> Then there are things like filemon that can inject a driver into the
system without having a .sys file… so it’s possible in other ways too.
This is not exact. Filemon needs a driver,
it just unpacks it when executed.
L.
>> Define 'Executable"? I can execute a file named \abc.txt:xyz.doc.
By ‘Executable’ I mean that a file is Executable if the user has been granted ‘Execute File’ permission.
If a file ending in .doc is run and office is installed then “C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE” is executed. The doc is not executed as such.
I want to prevent granting execute permission to any user on any file.
I said ‘execute’ the file that ends in .doc and by that I mean doing
CreateProcess. Using ‘Start’, ‘Run’ or double clicking on a file in Windows
Explorer attempts to ‘run’ that file with file associations being involved
in determining how it should be ‘run’. There are other ‘explorers’ such as
Total Commander and some of them can do CreateProcess under different rules,
but usually I just have a program that calls CreateProcess on a file to make
sure no one can bypass any restrictions I have in place.
wrote in message news:xxxxx@ntfsd…
>>> Define 'Executable"? I can execute a file named >>> path - 20K characters total>\abc.txt:xyz.doc.
> By ‘Executable’ I mean that a file is Executable if the user has been
> granted ‘Execute File’ permission.
> If a file ending in .doc is run and office is installed then “C:\Program
> Files\Microsoft Office\OFFICE11\WINWORD.EXE” is executed. The doc is not
> executed as such.
>
>
> I want to prevent granting execute permission to any user on any file.
>