cancel
Showing results for 
Search instead for 
Did you mean: 
sagarmc004
Level 7

File extensions under whitelist

Jump to solution

I want to know which are the file extensions that are whitelisted by Solidcore.

For example:  *.dll, *.exe, *.bat, *.vbs, *.ps1, *.com

Please let me know if you guys have this list.

0 Kudos
1 Solution

Accepted Solutions
vyasra
Level 9

Re: File extensions under whitelist

Jump to solution

Binary file on windows follow PE32 or PE64 format. MAC identifies a file to be a PE32 or PE64 by reading the file header. User does not require to configure a PE32 or PE64 file as supported as MAC identifies it by reading the file header.

Scripts do not execute on their own. Scripts are the files which are run by interpreters which interprets and execute the command/functions written in a script. MAC has a default set of scripts that are protected. User can view the scripts protected by default under 'sadmin scripts list' command.

By default MAC supports and protects the following binaries and scripts:

Binary: Portable executable 32-bit and 64-bit

Scripts: bat, cmd, pif, sys, psm1. ps1, vbe, vbs, exe, wsh, wsf, and 16bit binaries

How can I configure a file or extension of my choice to be supported and whitelisted by MAC?

If the file to be configured is a PE32 or PE64, there is no need for an explicit configuration as MAC will identify the file type and protect it.

If the file to be configured is not PE32 or PE64, 'sadmin scripts' command allows the user configure the file as supported based on file extension; 'sadmin scripts add '.

e.g: Following command can be used to configure text files to be solidified and protected under default configuration:

sadmin scripts add .txt notepad.exe

sadmin scripts add .txt notepad.exe wordpad.exe textpad.exe

where .txt is the extension for text files and notepad, wordpad, textpad are the interpreters for text files.

0 Kudos
5 Replies
vyasra
Level 9

Re: File extensions under whitelist

Jump to solution

Binary file on windows follow PE32 or PE64 format. MAC identifies a file to be a PE32 or PE64 by reading the file header. User does not require to configure a PE32 or PE64 file as supported as MAC identifies it by reading the file header.

Scripts do not execute on their own. Scripts are the files which are run by interpreters which interprets and execute the command/functions written in a script. MAC has a default set of scripts that are protected. User can view the scripts protected by default under 'sadmin scripts list' command.

By default MAC supports and protects the following binaries and scripts:

Binary: Portable executable 32-bit and 64-bit

Scripts: bat, cmd, pif, sys, psm1. ps1, vbe, vbs, exe, wsh, wsf, and 16bit binaries

How can I configure a file or extension of my choice to be supported and whitelisted by MAC?

If the file to be configured is a PE32 or PE64, there is no need for an explicit configuration as MAC will identify the file type and protect it.

If the file to be configured is not PE32 or PE64, 'sadmin scripts' command allows the user configure the file as supported based on file extension; 'sadmin scripts add '.

e.g: Following command can be used to configure text files to be solidified and protected under default configuration:

sadmin scripts add .txt notepad.exe

sadmin scripts add .txt notepad.exe wordpad.exe textpad.exe

where .txt is the extension for text files and notepad, wordpad, textpad are the interpreters for text files.

0 Kudos
sagarmc004
Level 7

Re: File extensions under whitelist

Jump to solution

Thank you Rakesh

0 Kudos
scarney
Level 9

Re: File extensions under whitelist

Jump to solution

I had one other question.  I discovered the sadmin scripts command by doing some Google'ing because we wanted it to protect jarfiles.  However, if you do sadmin help-advanced or sadmin help, the scripts command does not come up which makes my organization nervous about using it.  Is this an officially supported part of Solidifier?

--

Regards,

Sandra Carney

0 Kudos
scarney
Level 9

Re: File extensions under whitelist

Jump to solution

OK,

I think I found the answer.  The v.6.1.0 Product guide discusses the 'sadmin scripts' command on pp. 45.

0 Kudos
aus_mick
Level 10

Re: File extensions under whitelist

Jump to solution

Rakesh,

Great response, but going a step further is there anyway to prevent a file extension from being identified as a PE32-dll file and automatically added to the whitelist during solidification? We have a custom file type (.bcx extension) we don't want to be whitelisted as it cannot be executed by any means. We have a need to regularly update these file remotely so there isn't a process/program that we can set as an updater in this case. We also don't want to relax our policy and allocate trusted users as this has with it inherit risks.

Appreciate any insight you might be able to provide.

Regards,

Mick

0 Kudos