English Subforum > ReHIPS

Ask Questions Here - ReHIPS Features & Unexpected Behaviors

(1/147) > >>

HJLBX:
I have created this thread so that I and other beta testers can ask questions about unexpected ReHIPS behaviors.

The goal of this thread is simple:

* * * * *

Ask a question about an unexpected behavior or feature.

ReHIPS staff can explain details about feature(s).

ReHIPS staff can explain that behavior(s) is\are unexpected to user - but intended by design - or appears to be an issue\bug.

After answer to question(s), user can post an issue\bug report - if any is needed.

* * * * *

Beta testers and users can learn product better.

This process will reduce needless reports and burden on ReCrypt staff.

This thread will be a centralized thread for beta testers and other users to find answers to common questions about ReHIPS.

It could serve as the basis for ReCrypt staff to identify the most commonly asked questions on ReHIPS installation, features, use and issues\problems.

* * * * *

If this thread does not work out, then it can be closed or deleted by ReCrypt staff at their discretion.

HJLBX:
I read the Admin manual; I understand how DeployHelper works for the most part.  I have questions about implementation and few minor questions.

DeployHelper:

* * * * *

Requires ReHIPS_Setup.exe correct ?

* * * * *

Why not permanently integrate DeployHelper into ReHIPS (Training Mode works better for me in configuring programs to run in IE) so it works after ReHIPS_Setup.exe deleted ?

* * * * *

What is difference between\advantage to using Deploy Helper created shortcut and program created shortcut ?

* * * * *

Does active Protection Mode (Expert, Normal, Light,...) affect DeployHelpter behavior ?


Expert Mode = alerts, even while using DeployHelpter.  I understand this.  I am asking if any problems have been connected to a particular Protection Mode setting.

* * * * *

Any reported issues with DeployHelper ?

* * * * *

Most installers don't identify themselves as requiring Admin rights to install.  So most users will probably always adopt run as Admin; perhaps limited rights option is not necessary ?

fixer:
ReHIPS isolated environments are based on Windows built-in isolation of different users from each other and from the system (if they don't have admin privileges). So then a program is isolated it is executed from a specially created ReHIPS user with limited access rights. Being run this way it won't be able to access real user's profile folder and registry hive. This may be a problem as the user expects the program even being isolated will have the same settings as it had before isolation. One of several possible ways to solve this is to use DeployHelper.
DeployHelper installs the program right into the new ReHIPS user. So all the settings will go from the start into isolated environment, no need to copy them from the real user environment. But it needs program setup file to do this. On the low level it just creates ReHIPS user and runs setup from that user. As the program being installed that way creates desktop and start menu shortcuts in the ReHIPS user environment, the real user won't see them, so DeployHelper recreates them for the real user on real user's desktop and start menu.
As DeployHelper is a separate application it's not affected by ReHIPS protection mode. Sometimes setup files may run other files which may lead to ReHIPS alert, it's OK though inconvenient for the user, so we've got it in our TODO list to fix this.
No issues were reported with DeployHelper yet.
Some installers don't explicitly state in the manifest that they need admin rights (DeployHelper detects the ones that do and honour this running it with admin rights). But being run later they ask for elevation. For this case DeployHelper with admin was made. Of course DeployHelper with admin can be used for every installer, but it's not recommended. For one thing DeployHelper will give ReHIPS user admin privileges. Of course it's just temporary while installer is working. But why doing it if we can be just fine without it. Besides admin requiring installers tend to install software to Program Files folder. Sometimes it's something desirable, but personally I prefer isolated software to reside in isolated environment so it'll be completely gone when I remove the isolated environment and I won't have to uninstall it later from Program Files folder.

HJLBX:
What will be intended behavior for partitions and external drives ?

* * * * *

HIPS monitors all partitions and drives - that is easy enough.

* * * * *

Some users will want to execute programs residing on different partitions and  from Flash drives as isolated programs.

I tried flash drive - will not load into isolated environment.

I think this is intended design, but I am not sure.

Same problem as executing file isolated from PA user profile - correct ?

fixer:
By default external drives and network files in the terms of process execution interception are no different from regular processes. But when you isolate them, there is a catch. By default isolated programs have access neither to real user's profile folder, nor to removable or network media. This is by design as some removable media like flash drives may be formatted in old filesystems like FAT that doesn't support access rights and even being formatted in NTFS it usually allows everyone full access (thus isolated programs can mess with the contents of a flash drive).
To explicitly run a program isolated from the real user profile folder you should set Copy User Data flag (the latest ReHIPS version sets this flag automatically in non-Expert mode).
To run a program isolated from network or flash drive you should set additional Media access rights in the isolated environment window.

Navigation

[0] Message Index

[#] Next page

Go to full version