Disclosure of Invention
In view of the above, the present invention has been developed to provide a method of application installation and a corresponding apparatus that overcome or at least partially address the above-mentioned problems.
According to an aspect of the present invention, there is provided a method of application installation, comprising: when a trigger instruction of an application installation event is monitored, acquiring configuration information of an application to be installed, wherein the configuration information comprises binding software information of the application to be installed; determining whether the application to be installed has bundled software according to the configuration information; if so, processing the installation package process of the application to be installed so as to prevent the installation of the binding software of the application to be installed in the process of running the installation package process of the application to be installed.
Optionally, the configuration information includes at least one of:
process identification of the binding software;
binding feature information of the software;
and (4) process identification of the main program of the binding software.
Optionally, processing the installation package process of the application to be installed includes: putting the installation package process of the application to be installed into a sandbox; and processing the installation package process of the application to be installed in the sandbox.
Optionally, processing the installation package process of the application to be installed in the sandbox includes: and disconnecting the network of the installation package process of the application to be installed in the sandbox, so that the bundled software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed.
Optionally, disconnecting, in the sandbox, a network of an installation package process of the application to be installed, including: and adopting a HOOK HOOK related function to prevent the installation package process of the application to be installed from creating a socket component.
Optionally, processing the installation package process of the application to be installed in the sandbox includes: acquiring starting information for starting the installation package program of the application to be installed; matching the starting information with the characteristic information of the binding software in the configuration information; and forbidding the process corresponding to the matched starting information.
Optionally, obtaining start information for starting the installation package program of the application to be installed includes: starting the installation package program of the application to be installed by adopting a HOOK starting process function; acquiring parameter information of the starting process function; matching the starting information with the characteristic information of the binding software in the configuration information, wherein the matching comprises the following steps: and matching the parameter information of the starting process function with the characteristic information of the binding software in the configuration information.
Optionally, the application to be installed is an application to be installed for performing application upgrade, and the application to be installed has created a file of a specified type in a specified directory, and the method further includes: when the behavior that the installation package process or the subprocess of the installation package process of the application to be installed creates files in the specified directory is monitored, judging whether the files created in the specified directory are files of specified types or not; if yes, judging whether the created file exists in the specified directory before the action of creating the file occurs; if not, the created file is redirected to a temporary folder.
Optionally, after the installation of the application to be installed is completed, the method further includes: and closing the installation package process of the application to be installed and the sub-process of the installation package process, and deleting the temporary folder.
According to another aspect of the present invention, there is also provided an apparatus for application installation, including:
the system comprises an acquisition module, a processing module and a display module, wherein the acquisition module is suitable for acquiring configuration information of an application to be installed when a trigger instruction of an application installation event is monitored, and the configuration information comprises binding software information of the application to be installed;
the determining module is suitable for determining whether the application to be installed has bundled software according to the configuration information;
the processing module is suitable for processing the installation package process of the application to be installed so as to prevent the installation of the binding software of the application to be installed in the process of running the installation package process of the application to be installed.
Optionally, the configuration information includes at least one of:
process identification of the binding software;
binding feature information of the software;
and (4) process identification of the main program of the binding software.
Optionally, the processing module is further adapted to: putting the installation package process of the application to be installed into a sandbox; and processing the installation package process of the application to be installed in the sandbox.
Optionally, the processing module is further adapted to: and disconnecting the network of the installation package process of the application to be installed in the sandbox, so that the bundled software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed.
Optionally, the processing module is further adapted to: and adopting a HOOK HOOK related function to prevent the installation package process of the application to be installed from creating a socket component.
Optionally, the processing module is further adapted to: acquiring starting information for starting the installation package program of the application to be installed; matching the starting information with the characteristic information of the binding software in the configuration information; and forbidding the process corresponding to the matched starting information.
Optionally, the processing module is further adapted to: starting the installation package program of the application to be installed by adopting a HOOK starting process function; acquiring parameter information of the starting process function; and matching the parameter information of the starting process function with the characteristic information of the binding software in the configuration information.
Optionally, the application to be installed is an application to be installed for performing application upgrade, and the application to be installed has created a file of a specified type in a specified directory, and further includes a determining module adapted to: when the behavior that the installation package process or the subprocess of the installation package process of the application to be installed creates files in the specified directory is monitored, judging whether the files created in the specified directory are files of specified types or not; if yes, judging whether the created file exists in the specified directory before the action of creating the file occurs; if not, the created file is redirected to a temporary folder.
Optionally, after the application to be installed is installed, the method further includes a deleting module adapted to: and closing the installation package process of the application to be installed and the sub-process of the installation package process, and deleting the temporary folder.
According to the technical scheme of the invention, when the trigger instruction of the application installation event is monitored, the configuration information of the application to be installed is obtained, and whether the application to be installed has the binding software is determined according to the configuration information. And if the application to be installed has the binding software, processing the installation package process of the application to be installed, so that the installation of the binding software of the application to be installed is prevented in the process of running the installation package process of the application to be installed. Therefore, the invention solves the problem that the bundled software is installed after the application is installed or upgraded and installed in the related art. The binding software is useless or malicious software, occupies resources, causes the system to be slow in operation and has potential safety hazard.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
The above and other objects, advantages and features of the present invention will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In order to solve the above technical problem, an embodiment of the present invention provides a method for installing an application, and fig. 1 shows a flowchart of the method for installing an application according to an embodiment of the present invention. As shown in fig. 1, the method includes at least the following steps S102 to S106.
Step S102, when a trigger instruction of an application installation event is monitored, acquiring configuration information of an application to be installed, wherein the configuration information comprises binding software information of the application to be installed.
Step S104, determining whether the application to be installed has binding software according to the configuration information, if so, continuing to execute step S106; otherwise, the process is ended.
And S106, processing the installation package process of the application to be installed so as to prevent the installation of the binding software of the application to be installed in the process of running the installation package process of the application to be installed.
According to the technical scheme of the invention, when the trigger instruction of the application installation event is monitored, the configuration information of the application to be installed is obtained, and whether the application to be installed has the binding software is determined according to the configuration information. And if the application to be installed has the binding software, processing the installation package process of the application to be installed, so that the installation of the binding software of the application to be installed is prevented in the process of running the installation package process of the application to be installed. Therefore, the invention solves the problem that the bundled software is installed after the application is installed or upgraded and installed in the related art. The binding software is useless or malicious software, occupies resources, causes the system to be slow in operation and has potential safety hazard.
The application installation event mentioned in step S102 may be that the application is installed on the terminal (computer, mobile phone, etc.) for the first time, that the application is installed when the application is upgraded on the terminal, that the application is reinstalled after the application is uninstalled on the terminal, or the like. In addition, the configuration information mentioned in step S102 may include bundled software information of the application to be installed, and may also include information configured in advance to indicate whether the application to be installed has bundled software, and the like. The binding software information here may be process identification of the binding software, characteristic information of the binding software, or process identification of a main program of the binding software, and the like, wherein the characteristic information of the binding software may include a process path of the binding software, a process regular expression of the binding software, and the like. At this time, step S104 determines whether the application to be installed has bundled software according to the configuration information, for example, if the bundled software information of the application to be installed in the configuration information is not empty, it is determined that the application to be installed has bundled software; and if the binding software information of the application to be installed in the configuration information is null, determining that the application to be installed has no binding software. For another example, if the information preconfigured in the configuration information is that the application to be installed has bundled software, determining that the application to be installed has bundled software; and if the information pre-configured in the configuration information is the unbundling software of the application to be installed, determining that the application to be installed is unbundling software. It should be noted that, those skilled in the art may derive other configuration information for determining whether the application to be installed has bundled software according to the above configuration information, and all of them should fall into the protection scope of the present invention.
After determining that the application to be installed has bundled software according to the configuration information in step S104, further processing the installation package process of the application to be installed in step S106, which can be implemented by adopting the following technical means: namely, the installation package process of the application to be installed is put into a sandbox, and then the installation package process of the application to be installed is processed in the sandbox. The sandbox is an execution environment for limiting program behaviors according to a security policy, and the sandbox directs files generated and modified by a program to a self folder through a redirection technology. Of course, these changes to the data, including the registry and some system's core data, protect the underlying data by loading its own driver, belong to driver level protection.
Further, the installation package process of the application to be installed is processed in the sandbox, and a filter specification and the like for disconnecting the installation package network of the application to be installed or configuring the installation package starting process of the application to be installed may be configured in the sandbox, which will be described in detail below.
The first mode is to configure a mode of disconnecting the installation package network of the application to be installed in the sandbox.
In the first mode, the network of the installation package process of the application to be installed can be disconnected in the sandbox, so that the bundled software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed. Here, a HOOK related function may be employed to prevent the installation package process of the application to be installed from creating a socket component to disconnect the network of the installation package process of the application to be installed. In this way, the downloading of the installation package of the bundled software over the network, and the act of installing the bundled software, can be prevented.
And a second mode is that a mode of starting information filtering specification started by an installation package program of the application to be installed is configured in the sandbox.
In the second mode, the starting information of the starting of the installation package program of the application to be installed can be acquired, and then the starting information is matched with the characteristic information of the binding software in the configuration information, so that the process corresponding to the matched starting information is forbidden. Further, a process function may be started by using a HOOK, for example, a CreateProcess function, to start an installation package program of an application to be installed, and parameter information of the process function is acquired, and the parameter information of the process function is matched with the feature information of the binding software in the configuration information, so as to prohibit a process corresponding to the matched parameter information.
In addition, the invention can also prevent the icons of the advertisements or other applications from being newly added in the directories such as the desktop, the start menu, the quick start and the like, thereby solving the problems that in the related technology, after the application is installed or the application is upgraded, the icons of the advertisements or other applications are newly added on the desktop, the position resources of the desktop are occupied, and the user experience is influenced. The technical means adopted by the invention will now be described in detail: firstly, the application to be installed is the application to be installed for upgrading the application, and the application to be installed already creates a file (such as an lnk shortcut) of a specified type in a specified directory (such as a desktop, a start menu, a quick start and the like). A DLL (dynamic link Library) may be injected into the installation package process or a driver is added, so as to monitor a behavior of the installation package process or a sub-process of the installation package process of the application to be installed, when it is monitored that the installation package process or the sub-process of the installation package process of the application to be installed creates a file in the specified directory, determine whether the file created in the specified directory is a file of a specified type, and if the file created in the specified directory is a file of a specified type, further determine whether the created file already exists in the specified directory before the occurrence of the behavior of creating the file. If the created file exists in the specified directory before the action of creating the file occurs, and the created file is considered to be a file of a specified type of the application to be installed at the moment, the action is passed. If the created file does not exist in the specified directory before the action of creating the file occurs, and the created file is considered as a specified type of file (such as lnk shortcut) of a newly added advertisement or other application, redirecting the created file to a temporary folder. Further, after the application to be installed is installed, the installation package process of the application to be installed and the sub-process of the installation package process are closed, and the temporary folder is deleted.
In addition, after the application to be installed is installed, the user can be prompted in the form of a popup window or the like to stop bundled software in the whole installation process, stop newly adding an advertisement or an icon of other applications, and the like.
In the above, various implementation manners of each link in the embodiment shown in fig. 1 are introduced, and the method for application installation provided by the embodiment of the present invention is further described by using a specific preferred embodiment.
Example two
FIG. 3 illustrates a flow diagram of a method for application installation based on a filter specification of start-up information of an installation package program launch of an application to be installed, according to one embodiment of the invention. The embodiment can prevent the behavior of installing bundled software in the process of running the installation package of the application to be installed. As shown in fig. 3, the method includes the following steps S302 to S312.
Step S302, when a trigger instruction of an application installation event is monitored, acquiring configuration information of an application to be installed, wherein the configuration information comprises binding software information of the application to be installed.
Step S304, determining whether the application to be installed has binding software according to the configuration information, if so, continuing to execute step S306; otherwise, the process is ended.
And S306, putting the installation package process of the application to be installed into a sandbox.
And step S308, acquiring starting information for starting the installation package program of the application to be installed.
And step S310, matching the starting information with the characteristic information of the binding software in the configuration information.
And step S312, forbidding the process corresponding to the matched starting information.
In this step, the HOOK startup process function may be used to start the installation package program of the application to be installed, and obtain the parameter information of the startup process function, match the parameter information of the startup process function with the feature information of the binding software in the configuration information, and then prohibit the process corresponding to the matched parameter information.
Further, if the application to be installed is the application to be installed for performing application upgrade, and the application to be installed has created a file of a specified type in a specified directory (such as a desktop, a start menu, a quick start, and the like), the DLL may be injected into the installation package process or a driver may be added to monitor the behavior of the installation package process or a sub-process of the installation package process of the application to be installed, so as to prevent an advertisement or an icon of another application from being newly added in the directories such as the desktop, the start menu, the quick start, and the like.
In addition, after the application to be installed is installed, the user can be prompted in the form of a popup window or the like to stop bundled software in the whole installation process, and to stop adding an advertisement or an icon of other application. Fig. 4 is an effect diagram of prompting a user in a pop-up window form after the application a to be installed is installed, that is, the installation of the bundled software (application B) and the newly added desktop icon application B are intercepted. Further, as shown in fig. 5, 51 is a schematic diagram of a desktop that does not adopt the application installation method of the present invention, and after the installation of the installation application a is completed, an icon application B is newly added to the desktop; 52 is a desktop schematic diagram of the application installation method of the present invention, after the installation of the application a is completed, the newly added icon application B is intercepted (the icon file of the application B is redirected to the temporary folder, and the temporary folder is deleted after the installation of the application to be installed is completed), so the icon application B is not newly added on the desktop, thereby saving the position resource of the desktop and eliminating the potential safety hazard.
It should be noted that, in practical applications, all the above optional embodiments may be combined in a combined manner at will to form an optional embodiment of the present invention, and details are not described here any more.
Based on the same inventive concept, the embodiment of the invention also provides an application installation device so as to realize the application installation method.
Fig. 6 shows a schematic structural diagram of an application-installed device according to an embodiment of the present invention. Referring to fig. 6, the apparatus includes at least: an acquisition module 610, a determination module 620, and a processing module 630.
The functions of the components or devices of the application-mounted apparatus and the connection relationships between the components of the apparatus according to the embodiment of the present invention will now be described:
the obtaining module 610 is adapted to obtain configuration information of an application to be installed when a trigger instruction of an application installation event is monitored, where the configuration information includes binding software information of the application to be installed;
a determining module 620, coupled to the obtaining module 610, adapted to determine whether the application to be installed has bundled software according to the configuration information;
the processing module 630, coupled to the determining module 620, is adapted to process the installation package process of the application to be installed, so as to prevent installation of the bundled software of the application to be installed during running the installation package process of the application to be installed.
In one embodiment, the configuration information includes at least one of:
process identification of the binding software;
binding feature information of the software;
and (4) process identification of the main program of the binding software.
In one embodiment, the processing module 630 may be further adapted to: putting an installation package process of an application to be installed into a sandbox; and processing the installation package process of the application to be installed in the sandbox.
In one embodiment, the processing module 630 may be further adapted to: and interrupting the network of the installation package process of the application to be installed in the sandbox, so that the binding software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed.
