as easily be about C:\Windows\Notepad.exe as it is about our software; I was just giving a bit of background.
I just want to know why AppLocker is saying "I will block all executables from this directory" but clearly allowing them to run.
posted by jozxyqk at 8:20 AM on November 20, 2009
This question could just as easily be about C:\Windows\Notepad.exe as it is about our software; I was just giving a bit of background.
I just want to know why AppLocker is saying "I will block all executables from this directory" but clearly allowing them to run.
posted by jozxyqk at 8:20 AM on November 20, 2009
Possibly because you are an administrator on the machine and that overrides applocker?
Try creating a user that is not an administrator and running that program in the directory.
This is just a guess.
posted by Jupiter Jones at 12:21 PM on November 20, 2009
Try creating a user that is not an administrator and running that program in the directory.
This is just a guess.
posted by Jupiter Jones at 12:21 PM on November 20, 2009
Response by poster: Done that, Jupiter. Also mentioned in the question.
posted by jozxyqk at 5:08 AM on November 21, 2009
posted by jozxyqk at 5:08 AM on November 21, 2009
You've probably already seen it, but could it be this issue?
posted by Admira at 6:36 PM on November 22, 2009
posted by Admira at 6:36 PM on November 22, 2009
Response by poster: No, I hadn't seen that before, Admira. But I am currently using a "Path Rule", so I'm not sure this is the issue either.
posted by jozxyqk at 2:26 AM on November 23, 2009
posted by jozxyqk at 2:26 AM on November 23, 2009
This thread is closed to new comments.
You can read more about it and download it here.
posted by Nyarlathotep at 8:12 AM on November 20, 2009