开发者

Security warning when opening file from network share

开发者 https://www.devze.com 2022-12-27 02:03 出处:网络
I\'ve created a setup executable which I have signed. It\'s located on a network share (which I access using unc - \\server\\share\\setup.exe).

I've created a setup executable which I have signed. It's located on a network share (which I access using unc - \server\share\setup.exe).

When I double click the executable file, I get a Windows warning saying:

Title: Open File -> Security Warning
Do you want to run this file?
Name: setup.exe
Publisher: My Company
Type: Application
From: \\Path\to\setup\folder

Then there's a yellow shield with the text "While files from the Internet can be useful, th开发者_Python百科is file type can potentially harm your computer. only run software from publihers you trust." next to it.

I'm guessing I could configure Windows to trust software from my company. I also think that it's possible to disable specific security checks to get rid of the warning. Or I could tell Windows to consider UNC-paths local.

Is there some other method to disable the warning? I don't want my customers to see this warning when they install the software from their network share. And I don't want to tell these customers to disable certain security checks.


In Internet Explorer:

  1. Tools menu → Internet OptionsSecurity tab
  2. Click Local Intranet icon to select it
  3. Click Sites
  4. Check Automatically detect intranet network
  5. Click Advanced
  6. In the Add this website to the zone: text box type file://computername or IP (in your case file://path).
  7. Click Add
  8. Click Close, OK, and OK again to exit Internet Options.

Alternatively, you may uncheck the Automatically detect intranet network, and check the other three check boxes. This saves you from having to enter each machine name manually, but allowing all network paths is probably not secure.

See also


Another possibility specially for remote desktop services is to use group policies.

1.) Open the group policy editor on your domain controller

2.) Create a group policy object (e.g. deactivate file security on network share).

3.) Edit this new object

4.) Under User ConfigurationAdministrative TemplatesWindows ComponentsInternet ExplorerInternet Control PanelSecurity Page edit Site to Zone Assignment List

5.) Select Activate and click Show

6.) Add your network share path under valuename and set value to 1. 1 means local intranet.

7.) I think it is also a good idea to enable Intranet Sites: Include all local (intranet) sites not listed in other zones and Intranet Sites: Include all network paths (UNCs)

8.) Then close the object and link it to some user OU for which you want to apply these settings.

9.) Activate your new linked object.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号