In one embodiment, the processing module 630 may be further adapted to: and adopting a HOOK HOOK related function to prevent the installation package process of the application to be installed from creating a socket component.
In one embodiment, the processing module 630 may be further adapted to: acquiring starting information for starting an installation package program of an application to be installed; matching the starting information with the characteristic information of the binding software in the configuration information; and forbidding the process corresponding to the matched starting information.
In one embodiment, the processing module 630 may be further adapted to: starting an installation package program of the application to be installed by adopting a HOOK starting process function; acquiring parameter information of a starting process function; and matching the parameter information of the starting process function with the characteristic information of the binding software in the configuration information.
In an embodiment, the to-be-installed application is an application to be installed for performing application upgrade, and the to-be-installed application has created a file of a specified type in a specified directory, and the apparatus shown in fig. 6 may further include a determining module 640, coupled to the processing module 630, and adapted to: when the behavior that the installation package process or the subprocess of the installation package process of the application to be installed creates files in the specified directory is monitored, judging whether the files created in the specified directory are files of the specified type or not; if yes, judging whether the created file exists in the appointed directory before the action of creating the file occurs; and if not, redirecting the created file to a temporary folder.
In one embodiment, after the installation of the application to be installed is completed, the apparatus illustrated in fig. 6 may further include a deletion module 650, coupled to the determination module 640, and adapted to: and closing the installation package process of the application to be installed and the sub-process of the installation package process, and deleting the temporary folder.
According to any one or a combination of the above preferred embodiments, the following advantages can be achieved by the embodiments of the present invention:
according to the technical scheme of the invention, when the trigger instruction of the application installation event is monitored, the configuration information of the application to be installed is obtained, and whether the application to be installed has the binding software is determined according to the configuration information. And if the application to be installed has the binding software, processing the installation package process of the application to be installed, so that the installation of the binding software of the application to be installed is prevented in the process of running the installation package process of the application to be installed. Therefore, the invention solves the problem that the bundled software is installed after the application is installed or upgraded and installed in the related art. The binding software is useless or malicious software, occupies resources, causes the system to be slow in operation and has potential safety hazard.
Furthermore, the invention can prevent the icons of advertisements or other applications from being newly added in the directories such as the desktop, the start menu, the quick start and the like, thereby saving the position resources of the desktop and improving the user experience.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in an application-installed apparatus according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
Thus, it should be appreciated by those skilled in the art that while a number of exemplary embodiments of the invention have been illustrated and described in detail herein, many other variations or modifications consistent with the principles of the invention may be directly determined or derived from the disclosure of the present invention without departing from the spirit and scope of the invention. Accordingly, the scope of the invention should be understood and interpreted to cover all such other variations or modifications.
The invention also provides A1, a method for installing the application, comprising the following steps:
when a trigger instruction of an application installation event is monitored, acquiring configuration information of an application to be installed, wherein the configuration information comprises binding software information of the application to be installed;
determining whether the application to be installed has bundled software according to the configuration information;
if so, processing the installation package process of the application to be installed so as to prevent the installation of the binding software of the application to be installed in the process of running the installation package process of the application to be installed.
A2, the method of A1, wherein the configuration information includes at least one of:
process identification of the binding software;
binding feature information of the software;
and (4) process identification of the main program of the binding software.
A3, the method according to A1 or A2, wherein the processing of the installation package process of the application to be installed includes:
putting the installation package process of the application to be installed into a sandbox;
and processing the installation package process of the application to be installed in the sandbox.
A4, the method according to A3, wherein the processing of the installation package process of the application to be installed in the sandbox includes:
and disconnecting the network of the installation package process of the application to be installed in the sandbox, so that the bundled software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed.
A5, the method according to A4, wherein the disconnecting the network of the installation package process of the application to be installed in the sandbox comprises:
and adopting a HOOK HOOK related function to prevent the installation package process of the application to be installed from creating a socket component.
