Adding a Privileged Process
If WTP is enabled, the content in the protected directories is read-only. To allow certain processes to modify files in the directories, add them to the privileged process list.
Only the modification made by privileged processes can take effect. Modifications made by other processes will be automatically rolled back.
Exercise caution when adding privileged processes. Do not let untrustworthy processes access your protected directories.
Constraints
- Only the servers that are protected by the HSS WTP edition support the operations described in this section.
- Only x86 OSs with kernel 4.18 support this function.
- The privileged process takes effect only for Agent 3.2.4 or later.
- A maximum of 10 privileged processes can be added to each server.
- Only Linux is supported.
Prerequisites
The Protection Status of the server must be Protected. To view the status, choose Servers tab.
. Click theAdding a Privileged Process
- Log in to the management console.
- Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
- Choose Prevention > Web Tamper Protection, click Servers tab page and click Configure Protection in the Operation column.
- Click Privileged Process Settings and then Settings.
- On the Privileged Process Settings page, click Add Privileged Process.
- In the Add Privileged Process dialog box, enter the path of the privileged process.
The process file path must contain the process name and extension, for example, C:/Path/Software.type. If the process has no extension, ensure the process name is unique.
- Click OK.
Follow-Up Procedure
Modifying or deleting existing privileged processes
In the Operation column of a process file path, click Edit to modify the privileged processes or click Delete to delete it if it is unnecessary.
- After you edit or delete the process file path, the privileged process cannot modify the files in the protected directory. To avoid impact on services, exercise caution when performing these operations.
- Unnecessary privileged processes should be deleted in a timely manner as they may be exploited by attackers.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot