Locking the Startup folder
Normally, each user in Windows can change the contents of the Startup folder. The Startup folder items are executed when the user is logged in. A hacker can enter his code here, so that after each restart his code can run again and connect to the command and control centre. To prevent this, we will lock every user's Startup folder.
The full path of the Startup folder for a user is C:\Users\puppet1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup. This is also shown in the following screenshot:
The permission details are as described in the following screenshot. As we can see, the user has full control:
To change all the users' Startup folder permissions, we need to know the IDs of the users. As you will remember, we have already defined the users as a fact in Chapter 5, Puppet Facts, Functions, and Templates, in the Adding Windows users as custom facts section topic. In addition to this, we need to use the ACL module that we mentioned in Chapter...
