An immutable folder is a "vault" style folder that allows files to go in, but once in the folder, can not be modified or deleted. The core idea here is to create a safe place to store reference files, or versions of existing, working files, etc.
Rule name - Name of the rule
Immutable folder - This is the folder that will be made immutable.
There is not a lot to select, simply select the target folder (on a single folder is allowed), and that is pretty much it.
Command-line
Note - for details on these commands, see the command line documentation
The command-line version is very straight forward, select the target drive (in this case D)
select -v:d
Next start the rule set wizard
create -t:immutable_folder
Enter a name for the rule (and value surrounded by [ and ] are default values)
The name of this rule set [Immutable folder protection for D:]>
The folder you want to make immutable (with or without a drive letter, doesn't matter)
Folder (only a single folder) >D:\Development\Immutable
This is it, the new rule is created.
Advanced use
The default rule does not allow for any modifications to the protected files. However, you can add an additional rule to allow files under the immutable rule, to be modified by specific applications. To do this we simply add a new rule, before the immutable rule, that will allow our application.
First, let's work out where to add this new rule. Continuing on from the above steps, list all rules on drive D
select -v:d
Selected volume GUID is \\?\Volume{9950ef2a-295e-4e73-990d-4fbb94684163}\
Drive letter D:
Rule(s)
Rule # 0-------------------------------------
Index -> 0
Access -> Immutable folder protection for D:
Rule -> [L+R+W1]
Processes(s) -> [*]
Folder(s) -> [\development\immutable]
Id -> {7B39C62B-9E50-4C99-8F5C-C254066845FB}
---------------------------------------------
Rule # 1-------------------------------------
Index -> 999
Access -> Drive base protection rule
Rule -> [L+R+W+]
Processes(s) -> [*]
Folder(s) -> [*]
Id -> {AE04E15E-CE94-4A8F-844E-10B70D2F6600}
---------------------------------------------
We need to insert the new rule in front of rule # 0, so let's start by adding a new rule
add
First, you need to add the index. This needs to go in front of our rule # 0... which is easy, simply use the same index, in this case, 0.
The index, lower is first to run. Use 0 to auto assign this value to the front of the queue [0]>0
Next, is the name of the rule, enter whatever you like here
The name of the rule [New rule]>Immutable override
Here we need to determine access, we want full access
The rule access level, in format, L?R?W?, where ? is - for denied, + for access [L+R+W+]>L+R+W+
Now the important part, what application are we going to allow?
The process for this rule, use * for wildcard, or process1.exe, process2.exe (+ or - values to existing line, use "?" for more info) >C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
Enter the path, in the case, it needs to be the same as the existing rule
The folder(s) for this rule, use * for wildcard, or \folder1, \folder2 (+ or - values to existing line, use "?" for more info) >\development\immutable
Once saved, you should have
Selected volume GUID is \\?\Volume{9950ef2a-295e-4e73-990d-4fbb94684163}\
Drive letter D:
Rule(s)
Rule # 0-------------------------------------
Index -> 0
Access -> Immutable override
Rule -> [L+R+W+]
Processes(s) -> [C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE]
Folder(s) -> [\development\immutable]
Id -> {148C6695-4242-4370-B4A6-E79C3605C5BA}
---------------------------------------------
Rule # 1-------------------------------------
Index -> 1
Access -> Immutable folder protection for D:
Rule -> [L+R+W1]
Processes(s) -> [*]
Folder(s) -> [\development\immutable]
Id -> {7B39C62B-9E50-4C99-8F5C-C254066845FB}
---------------------------------------------
Rule # 2-------------------------------------
Index -> 999
Access -> Drive base protection rule
Rule -> [L+R+W+]
Processes(s) -> [*]
Folder(s) -> [*]
Id -> {AE04E15E-CE94-4A8F-844E-10B70D2F6600}
---------------------------------------------
Comments
0 comments
Please sign in to leave a comment.