|
Server : Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.6 System : Windows NT USER-PC 6.1 build 7601 (Windows 7 Professional Edition Service Pack 1) AMD64 User : User ( 0) PHP Version : 7.4.6 Disable Function : NONE Directory : C:/Windows/security/ApplicationId/PolicyManagement/ |
<?xml version="1.0"?>
<xs:schema attributeFormDefault="unqualified"
elementFormDefault="qualified"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.0">
<!-- -->
<!-- AppLockerPolicy-Type -->
<!-- -->
<xs:element name="AppLockerPolicy"
type="PolicyType">
<xs:unique name="UniqueRuleCollectionTypeConstraint">
<xs:selector xpath="RuleCollection"/>
<xs:field xpath="@Type"/>
</xs:unique>
<xs:unique name="UniqueRuleIdConstraint">
<xs:selector xpath="RuleCollection/*"/>
<xs:field xpath="@Id"/>
</xs:unique>
</xs:element>
<!-- -->
<!-- Policy-Type -->
<!-- -->
<xs:complexType name="PolicyType">
<xs:sequence>
<xs:element name="RuleCollection"
type="RuleCollectionType"
minOccurs="0"
maxOccurs="unbounded">
</xs:element>
</xs:sequence>
<xs:attribute name="Version"
type="PolicyVersionType"
use="required"/>
</xs:complexType>
<!-- -->
<!-- PolicyVersion-Type -->
<!-- -->
<xs:simpleType name="PolicyVersionType">
<xs:restriction base="xs:decimal">
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- RuleCollection-Type -->
<!-- -->
<xs:complexType name="RuleCollectionType">
<xs:sequence>
<xs:choice minOccurs="0"
maxOccurs="unbounded">
<xs:element name="FilePublisherRule"
type="FilePublisherRuleType"
minOccurs="0"
maxOccurs="unbounded">
</xs:element>
<xs:element name="FilePathRule"
type="FilePathRuleType"
minOccurs="0"
maxOccurs="unbounded">
</xs:element>
<xs:element name="FileHashRule"
type="FileHashRuleType"
minOccurs="0"
maxOccurs="unbounded">
</xs:element>
</xs:choice>
</xs:sequence>
<xs:attribute name="Type"
type="xs:string"
use="required"/>
<xs:attribute name="EnforcementMode"
type="EnforcementModeType"
use="optional"/>
</xs:complexType>
<!-- -->
<!-- EnforcementMode-Type -->
<!-- -->
<xs:simpleType name="EnforcementModeType">
<xs:restriction base="xs:string">
<xs:enumeration value="NotConfigured"/>
<xs:enumeration value="Enabled"/>
<xs:enumeration value="AuditOnly"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- FilePublisherRule-Type -->
<!-- -->
<xs:complexType name="FilePublisherRuleType">
<xs:all>
<xs:element name="Conditions"
type="FilePublisherRuleConditionsType"
minOccurs="1"
maxOccurs="1" />
<xs:element name="Exceptions"
type="FilePublisherRuleExceptionsType"
minOccurs="0"
maxOccurs="1" />
</xs:all>
<xs:attributeGroup ref="RuleAttributes"/>
</xs:complexType>
<!-- -->
<!-- FilePathRule-Type -->
<!-- -->
<xs:complexType name="FilePathRuleType">
<xs:all>
<xs:element name="Conditions"
type="FilePathRuleConditionsType"
minOccurs="1"
maxOccurs="1" />
<xs:element name="Exceptions"
type="FilePathRuleExceptionsType"
minOccurs="0"
maxOccurs="1" />
</xs:all>
<xs:attributeGroup ref="RuleAttributes"/>
</xs:complexType>
<!-- -->
<!-- FileHashRule-Type -->
<!-- -->
<xs:complexType name="FileHashRuleType">
<xs:all>
<xs:element name="Conditions"
type="FileHashRuleConditionsType"
minOccurs="1"
maxOccurs="1" />
</xs:all>
<xs:attributeGroup ref="RuleAttributes"/>
</xs:complexType>
<!-- -->
<!-- FilePublisherRuleConditions-Type -->
<!-- -->
<xs:complexType name="FilePublisherRuleConditionsType">
<xs:sequence>
<xs:element name="FilePublisherCondition"
type="FilePublisherConditionType"
minOccurs="1"
maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- FilePublisherRuleExceptions-Type -->
<!-- -->
<xs:complexType name="FilePublisherRuleExceptionsType">
<xs:sequence>
<xs:choice minOccurs="0"
maxOccurs="unbounded">
<xs:element name="FilePublisherCondition"
type="FilePublisherConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
<xs:element name="FilePathCondition"
type="FilePathConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
<xs:element name="FileHashCondition"
type="FileHashConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
</xs:choice>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- FilePathRuleConditions-Type -->
<!-- -->
<xs:complexType name="FilePathRuleConditionsType">
<xs:sequence>
<xs:element name="FilePathCondition"
type="FilePathConditionType"
minOccurs="1"
maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- FilePathRuleExceptions-Type -->
<!-- -->
<xs:complexType name="FilePathRuleExceptionsType">
<xs:sequence>
<xs:choice minOccurs="0"
maxOccurs="unbounded">
<xs:element name="FilePathCondition"
type="FilePathConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
<xs:element name="FilePublisherCondition"
type="FilePublisherConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
<xs:element name="FileHashCondition"
type="FileHashConditionType"
minOccurs="0"
maxOccurs="unbounded"/>
</xs:choice>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- FileHashRuleConditions-Type -->
<!-- -->
<xs:complexType name="FileHashRuleConditionsType">
<xs:sequence>
<xs:element name="FileHashCondition"
type="FileHashConditionType"
minOccurs="1"
maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- Rule-Attributes -->
<!-- -->
<xs:attributeGroup name="RuleAttributes">
<xs:attribute name="Id"
