[FAQ] Copy User Data feature

Started by fixer, August 26, 2017, 10:34:43 PM

Previous topic - Next topic

fixer

From ReHIPS documentation:
QuoteWhen checked the current user data are allowed to be copied to the isolated environment to improve isolated programs stability. For example, you could use it when a program starts from the Windows user directory (like Tor browser).

As you already know, isolated programs don't have any access to the real user profile folder or registry hive. But programs often keep their settings there, and they're unable to access them, so how to solve this problem? This is where Copy User Data feature comes into play. Each file system and registry access attempt is inspected and checked:
1. if some file system object (file or folder) from ReHIPS user profile folder or registry key from ReHIPS user registry hive is accessed;
2. if this object is not found in isolated environment (in ReHIPS user profile folder or ReHIPS user registry hive);
3. if this object is found in real user environment (in real user profile folder or real user registry hive);
4. if Copy User Data is checked;
5. if that object hasn't been copied yet;
6. if real user has read access to that object.
If all of these conditions are met, the required object is copied from the real user environment into the isolated environment. So eventually (the best-case scenario is after the first run) all needed settings are copied, Copy User Data can be unchecked and isolated program works with its own copy of settings. And that's the recommended way to handle this feature: it's best to disable it when you no longer need it as it makes user data readable to isolated programs that may endanger confidentiality in case isolated environment gets compromised.