Kaspersky Endpoint Security 10 for Windows

Disabling the inheritance of restrictions from the parent process

22 December 2022

ID 133779

Application startup may be initiated either by the user or by another running application. When application startup is initiated by another application, a startup sequence is created, which consists of parent and child processes.

When an application attempts to obtain access to a protected resource, Application Privilege Control analyzes all parent processes of the application to determine whether these processes have rights to access the protected resource. The minimum priority rule is then observed: when comparing the access rights of the application to those of the parent process, the access rights with a minimum priority are applied to the application's activity.

The priority of access rights is as follows:

  1. Allow This access right has the highest priority.
  2. Block This access right has the lowest priority.

This mechanism prevents a non-trusted application or an application with restricted rights from using a trusted application to perform actions that require certain privileges.

If the activity of an application is blocked due to the lack of rights that are granted to a parent process, you can edit these rights or disable the inheritance of restrictions from the parent process.

To disable the inheritance of restrictions from the parent process:

  1. Open the application settings window.
  2. In the left part of the window, in the Endpoint control section, select the Application Privilege Control subsection.

    In the right part of the window, the settings of the Application Privilege Control component are displayed.

  3. Click the Applications button.

    This opens the Application control rules tab in the Application Privilege Control window.

  4. Select the necessary application.
  5. From the context menu of the application, select Application rules.

    The Application control rules window opens.

  6. In the Application control rules window, select the Exclusions tab.
  7. Select the Do not inherit restrictions of the parent process (application) check box.
  8. Click OK.
  9. In the Applications window, click OK.
  10. To save changes, click the Save button.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.