Update child process behavior in elevation rules#5145
Conversation
Clarify behavior of child processes under elevation rules.
|
@mathiasborowicz : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change. |
|
Learn Build status updates of commit 1047c99: ✅ Validation status: passed
For more details, please refer to the build report. |
|
Pending PM comment. |
|
Could you review the proposed changes? IMPORTANT: When the changes are ready for publication, adding a #label:"aq-pr-triaged" |
There was a problem hiding this comment.
Pull request overview
Updates Endpoint Privilege Management (EPM) documentation to explicitly describe the Not configured option for child process behavior in elevation rules, aligning the docs with what the UI exposes.
Changes:
- Adds documentation for the Not configured child process behavior option.
- Clarifies that Not configured follows default Windows behavior and effectively matches Allow child processes to run elevated (including skipping child rule evaluation / deny rules).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| - **Not configured** - No child process behavior is specified and the elevated parent falls back to the default Windows behavior, where any child process launched by the elevated parent automatically runs elevated. Rule evaluation for the child process is skipped, including deny rules, which makes this behavior equivalent to Allow child processes to run elevated. |
Clarify behavior of child processes under elevation rules, since "Not configured" is available in the UI but not mentioned in the docs