Ok, i’m confused now about this feature. Some say it’s to get rid of elevation popup where CIS asks you if you want to Isolate such files or run unrestricted. But i never got a clear answer and i’d prefer to get one from develoeprs who are the only ones who know it 100%.
Detect installers and show privileged elevation alerts
Does disabling this option only mean that it will not show CIS elevated privilege popup for UAC triggering files or does this also mean that any unrecognized file inside a trusted installer (signed by a trusted company) won’t be automatically trusted anymore?
I don’t want popups for elevated rights from CIS but i want it to automatically trust all the files inside signed and trusted installers even if individual files within it aren’t whitelisted yet. Is this possible at the moment?
By the looks of it, if i disable this option i will also lose ability for CIS 6 to automatically trust non-whitelisted files inside otherwise trusted and signed installers…
It’s also very hard to test because you need a trusted signed installer that contains files that aren’t whitelisted.
Only this way i could test to be sure.
Correction. It seems that these two things are separated because i found it by pure chance on some other page…
It seems that setting in Behavior Blocker just displays additional elevation warning, because the setting to trust all files inside trusted installers can be found on File Rating → File Rating Settings page.
I can assume that these two settings are trully independent and the one in BB only provides as an additional warning with few more options on how to treat the installer) and the one in File Rating page to automatically trust any file inside trusted (from TVL) installer that may contain files that aren’t whitelisted yet.
Hope this info will help others to understand these settings further…