Product, version and build: PrimalSQL 2024
Operating system: Windows 11 23H2 (build 22631.4317)
PowerShell version(s): 5.1.22621.4249
Issue Description:
While using PrimalSQL, I noticed that dynamic DLL files are being created in the %LOCALAPPDATA%\temp\{*}\ folder. This results in errors, such as:
Code Integrity determined that PrimalSQL.exe is trying to load In_Memory_PE_File, which failed the dynamic code trust verification.
DLL files created in the %LOCALAPPDATA%\temp\{*}\ folder do not meet enterprise signing level requirements, leading to blocked operations like creating a new database connection in PrimalSQL.
Despite adding specific DLLs and attempting folder path rules in WDAC, new unsigned DLLs continue to be created, preventing us from allowing access through WDAC without compromising security. We can only make PrimalSQL work with WDAC bij disabling "Dynamic Code Security".
This is not what we want for security reasons because we disble this for all Apps on the computer
(See attached "PrimalSQL_WDAC_Evntlog.txt" for eventlog errors)
Steps Taken:
Created WDAC policy for PrimalSQL (see attached "PrimalSQL2024_WDAC.xml").
Attempted to add specific DLLs to the policy.
Tried using folder path rules with wildcards.
Could you please provide guidance on how to resolve this issue? Specifically, is there a way to ensure the dynamic DLLs are signed with a common certificate, or is there an alternative approach to make PrimalSQL work seamlessly with WDAC?
Thank you for your assistance.
Operating system: Windows 11 23H2 (build 22631.4317)
PowerShell version(s): 5.1.22621.4249
Issue Description:
While using PrimalSQL, I noticed that dynamic DLL files are being created in the %LOCALAPPDATA%\temp\{*}\ folder. This results in errors, such as:
Code Integrity determined that PrimalSQL.exe is trying to load In_Memory_PE_File, which failed the dynamic code trust verification.
DLL files created in the %LOCALAPPDATA%\temp\{*}\ folder do not meet enterprise signing level requirements, leading to blocked operations like creating a new database connection in PrimalSQL.
Despite adding specific DLLs and attempting folder path rules in WDAC, new unsigned DLLs continue to be created, preventing us from allowing access through WDAC without compromising security. We can only make PrimalSQL work with WDAC bij disabling "Dynamic Code Security".
This is not what we want for security reasons because we disble this for all Apps on the computer
(See attached "PrimalSQL_WDAC_Evntlog.txt" for eventlog errors)
Steps Taken:
Created WDAC policy for PrimalSQL (see attached "PrimalSQL2024_WDAC.xml").
Attempted to add specific DLLs to the policy.
Tried using folder path rules with wildcards.
Could you please provide guidance on how to resolve this issue? Specifically, is there a way to ensure the dynamic DLLs are signed with a common certificate, or is there an alternative approach to make PrimalSQL work seamlessly with WDAC?
Thank you for your assistance.
Statistics: Posted by systeembeheer — Tue Oct 15, 2024 3:39 am