Fix for issue9118 - wrong elevation detection for non-admin accounts with UAC disabled (for version 4.0.7.) #650
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes 7384
Project names with invalid characters, namely spaces, where not being harvested properly. The sanitized name is requires for the `Source="$(var.PROJECT_NAME` output. Updated harvest project unit test for project names with spaces.
...work around other bugs in mergemod.cub. Fixes wixtoolset/issues#7413.
- Count args before creating message record. - Document terminating NULL requirement. - Add terminating NULL in MessageExit* macros. - Enhance tests for problems encountered fixing this nightmare. Fixes wixtoolset/issues#7422. Fixes wixtoolset/issues#7444.
Fixes wixtoolset/issues#7377. Requires fix for wixtoolset/issues#7444.
Maybe Rust wouldn't be so bad... Fixes wixtoolset/issues#7451.
Fix duplicate NoMinimize attribute and add attributes that were entirely missing. Fixes wixtoolset/issues#7482.
A package's cached status is no longer set via the PackageState. The value was removed in native code but the managed code was missed throwing off the enum mapping. Fixes 7399
…eation Also fix documentation in ResolveWixLibraryReferences target. Fixes 7512
IWindowsInstallerDecompileContext.TreatProductAsModule. wixtoolset/issues#7607
In the long ago, a share could have one user/permissions pair. That's really limited, of course, so support for _n_ user/permissions pairs was added. In the move to WiX v4, support for that single, legacy user was removed from the extension side but not the custom action side. Remove that support. Fixes wixtoolset/issues#7632.
TrueType fonts are denoted by the empty string in the FontTitle field of the FileSymbol. That means a non-null FontTitle field value means a font is being installed. Fixes 7593
Addresses two issues in the creation of configurable merge modules. First, the ModuleConfiguration table Id should not be modularized. Second, the ModuleSubstitution table was never created. Fixing both of those allows configurable merge modules to work again. Fixes 7559
…sections Due to the handling of redundant symbols, which are only used by inline directory syntax, the symbols were only defined in the first section encountered by the linker. Fix that so at most one duplicated inline directory symbol is included when referenced. Fixes 7840
...because SemVer is just a suggestion. - Also fix missing NuGet cleanup. - And update NuGet^2 packages because v6.3.1 has vulnerabilities.
This will prevent elevated processes from accidentally following a junction from a user-writable directory to a per-machine directory and erroneously deleting the per-machine contents.
When deleting directories recursively, an elevated custom action following junctions in a user-writable location could recurse into any directory, including some that you might not want to be deleted. Therefore, avoid recursing into directories that are actually junctions (aka "reparse points"). This applies to: - The RemoveFoldersEx custom action (which doesn't actually do deletions but would instruct elevated MSI to delete on your behalf). - DTF's custom action runner.
When running elevated, Burn uses the Windows Temp folder as its working folder to prevent normal processes from tampering with the files. Windows Temp does allow non-elevated processes to write to the folder but they cannot see the files there. Unfortunately, contrary to our belief, non-elevated processes can read the files in Windows Temp by watching for directory changes. This allows a malicious process to lie in wait, watching the Windows Temp folder until a Burn process is launched elevated, then attack the working folder. Mitigate that attack by protecting the working folder to only elevated users. Managed custom actions also fall back to using the Windows Temp folder in some cases and thus can be exposed in a similar fashion as an elevated Burn process. Remove that possibility.
See issue 8033 for more details
v143 output is compatible back to VS2017 (at least). Fixes wixtoolset/issues#8211.
Spillover from having more interactive controls. In WiX v3, showing a page moved the focus as a typical person might expect. When WiX v4 added interactivity, the same code was used to update controls (e.g., when checking a checkbox set a property used in a `VisibleCondition` or `EnableCondition` for another control on the same page). This change prevents the focus-setting behavior if the same page is being shown. Fixes wixtoolset/issues#8144
Fixes 8569
Generally, clean up the handling of getting the domain from a server name by centralizing and simplifying it behind an improved GetDomainFromServerName() based on the buggy GetServerName(). Fixes 8576
This prevents the .NET ZipArchive (and friends) from keeping the whole thing in memory, to support updating when we don't need to update the Wixout when building a binary Wixlib.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes an issue found in the code at v4.0.6. The branch was created from that tag to isolate the fix.
Fix for issue: wixtoolset/issues#9118
When user is not in admin group and UAC is disabled, wix may wrongly detect process as elevated