Sotware Restrictions

Discussion in 'Server Security' started by BOFH, Sep 17, 2004.

  1. BOFH

    BOFH Guest

    I need to prevent users from 'Open from this location' when downloading from
    IE...If I wanted to disallow EXE files, how would I do it?

    I know the Software Restrictions policy setting can do this, but don't know
    how to format the entries.

    If I add '%userprofile%\Local Settings\Temporary Internet Files\*.exe' to
    the Additionional Rules section and set it to disallow, will this work?


    BOFH
     
    BOFH, Sep 17, 2004
    #1
    1. Advertisements

  2. See the link below on how to configure the file extensions the way you want. See the
    section for Using the Internet Explorer Unsafe File List to Filter E-mail
    Attachments.

    http://support.microsoft.com/default.aspx?scid=kb;EN-US;291387

    For XP Pro computers Software Restriction Policies would be the way to go. Your
    example looks good for a path rule, be sure to test it out on a computer. Consider
    not using *.exe at the end of your rule to disallow any type of application as
    defined by Software Restriction Policies. You can use an XP Pro computer as a test
    box using Local Security Policy/computer configuration. The link below is a great
    reference. --- Steve

    http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
     
    Steven L Umbach, Sep 18, 2004
    #2
    1. Advertisements

  3. BOFH

    BOFH Guest

    Thanks Steve....the first MS babble I can understand, LOL

    BOFH
     
    BOFH, Sep 18, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.