0
On my Win7 Pro x64 system, I would like to run a program I have 99% confidence in (specifically, Blitzgewitter by Titan). However, on the off chance of a trojan, I would like to run it in a sandboxed user account.
What are the minimum necessary permissions for a user account (say, "scener") to login, download the file to %USERPROFILE%
, and run it? I'd appreciate any advice before I start trying something since I don't want to get into login failures.
I have two thoughts:
Remove scener from the Users group and set Allow Read for scener on C:\Windows and C:\Program Files, Allow RW on
%TEMP%
, and Allow All on C:\users\scener.Leave scener in the Users group but Deny everything except R on C:\Windows and C:\Program Files and RW on
%TEMP%
.
What say you?
1If the software is to run sandboxed like this anyway, I would strongly consider running it inside a VM. Then you can isolate it as much as you want to, and not have to worry about specific permissions. – a CVn – 2015-08-08T13:36:00.503
http://www.sandboxie.com/ This is specifically for sand boxing individual apps. – cybernard – 2015-08-08T16:32:08.527