A feature in the SVS final release is the ability to configure SVS so certain applications running from the base cannot see virtualized applications. Jared Payne tells us how and when this is cool.
The final release of Software Virtualization Solution (SVS) includes a feature called Program Ignore. Program Ignore makes it possible for applications that are installed in the base to run and not see virtualized data. This feature is quite simple to use.
- Open regedit and go to HKLM\System\Altiris\FSL
- Create/Edit a new Multi-String Value named "ProgramIgnoreList"
- Enter the complete path for the executable that you want to ignore in "ProgramIgnoreList"
- Restart the computer (the ignore list is only read at system start up)
Antivirus software is one of the main reasons this feature was added. We recommend adding your antivirus scanner to ProgramIgnoreList. You only need to add the scanner executable to this list. It is important to note that SVS does not affect the run-time functionality of antivirus products. Files are scanned as they are opened and SVS does not interfere with this.
There are some other times when you might want an application to be ignored. One example could be an inventory program. If an inventory program sees a file twice (virtualized and unvirtualized), it may get counted twice. Whatever your reason for ignoring a program, this new SVS feature allows you to do it.
By the way, there are no security implications for ignoring an executable. The executable will not have any more access than it would if it could see virtual data.