Application startup may be initiated either by the user or by another running application. When application startup is initiated by another application, a startup sequence is created, which consists of parent and child processes.
When an application attempts to obtain access to a protected resource, the Host Intrusion Prevention analyzes all parent processes of the application to determine whether these processes have rights to access the protected resource. The minimum priority rights are then applied: when comparing the access rights of the application to those of the parent process, the access rights with a minimum priority are applied to the application's activity.
The priority of access rights is as follows:
This mechanism prevents a non-trusted application or an application with restricted rights from using a trusted application to perform actions that require certain privileges.
If the activity of an application is blocked due to the lack of rights that are granted to a parent process, you can edit these rights or disable the inheritance of restrictions from the parent process.
To disable the inheritance of restrictions from the parent process:
This opens the Application rights tab in the Host Intrusion Prevention window.
The Application rights window opens.