I want all the files in a folder to be ALLOWED when SecureRun is used. What is the correct syntax?

If you want to allow all files in a folder to be permitted when SecureRun is used, do not use this syntax.

Least Privilege Policy Editor

The above syntax would be to match files in folders that match %localappdata%Slack*
So, for instance, %localappdata%Slack *SomeFolder* Slack.exe

Instead, if you want to allow all .exe files in the application folder, then should be using either

%localappdata%Slack (no wildcard/asterisk) + Folder type like what’s seen here…

Least Privilege Policy Editor Path Condition

Or
%localappdata%Slack* + File type

Least Privilege Policy Editor Path Condition

Back