Restrict program execution by AppLocker in Windows 7
AppLocker is a new feature in Windows 7. AppLocker will allow you to restrict a program execution through Group Policy.
You can use AppLocker to block other users to access executables, Windows installers, scripts etc. AppLocker supports 3 different types of rules : Path rules, File hash rules, and publisher rules.
The path rule will allow you to restrict execution of programs to a certain directory. An example is, you can allow the users to launch applications only from Windows Program Files folder alone.
The next rule is the file hash rule. The hash rules use cryptographic hash to identify whether a program is legimate or not.
The publisher rule identifies an application based on digital signature.
All of the above three rules can be applied to executibles, scripts, installer files,system libraries etc.