Title
#windows
z

Zachary

08/12/2019, 7:39 PM
hello, trying to deploy osquery on windows. I have installed via Choco and when i am trying to test
running /path/to/osqueryd --flagfile /path/to/file
i get unsafe permissions for osqueryd...a way around this besides allow-unsafe?
Anadi

Anadi

08/13/2019, 4:06 AM
Yes, and you can also do something like this :
icacls "C:\ProgramData\osquery\bin" /deny "Everyone:(DE,WEA,DC,WA,AD,WD)" /grant "Everyone:(OI)(CI)RX"
icacls "C:\ProgramData\osquery\bin\osqueryd.exe" /deny "Everyone:(DE,WEA,DC,WA,AD,WD)" /grant "Everyone:(OI)(CI)RX"
z

Zachary

08/15/2019, 12:48 AM
amazing thank you!