CHML

Discussion in 'other anti-malware software' started by Sampei Nihira, Apr 8, 2013.

Thread Status:
Not open for further replies.
  1. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
    http://imageshack.us/photo/my-images/696/immaginetsp.jpg/

    With ICACLS I lowered the IL SumatraPDF and VLC at the level of "low".
    They have not problems that prevent me from using them.
    Trying to emulate Chrome I used the tool Minasi (as seen in the image above) to reach the level untrusted.
    But the sw will not start.
    Why Chrome yes and others not ?

    Sorry for my bad english !!

    TH.
     
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    The best you can do is to apply a Low integrity level to chrome.exe and to Chrome's profile folder. Untrusted has less privileges than Low, which is why chrome.exe is failing to run.
     
  3. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
    Hi m00nbl00d:

    Immagine.jpg

    Immagine 1.jpg

    Sumatra (.......VLC) IL low OK
    Sumatra IL untrusted off.
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Let me see if I understand.

    1. You set Sumatra to run at Low, and it runs fine. Correct?
    2. Then you set Sumatra to run at Untrusted, and it fails to run. Correct?

    If that's what you did, it makes sense that in 1. it runs, but in 2. it fails. Regardless of the process, if you set it to an untrusted label, they won't even run. Some won't even successfully run at low.

    Stick with Low integrity level, if you must. But, don't apply low integrity level to everything you want, otherwise the security you're trying to achieve will be gone.
     
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
    1) Yes
    2) Yes
     
Thread Status:
Not open for further replies.