Security

Top  Previous  Next

Creating a utility that launches local files or executables simply by performing a download in a browser runs the risk of misuse by bad internet citizens.  Pd' Programming has done our best to make this utility safe to install and use.  The following precautions have been taken:

 

When LocalFile is called with one or more paths to search, the cmLocalViewer checks its local settings to see if those paths have already been approved by the user.  If they have not been approved, the utility prompts the user to authorize access to those folders when running cmLocalViewer.  Once accepted, the user will not be prompted for access to that location again.
When LocalFile is called, it also includes one or more file masks. (or an individual file name)  The cmLocalViewer identifies the file extension requested and prompts the user to authorize access to that file type.  Again, if authorized, that file extension is recorded and the user will not be prompted for it in the future.
When LocalExe is called, it includes the name of a program to execute. (it does not contain a path) cmLocalViewer scans a list of authorized programs (with full paths) to see if any of them match this filename.exe.  If one is found, it is considered safe and is executed with the specified parameters.  If none is found, the user is prompted to locate the program.  That program, with full path, is then recorded as an authorized program to be executed by cmLocalViewer.

 

The lists of authorized paths, extensions and programs are stored in the Windows registry in the HKEY_CURRENT_USER section under SOFTWARE/PdMagic/cmLocalViewer.  Administrators may populate these settings by policy so that the end user need not be bothered.