-
-
Save tyranid/78677500d580a0e53f43ca7bb04f103d to your computer and use it in GitHub Desktop.
Simple Default AppLocker Policy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <AppLockerPolicy Version="1"> | |
| <RuleCollection Type="Appx" EnforcementMode="Enabled"> | |
| <FilePublisherRule Id="a9e18c21-ff8f-43cf-b9fc-db40eed693ba" Name="(Default Rule) All signed packaged apps" Description="Allows members of the Everyone group to run packaged apps that are signed." UserOrGroupSid="S-1-1-0" Action="Allow"> | |
| <Conditions> | |
| <FilePublisherCondition PublisherName="*" ProductName="*" BinaryName="*"> | |
| <BinaryVersionRange LowSection="0.0.0.0" HighSection="*" /> | |
| </FilePublisherCondition> | |
| </Conditions> | |
| </FilePublisherRule> | |
| </RuleCollection> | |
| <RuleCollection Type="Dll" EnforcementMode="Enabled"> | |
| <FilePathRule Id="3737732c-99b7-41d4-9037-9cddfb0de0d0" Name="(Default Rule) All DLLs located in the Program Files folder" Description="Allows members of the Everyone group to load DLLs that are located in the Program Files folder." UserOrGroupSid="S-1-1-0" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="%PROGRAMFILES%\*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| <FilePathRule Id="bac4b0bf-6f1b-40e8-8627-8545fa89c8b6" Name="(Default Rule) Microsoft Windows DLLs" Description="Allows members of the Everyone group to load DLLs located in the Windows folder." UserOrGroupSid="S-1-1-0" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="%WINDIR%\*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| <FilePathRule Id="fe64f59f-6fca-45e5-a731-0f6715327c38" Name="(Default Rule) All DLLs" Description="Allows members of the local Administrators group to load all DLLs." UserOrGroupSid="S-1-5-32-544" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| </RuleCollection> | |
| <RuleCollection Type="Exe" EnforcementMode="Enabled"> | |
| <FilePathRule Id="921cc481-6e17-4653-8f75-050b80acca20" Name="(Default Rule) All files located in the Program Files folder" Description="Allows members of the Everyone group to run applications that are located in the Program Files folder." UserOrGroupSid="S-1-1-0" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="%PROGRAMFILES%\*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| <FilePathRule Id="a61c8b2c-a319-4cd0-9690-d2177cad7b51" Name="(Default Rule) All files located in the Windows folder" Description="Allows members of the Everyone group to run applications that are located in the Windows folder." UserOrGroupSid="S-1-1-0" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="%WINDIR%\*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| <FilePathRule Id="fd686d83-a829-4351-8ff4-27c7de5755d2" Name="(Default Rule) All files" Description="Allows members of the local Administrators group to run all applications." UserOrGroupSid="S-1-5-32-544" Action="Allow"> | |
| <Conditions> | |
| <FilePathCondition Path="*" /> | |
| </Conditions> | |
| </FilePathRule> | |
| </RuleCollection> | |
| <RuleCollection Type="Msi" EnforcementMode="NotConfigured" /> | |
| <RuleCollection Type="Script" EnforcementMode="NotConfigured" /> | |
| </AppLockerPolicy> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment