Yet another SRP question: Windows Explorer

Discussion in 'other security issues & news' started by Gullible Jones, Mar 11, 2010.

Thread Status:
Not open for further replies.
  1. One of the annoying things I've noticed in WinXP is that, if you enter a URL in the location bar of Windows Explorer, it will magically turn into an IE session and take you to whatever web page. Obviously this is something of a hazard, and I was wondering, can this sort of thing be restricted by SRP like a normal IE session? How does it work, anyway? Is it executing iexplore.exe and being properly limited by SRP, as a normal IE session would be? Or is it loading some DLL that isn't restricted? If the latter, how can I restrict the session?
  2. Sully

    Sully Registered Member

    Dec 23, 2005
    I am unaware of a way to correct this, and I have not looked much anyway. What I used to do as use my firewall to deny explorer.exe any WAN access.

    Maybe it stems from the ability for explorer to act as ftp client, which is better IMO than using IE.

  3. Ah, I was afraid of that answer... Thanks anyway.

    Edit: N/M I just answered my question! I opened up an explorer window, went to Filehippo, and tried to download a file to C:\... and it wouldn't download due to the permissions. So it looks like explorer is invoking iexplore.exe, and restricting the latter will restrict it.

    <3 PGS
Thread Status:
Not open for further replies.