Perhaps you want to restrict executions in a specific folder, called projectfolder in the example here, so that they are allowed only when Visual Studio is running. This can be done using a series of Custom rules to create, use, and remove that tag. Global tags essentially tag the entire environment on a computer indicating that anything happening on it matches the tag.
Perhaps you want to restrict executions in a specific folder, called projectfolder in the example here, so that they are allowed only when Visual Studio is running. This can be done using a series of Custom rules to create, use, and remove that tag. Global tags essentially tag the entire environment on a computer indicating that anything happening on it matches the tag.
If you create a suite of rules like this, be sure to name them in a way that makes their relationship clear, and consider providing more information about their interactions in the Description field for each one. You can also further refine the rules with the other standard options, such as specifying user and/or policy.
Create one Custom rule that applies a global tag when it detects Visual Studio running.
- Operations: Process Create
- Actions: Add Global Tags
- Tags to Add/Remove: VSwrite2projectfolder
- Target: devenv.exe
Create a second Custom rule that allows execution in a specific folder when the global tag is set.
For example:
- Operations: Execute
- Actions: Allow
- Global Tag(s): VSwrite2projectfolder
- Path or File: <ProgramData>\projectfolder\
Create a third Custom rule that removes the global tag when the Visual Studio process terminates.
- Operations: Process Terminate
- Actions: Remove Global Tags
- Tags to Add/Remove: VSwrite2projectfolder
- Target: devenv.exe
