Hi everyone, I'm running SyncBack Pro which saves settings within an *.ini-file. As the ini-file contains a password, I'd like to modify the access rights so that only SyncBack.exe can access the file. Is it possible? I don't want to use any FileProtector Software (which uses Windows Kernel Rules) - but I want to implement this one specific rule using Windows Tools - possible? Thanks in advance
You can't create ACL rule for process but you can for user. You can create another user, give right only to this user to access file and run SyncBack Pro under this user.
But then, I guess still every administrator could access that file, even if he is not listed, right? Then it won't work... As every elevated process with UAC highest privileges could still access it. I mean, right now, I only have full admins be able to access the file - and I am running Syncback elevated, as I want it to be able to copy/backup "all" files, even files only allowed to be accessed by privileged users.
You can remove Administrator, Users and Authenticated users permissions and only allow that specific user to access file (do this last action first, before removing rights for other user groups). That way other administrators can't access file. EDIT: also make backup of file and give your dedicated user full rights.