Network access for GSS?

Discussion in 'Ghost Security Suite (GSS)' started by SYS 64738, Oct 14, 2007.

Thread Status:
Not open for further replies.
  1. SYS 64738

    SYS 64738 Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    130
    I'm just wondering, i have gss.exe and gssupdater.exe in AppDefend configuration list and for both are the settings for network access "default", i.e. "ask user/allow" but GSS checks for updates anyway. Its network access isn't logged also.
    It just checks silently in the background. All in all this is ok for me, i'm just wondering that this cannot be controlled by AppDefend itself, i don't get the logic behind this.

    Note, here i don't mean the "old" bug of the new-version-of-GSS-available-message, this had been erased already.
     
  2. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Is this in the beta version or alpha? I think there may have been a hardcoded case for GSS.exe's network access at one period of time. It mattered at the time because gss.exe was the "GUI" updater and couldn't really be locked down blocking itself.

    Since the new gss.exe will not be in any way controlling the driver, or needing to be there for AD/RD to work it won't need any hardcoded specifics like that.

    There have to be some hardcoded allows for certain trusted apps in all these types of products. In the latest alphas of GSS this has been really tightened down thanks to the everything being almost completely kernel based, and there should be no way to abuse hardcoded priveleges. No process as such is given any hardcoded allows and only after a successful "handshake" of sorts will priveleges be given.

    Probably a more drawn out answer than needed for this reply, but there you have it.
     
Thread Status:
Not open for further replies.