A6, the method according to A3, wherein the processing of the installation package process of the application to be installed in the sandbox includes:
acquiring starting information for starting the installation package program of the application to be installed;
matching the starting information with the characteristic information of the binding software in the configuration information;
and forbidding the process corresponding to the matched starting information.
A7, the method according to A6, wherein,
acquiring starting information of the starting of the installation package program of the application to be installed, wherein the starting information comprises the following steps:
starting the installation package program of the application to be installed by adopting a HOOK starting process function;
acquiring parameter information of the starting process function;
matching the starting information with the characteristic information of the binding software in the configuration information, wherein the matching comprises the following steps:
and matching the parameter information of the starting process function with the characteristic information of the binding software in the configuration information.
A8, the method according to any one of A1 to A7, wherein the application to be installed is an application to be installed for application upgrade, and the application to be installed has created files of a specified type in a specified directory, further comprising:
when the behavior that the installation package process or the subprocess of the installation package process of the application to be installed creates files in the specified directory is monitored, judging whether the files created in the specified directory are files of specified types or not;
if yes, judging whether the created file exists in the specified directory before the action of creating the file occurs;
if not, the created file is redirected to a temporary folder.
A9, the method according to A8, wherein after the installation of the application to be installed is completed, the method further comprises:
and closing the installation package process of the application to be installed and the sub-process of the installation package process, and deleting the temporary folder.
B10, an apparatus for application installation, comprising:
the system comprises an acquisition module, a processing module and a display module, wherein the acquisition module is suitable for acquiring configuration information of an application to be installed when a trigger instruction of an application installation event is monitored, and the configuration information comprises binding software information of the application to be installed;
the determining module is suitable for determining whether the application to be installed has bundled software according to the configuration information;
the processing module is suitable for processing the installation package process of the application to be installed so as to prevent the installation of the binding software of the application to be installed in the process of running the installation package process of the application to be installed.
B11, the apparatus of B10, wherein the configuration information includes at least one of:
process identification of the binding software;
binding feature information of the software;
and (4) process identification of the main program of the binding software.
B12, the apparatus according to B10 or B11, wherein the processing module is further adapted to:
putting the installation package process of the application to be installed into a sandbox;
and processing the installation package process of the application to be installed in the sandbox.
B13, the apparatus according to B12, wherein the processing module is further adapted to:
and disconnecting the network of the installation package process of the application to be installed in the sandbox, so that the bundled software of the application to be installed cannot be downloaded in the process of running the installation package process of the application to be installed.
B14, the apparatus according to B13, wherein the processing module is further adapted to:
and adopting a HOOK HOOK related function to prevent the installation package process of the application to be installed from creating a socket component.
B15, the apparatus according to B12, wherein the processing module is further adapted to:
acquiring starting information for starting the installation package program of the application to be installed;
matching the starting information with the characteristic information of the binding software in the configuration information;
and forbidding the process corresponding to the matched starting information.
B16, the apparatus according to B15, wherein the processing module is further adapted to:
starting the installation package program of the application to be installed by adopting a HOOK starting process function;
acquiring parameter information of the starting process function;
and matching the parameter information of the starting process function with the characteristic information of the binding software in the configuration information.
B17, the apparatus according to any one of B10 to B16, wherein the application to be installed is an application to be installed for application upgrade, and the application to be installed has created a file of a specified type in a specified directory, and further includes a determining module adapted to:
when the behavior that the installation package process or the subprocess of the installation package process of the application to be installed creates files in the specified directory is monitored, judging whether the files created in the specified directory are files of specified types or not;
if yes, judging whether the created file exists in the specified directory before the action of creating the file occurs;
if not, the created file is redirected to a temporary folder.
B18, the device according to B17, wherein after the application to be installed is installed, the device further comprises a deletion module adapted to:
and closing the installation package process of the application to be installed and the sub-process of the installation package process, and deleting the temporary folder.