inheriting permissions?

shmu26 · August 28, 2016, 11:20:34 PM

just wondering: if I run an installer, what permissions does that grant to the installed program? Let's assume it is not on the list of trusted vendors

fixer · August 28, 2016, 11:46:12 PM

Child processes by default inherit privileges and access rights of their parent. So if installer spawns child processes, they'll have the same access as installer process. But when installation is finished and installer exited, installed program is usually started by explorer. And this execution is completely unrelated to installer and follows the same rules as any other process: if this program is in ReHIPS database, it's executed according to its database rule; if it's absent, alert will be shown.

There is also DeployHelper, when used with installer, it adds installed programs to the isolated environment the installer was executed in. But other than that, everything is the same, installed program execution still follows the same rules described above.

shmu26 · August 29, 2016, 09:10:26 AM

" if this program is in ReHIPS database, it's executed according to its database rule"
thanks for detailed answer!
about ReHIPS database:
let's say for example that I installed ReHIPS right after installing Windows.
Then I go and install Adobe Acrobat PDF Reader.
Will Adobe Reader be automatically given the appropriate rules, i.e., will it run isolated, on a separate desktop?

XhenEd · August 29, 2016, 09:15:52 AM

Quote from: shmu26 on August 29, 2016, 09:10:26 AM
" if this program is in ReHIPS database, it's executed according to its database rule"
thanks for detailed answer!
about ReHIPS database:
let's say for example that I installed ReHIPS right after installing Windows.
Then I go and install Adobe Acrobat PDF Reader.
Will Adobe Reader be automatically given the appropriate rules, i.e., will it run isolated, on a separate desktop?

I think so, yes, just like what ReHIPS does to Chrome, IE, and others.

shmu26 · August 29, 2016, 10:05:57 AM

thanks
so in short, it doesn't matter whether you install ReHIPS first, or the program first.
either way, the special rules for that program -- assuming that they exist -- will be applied.

aDVll · August 29, 2016, 10:36:36 AM

Quote from: shmu26 on August 29, 2016, 10:05:57 AM
thanks
so in short, it doesn't matter whether you install ReHIPS first, or the program first.
either way, the special rules for that program -- assuming that they exist -- will be applied.

If you don't create rules for the program before allowing it to run then rehips will install the default rules if available. It doesn't matter if you install the program ages ago or a second ago. If for some reason you made rehips rules manually to run not isolated and change your mind and later want to get the default rules you need to remove all rules made for the specific program and click install rules.
Also rehips will install rules automatically when it detects changes in installed program and registry i believe so it install rules as soon as you install a program.

In general rule creation and control will improve greatly in the future. Good things are coming.

Umbra · August 29, 2016, 11:46:22 AM

basically :

1- you install softwares known by ReHIPS (means it has rules for it), the rules will be used,
2- you install softwares unknown by ReHIPS (means no rules had been made for it) , you will get a popup (or not, depending the security level), you can then customize the rule as you see fit.

whatever 1 or 2 is happening , you can still modify/delete the rules later.