Jump to content

Recommended Posts

I would like to protect my command line tools, such as cmd.exe, so they cannot be abused to download malware.

 

In the "Manage applications" window, under the "Network" column, I set them to "deny".

 

Is this sufficient to achieve my goal? Will this block any process started by cmd.exe from accessing the internet?

Edited by shmu26

Share this post


Link to post

Did you test? That is the only way to find out if that worked or not.

Share this post


Link to post
Did you test? That is the only way to find out if that worked or not.

I am not a skilled malcoder who knows the various sneaky ways of downloading files by means of command line utilities...

 

But more seriously, allow me to rephrase my question:

Kaspersky Application Control employs a system of inheriting permissions, by which a child process will not have higher permissions than the parent process.

So far so good?

Now comes the question: when cmd.exe or powershell calls another process and tells it to perform a certain task, is that treated as a child process, and will inherit permissions accordingly?

 

Share this post


Link to post
I am not a skilled malcoder who knows the various sneaky ways of downloading files by means of command line utilities...

 

But more seriously, allow me to rephrase my question:

Kaspersky Application Control employs a system of inheriting permissions, by which a child process will not have higher permissions than the parent process.

So far so good?

Now comes the question: when cmd.exe or powershell calls another process and tells it to perform a certain task, is that treated as a child process, and will inherit permissions accordingly?

great, thanks!

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.