Add READ/OPEN file operation to HIPS rules.
I am far more concerned about something reading my files than writing them.
Backups are there to handle writing problems, but reading well thats where all my secrets are!
I saw this and was excited i could finally have this, (back when i was on linux i coded my own solution using fanotify but its a bit more annoying with windows and filesystem filter drivers or w/e) and was then sadly dissapointed.
I would just like a way to intercept file open / read events and approve them on a per case basis on certain files,
like say my password vault, ssh keys and whatnot.