I have recently been experimenting with XP's Software Restriction Policy on a stand alone PC. I removed the default rules and created a list of exe files that could run on my machine. I then set the default Security Level to Disallowed. I surfed a few dodgey websites and got browser lockups etc. When I checked the Event Viewer I noticed that some tmp files had been created but had been stopped from running and also cmd.exe had been stopped. I then tried to install some software I had downloaded. Before I could begin to install it, I had to add the install exe to my unrestricted list. I still couldn't get things to install because tmp files created during the install were stopped from running and services could not be installed because they were also blocked. I wondered if the use of the Software Restriction Policy was a viable alternative to installing HIPS type security programmes. Does anyone have any comments on the shortfalls of the Software Restriction Policy approach (apart from it's lack of user-friendliness)?