- Dec 23, 2014
I updated the post. Renaming the shortcut worked for me (I tested it after installing 8GadgetPack / Sidebar on my testing computer). We are in email contact with Krusty. After renaming the shortcut the Sidebar thinks that it does not have to start with Windows, but the renamed shortcut starts it anyway.He is still having issues
Started using this and recommended settings is probably safe to use? I also added recommended H_C in firewall hardening.www.wilderssecurity.com
The Sidebar issue showed the limitation of the combined Disalowed/Unrestricted rules with wildcards.
In the H_C Recommended settings the SRP makes several actions for files in the user Startup folder :
- Disallowed Default Security Level (blocks files by default).
- Unrestricted rules for EXE and MSI files in user AppData subfolders.
- Disallowed rule for files (blocks also EXE and MSI) in the user Startup folder (it is a subfolder of AppData).
- Unresctricted rule for a shortcut file.
The rule from point 3 is unnecessarily restrictive it should block only EXE and MSI files instead of all files - other files are already blocked by point 1. I could solve the issue by making it less restrictive. This would require removing 20 rules and adding 40 new rules. There is also a possibility to extend whitelisting by hash to include shortcuts - this would be probably the best solution for shortcuts with randomly changing file names in the user Startup folder.