|
|
|
Process Spawning
Spawning means that the spawned application inherits the security environment of the application that invokes the spawned application. For Example: In Outlook (the spawning app), you may receive an email with a word document. If you choose to open the attachment file, the outlook will call the Microsoft Word program and send it the attachment document. The Microsoft Word is then spawned application.
For every application group you can specify the spawning mode (allow, monitor, ask user and prevent รป see Access possibilities (on page )) and the sandbox type (parent or own). If you choose parent sandbox, the spawned application will inherit the security environment of the parent process. The own sandbox results in using the application's own security settings. The later is similar to a situation where the application is started by a user and not from another process. You can change the status by a right-click on the group name and select your four alternatives in the pop up menu. For every application group you can specify the spawning mode.
Default process means other application groups than these included in the list (e.g. application groups added in the future).
Note! By default, some groups have disabled the changing of spawning properties. You can permit it in the Execution Settings (on page ) but recommend keeping the default setting. Changes to the access rights can lead to potential problems with the applications you are restricting. An application will not run if it is too restricted!