Binary file on windows follow PE32 or PE64 format. MAC identifies a file to be a PE32 or PE64 by reading the file header. User does not require to configure a PE32 or PE64 file as supported as MAC identifies it by reading the file header.
Scripts do not execute on their own. Scripts are the files which are run by interpreters which interprets and execute the command/functions written in a script. MAC has a default set of scripts that are protected. User can view the scripts protected by default under 'sadmin scripts list' command.
By default MAC supports and protects the following binaries and scripts:
Binary: Portable executable 32-bit and 64-bit
Scripts: bat, cmd, pif, sys, psm1. ps1, vbe, vbs, exe, wsh, wsf, and 16bit binaries
How can I configure a file or extension of my choice to be supported and whitelisted by MAC?
If the file to be configured is a PE32 or PE64, there is no need for an explicit configuration as MAC will identify the file type and protect it.
If the file to be configured is not PE32 or PE64, 'sadmin scripts' command allows the user configure the file as supported based on file extension; 'sadmin scripts add '.
e.g: Following command can be used to configure text files to be solidified and protected under default configuration:
sadmin scripts add .txt notepad.exe
sadmin scripts add .txt notepad.exe wordpad.exe textpad.exe
where .txt is the extension for text files and notepad, wordpad, textpad are the interpreters for text files.
Thank you Rakesh
I had one other question. I discovered the sadmin scripts command by doing some Google'ing because we wanted it to protect jarfiles. However, if you do sadmin help-advanced or sadmin help, the scripts command does not come up which makes my organization nervous about using it. Is this an officially supported part of Solidifier?
I think I found the answer. The v.6.1.0 Product guide discusses the 'sadmin scripts' command on pp. 45.
Great response, but going a step further is there anyway to prevent a file extension from being identified as a PE32-dll file and automatically added to the whitelist during solidification? We have a custom file type (.bcx extension) we don't want to be whitelisted as it cannot be executed by any means. We have a need to regularly update these file remotely so there isn't a process/program that we can set as an updater in this case. We also don't want to relax our policy and allocate trusted users as this has with it inherit risks.
Appreciate any insight you might be able to provide.