Forum Discussion
WDAC How to allow .tmp.node file by Electron app?
Hi all,
I'm facing an issue with .tmp.node file that executed by an application called Ledger Live and written by Electron.
This application generated a temporary file with random filename in user's Temp folder and then executed.
I tried to allow the application's folder (C:\Program Files\Ledger Live\*) and even whitelist *.tmp.node in the WDAC policy XML.
But the WDAC was still blocked this .temp.node file execute as the below screenshot.
Is there a way to allow it to run or skip the Enterprise signing level check?
Thanks.
- Hi,
By default if a folder area is user writable, WDAC will not apply any file name whitelists. If you want to disable this feature include 'Disable Runtime Filepath Rules' as enabled. From a security view enabling this isn't the best ideas as it allows none admin users to execute any code given that specific name. - I'm having the exact same problem but with a different application.
Whitelisting specific tmp.node files/folders seems impossible. To test I whitelisted an entire directory and redirected the tmp files to that folder, yet they are still blocked. The only possible solution I can think of is setting the application as a "Managed Installer" but that is a lot of effort for 1 application, and it's definitley not a recommended security best practice to have random applications set as a Managed Installer that can essentially do whatever it wants.
