|
|
Focus on Microsoft
RE: Active Directory Question Jan 13 2004 07:02AM Topi Ylinen (topi ylinen NOODI fi) (1 replies) Re: [work] RE: Active Directory Question Jan 13 2004 09:40PM opticfiber (opticfiber topsight net) (1 replies) |
|
Privacy Statement |
>The only way to make that work would be to have a signature for all
>programs users are allowed to execute, that way even if the user changes
>that name of the the program he/she wants to execute the signature still
>wouldn't match. I'm not sure that this can be setup without using third
>party software however I could be wrong.
>
>o.f
<snip>
*checks to make sure*
Md5sums stay the same if program / file names are changed.
So you could use a script to check the program against a local (speed
issues) md5sum list / database that the user had no access to. If the
md5sum matches, the program is allowed to run.
Of course, it would need updating when setups were patched / altered etc
and might be hard to implement if workstation setups were vastly different,
but it could be done automagically without too much pain.
Pete
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]