https://issues.apache.org/bugzilla/show_bug.cgi?id=56079
Konstantin Preißer <kpreis...@apache.org> changed: What |Removed |Added ---------------------------------------------------------------------------- OS| |All --- Comment #6 from Konstantin Preißer <kpreis...@apache.org> --- Hi Mark, I wanted to provide some general information on when Windows will show a warning when running an signed or non-signed executables. Since Windows Vista, Windows has UAC (User Account Control) which ensures that a user which is a member of the Administrators group normally runs programs with non-admin rights, but only when the user explicitely runs a program as Administrator (either because he right-clicked on it and selected "Run as Administrator", or because the EXE has a manifest that requests admin-level access), the programm will run with administrative rights. 1) If the user is an Administrator and UAC is enabled, or the user is not an Administrator, and he wants to start an executable with administrative rights from a program that runs with non-admin rights (e.g. explorer.exe), Windows will show the warning from Screenshot 1 if the executable is signed, and a warning from Screenshot 2 if the executable is not signed. Note that this does not happen when the executable is started from a process that runs already with admin rights (e.g. when running cmd.exe as Admin), or if you use the integrated Administrator account that is the default account on Server editions of Windows (e.g. Windows Server 2012), as in this case even if UAC is enabled, the integrated Administrator account always runs with admin rights. This does not happen with other Admin accounts that have been created by a user. 2) If the user wants to start a process with the same level (a non-admin explorer starts a process as non-admin, or an admin explorer starts a process as admin), and the file has been downloaded by a browser like Internet Explorer so that is has been marked as downloaded, then Windows will show the warning from Screenshot 3 if the file is signed, and the warning from Screenshot 4 if it is not signed. You can see if a file is marked as downloaded, when right-clicking on it, selecting "Properties" and then looking at the bottom of the file dialog. If it shows "Security: This file came from another computer and might be blocked to help protect this computer.", then it is marked as downloaded, but you can remove that mark by clicking on "Unblock". This warning does only seem to show when the process is started by Explorer. When you downloaded a .zip file (e.g. downloading Tomcat 8 as .zip), most extractor programs like WinRAR or Windows Explorer will retain the "downloaded" status of the .zip file for every extracted file. I.e. if you extract apache-tomcat-8.0.0-RC10-windows-x64.zip with WinRAR and the zip as been marked as downloaded, then also Tomcat8w.exe will have that mark, so the warning will show when you start Tomcat8w.exe with UAC disabled or from the integrated Administrator account. Note that with my testing, IE and Chrome both marked .exe and .zip files with this "downloaded" flag, but Firefox only marked .exe files, but not .zip ones. Additionally, IE shows a warning when downloading a non-signed .exe file, as shown on Screenshot 5. I tried following use case for installing a Tomcat 8 service on Windows Server 2012 R2 with a newly created administrator account (but with UAC enabled): 1) Downloading the "64-bit Windows zip" with IE and extracting it with Windows Explorer. 2) Opening cmd.exe with non-admin rights (in the explorer window, click menu "File", "Open command prompt". 3) Change to the Tomcat\bin directory, then running "service install" 4) I get the warning from screenshot 3, that "Tomcat8.exe" is from an unknown publisher and wants to to administrative changes on the computer. 5) If I click Yes, this warning disappears, but then displays again two times. So, overall this warning displayed three times when running "service install". (If the Tomcat8.exe was signed, the warnings would show that it is signed, but still would appear three times - I think this install script should be changed so that Tomcat8.exe is only called once). 6) Running Tomcat8w.exe, from the explorer, I get the warning that it is not signed and wants to be run with admin rights. 7) From the cmd.exe, I run "service uninstall", I get the warning for Tomcat8.exe, but only one time. Note that when running an elevated cmd.exe ("File" -> "Open command prompt" -> "Open command prompt as administator"), I do not get any of the warnings. When trying the use case with the Windows Service installier (apache-tomcat-8.0.0-RC10.exe), then I get warnings when 1) Running the installer, 2) after installation is complete, run "Configure Tomcat" or "Monitor Tomcat" from the Start screen which both run "tomcat8w.exe". When I uninstall Tomcat from Control Panel -> Programs and Features, it shows some certificate from Windows or the Windows installer, so there is no warning here that it is unsigned. So for me, the files where Windows showed a warning that they are not signed, were: 1) apache-tomcat-8.0.0-RC10.exe 2) tomcat8.exe 3) tomcat8w.exe -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org