type="GuidType"
use="required"/>
<xs:attribute name="Name"
type="RuleNameType"
use="required"/>
<xs:attribute name="Description"
type="RuleDescriptionType"
use="required"/>
<xs:attribute name="UserOrGroupSid"
type="SidType"
use="required"/>
<xs:attribute name="Action"
type="RuleActionType"
use="required"/>
</xs:attributeGroup>
<!-- -->
<!-- RuleName-Type -->
<!-- -->
<xs:simpleType name="RuleNameType">
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="1024"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- RuleDescription-Type -->
<!-- -->
<xs:simpleType name="RuleDescriptionType">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
<xs:maxLength value="1024"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- RuleAction-Type -->
<!-- -->
<xs:simpleType name="RuleActionType">
<xs:restriction base="xs:string">
<xs:enumeration value="Allow"/>
<xs:enumeration value="Deny"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- FilePublisherCondition-Type -->
<!-- -->
<xs:complexType name="FilePublisherConditionType">
<xs:all>
<xs:element name="BinaryVersionRange"
type="FileVersionRangeType"
minOccurs="1"
maxOccurs="1" />
</xs:all>
<xs:attribute name="PublisherName"
type="PublisherNameType"
use="required"/>
<xs:attribute name="ProductName"
type="ProductNameType"
use="required"/>
<xs:attribute name="BinaryName"
type="BinaryNameType"
use="required"/>
</xs:complexType>
<!-- -->
<!-- PublisherName-Type -->
<!-- -->
<xs:simpleType name="PublisherNameType">
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- ProductName-Type -->
<!-- -->
<xs:simpleType name="ProductNameType">
<xs:restriction base="xs:string">
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- BinaryName-Type -->
<!-- -->
<xs:simpleType name="BinaryNameType">
<xs:restriction base="xs:string">
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- FileVersionRange-Type -->
<!-- -->
<xs:complexType name="FileVersionRangeType">
<xs:attribute name="LowSection"
type="FileVersionType"
use="required"/>
<xs:attribute name="HighSection"
type="FileVersionType"
use="required"/>
</xs:complexType>
<!-- -->
<!-- FileVersion-Type -->
<!-- -->
<xs:simpleType name="FileVersionType">
<xs:union memberTypes="SpecificFileVersionType AnyFileVersionType"/>
</xs:simpleType>
<!-- -->
<!-- SpecificFileVersion-Type -->
<!-- -->
<xs:simpleType name="SpecificFileVersionType">
<xs:restriction base="xs:string">
<xs:pattern value="([0-9]{1,5}.){3}[0-9]{1,5}"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- AnyFileVersion-Type -->
<!-- -->
<xs:simpleType name="AnyFileVersionType">
<xs:restriction base="xs:string">
<xs:enumeration value="*"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- FilePathCondition-Type -->
<!-- -->
<xs:complexType name="FilePathConditionType">
<xs:attribute name="Path"
type="FilePathType"
use="required"/>
</xs:complexType>
<!-- -->
<!-- FilePath-Type -->
<!-- -->
<xs:simpleType name="FilePathType">
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="32767"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- FileHashCondition-Type -->
<!-- -->
<xs:complexType name="FileHashConditionType">
<xs:sequence>
<xs:element name="FileHash"
type="FileHashType"
minOccurs="1"
maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<!-- -->
<!-- FileHash-Type -->
<!-- -->
<xs:complexType name="FileHashType">
<xs:attribute name="Type"
type="HashType"
use="required"/>
<xs:attribute name="Data"
type="HashDataType"
use="required"/>
<xs:attribute name="SourceFileName"
type="xs:string"
use="optional"/>
<xs:attribute name="SourceFileLength"
type="xs:integer"
use="optional"/>
</xs:complexType>
<!-- -->
<!-- Hash-Type -->
<!-- -->
<xs:simpleType name="HashType">
<xs:restriction base="xs:string">
<xs:enumeration value="SHA256"/>
<xs:enumeration value="SHA256Flat"/>
<xs:enumeration value="SHA1"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- HashData-Type -->
<!-- -->
<xs:simpleType name="HashDataType">
<xs:union memberTypes="SHA256HashDataType SHA256FlatHashDataType SHA1HashDataType"/>
</xs:simpleType>
<xs:simpleType name="SHA256HashDataType">
<xs:restriction base="xs:string">
<xs:pattern value="0x([0-9A-Fa-f]{64})"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="SHA256FlatHashDataType">
<xs:restriction base="xs:string">
<xs:pattern value="0x([0-9A-Fa-f]{64})"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="SHA1HashDataType">
<xs:restriction base="xs:string">
<xs:pattern value="0x([0-9A-Fa-f]{40})"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- Generic Types... -->
<!-- -->
<!-- -->
<!-- Boolean-Type -->
<!-- -->
<xs:simpleType name="BooleanType">
<xs:restriction base="xs:string">
<xs:enumeration value="True"/>
<xs:enumeration value="False"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- Guid-Type -->
<!-- -->
<xs:simpleType name="GuidType">
<xs:restriction base="xs:string">
<xs:pattern value="[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}"/>
</xs:restriction>
</xs:simpleType>
<!-- -->
<!-- Sid-Type -->
<!-- -->
<xs:simpleType name="SidType">
<xs:restriction base="xs:string">
<xs:minLength value="7"/>
<xs:pattern value="S-1(-[0-9a-fA-F]+)+"/>
</xs:restriction>
</xs:simpleType>
</xs:schema>