jammr Forum
Home of the jammr Community
- You are not logged in.
- Root
- » Technical support
- » Jammr installation path & computer security
![[RSS Feed]](/static/djangobb_forum/img/feed-icon-small.png "[RSS Feed]")
#1 Aug. 31, 2015 13:15:18
- housenet
-
-
- Registered: 2015-07-19
- Posts: 3
- Reputation:
- Profile Send e-mail
Jammr installation path & computer security
Jammr installs in windows under users\USERNAME\AppData\Local. This is a problem!
Ransomwares are rampant in the corporate world. There is no real way to stop a user from launching an executable in an email attachment which starts the spread. Preventatively; a current technique we utilize is to block executables from launching from the path “users\USERNAME\AppData” through a GPO.
Moving the Jammr folder to users\USERNAME\ works fine and the program still launches, but technically the application should not be launching from this location as 99.9% of legitimate problems do not do so.
Offline
#2 Aug. 31, 2015 13:58:49
- stefanha
-
-
- Registered: 2012-11-11
- Posts: 1730
- Reputation:
- Profile Send e-mail
Jammr installation path & computer security
housenet
Jammr installs in windows under users\USERNAME\AppData\Local. This is a problem!Ransomwares are rampant in the corporate world. There is no real way to stop a user from launching an executable in an email attachment which starts the spread. Preventatively; a current technique we utilize is to block executables from launching from the path “users\USERNAME\AppData” through a GPO. Moving the Jammr folder to users\USERNAME\ works fine and the program still launches, but technically the application should not be launching from this location as 99.9% of legitimate problems do not do so.
Thanks for the information, housenet.
jammr installs in that location by default so it doesn't require Administrator rights. I believe that is the standard location for non-roaming per-user applications on Windows. As you mention, few programs use it.
Most existing applications install to C:\Program Files but I think that requires Administrator rights. Since jammr (and its installer) shouldn't need anything beyond network and user file access, I decided not to use C:\Program Files by default. That way jammr has a little bit less access to your computer.
Perhaps it is simplest to use C:\Program Files (x86) by default and require Administrator rights in the installer. It's a shame because I don't want Administrator rights on your computer.
If you are familiar with standard locations on Windows and their pros/cons, do you have any suggestions or links to share?
I think users\USERNAME\ works around the GPO rule but isn't a standard location. I don't want to put jammr somewhere non-standard by default.
Offline
- Root
- » Technical support
-
» Jammr installation path & computer security