https://issues.apache.org/bugzilla/show_bug.cgi?id=56079
Konstantin Preißer <kpreis...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
--- Comment #6 from Konstantin Preißer <kpreis...@apache.org> ---
Hi Mark,
I wanted to provide some general information on when Windows will show a
warning when running an signed or non-signed executables.
Since Windows Vista, Windows has UAC (User Account Control) which ensures that
a user which is a member of the Administrators group normally runs programs
with non-admin rights, but only when the user explicitely runs a program as
Administrator (either because he right-clicked on it and selected "Run as
Administrator", or because the EXE has a manifest that requests admin-level
access), the programm will run with administrative rights.
1) If the user is an Administrator and UAC is enabled, or the user is not an
Administrator, and he wants to start an executable with administrative rights
from a program that runs with non-admin rights (e.g. explorer.exe), Windows
will show the warning from Screenshot 1 if the executable is signed, and a
warning from Screenshot 2 if the executable is not signed.
Note that this does not happen when the executable is started from a process
that runs already with admin rights (e.g. when running cmd.exe as Admin), or if
you use the integrated Administrator account that is the default account on
Server editions of Windows (e.g. Windows Server 2012), as in this case even if
UAC is enabled, the integrated Administrator account always runs with admin
rights. This does not happen with other Admin accounts that have been created
by a user.
2) If the user wants to start a process with the same level (a non-admin
explorer starts a process as non-admin, or an admin explorer starts a process
as admin), and the file has been downloaded by a browser like Internet Explorer
so that is has been marked as downloaded, then Windows will show the warning
from Screenshot 3 if the file is signed, and the warning from Screenshot 4 if
it is not signed.
You can see if a file is marked as downloaded, when right-clicking on it,
selecting "Properties" and then looking at the bottom of the file dialog.
If it shows "Security: This file came from another computer and might be
blocked to help protect this computer.", then it is marked as downloaded, but
you can remove that mark by clicking on "Unblock".
This warning does only seem to show when the process is started by Explorer.
When you downloaded a .zip file (e.g. downloading Tomcat 8 as .zip), most
extractor programs like WinRAR or Windows Explorer will retain the "downloaded"
status of the .zip file for every extracted file. I.e. if you extract
apache-tomcat-8.0.0-RC10-windows-x64.zip with WinRAR and the zip as been marked
as downloaded, then also Tomcat8w.exe will have that mark, so the warning will
show when you start Tomcat8w.exe with UAC disabled or from the integrated
Administrator account.
Note that with my testing, IE and Chrome both marked .exe and .zip files with
this "downloaded" flag, but Firefox only marked .exe files, but not .zip ones.
Additionally, IE shows a warning when downloading a non-signed .exe file, as
shown on Screenshot 5.
I tried following use case for installing a Tomcat 8 service on Windows Server
2012 R2 with a newly created administrator account (but with UAC enabled):
1) Downloading the "64-bit Windows zip" with IE and extracting it with Windows
Explorer.
2) Opening cmd.exe with non-admin rights (in the explorer window, click menu
"File", "Open command prompt".
3) Change to the Tomcat\bin directory, then running "service install"
4) I get the warning from screenshot 3, that "Tomcat8.exe" is from an unknown
publisher and wants to to administrative changes on the computer.
5) If I click Yes, this warning disappears, but then displays again two times.
So, overall this warning displayed three times when running "service install".
(If the Tomcat8.exe was signed, the warnings would show that it is signed, but
still would appear three times - I think this install script should be changed
so that Tomcat8.exe is only called once).
6) Running Tomcat8w.exe, from the explorer, I get the warning that it is not
signed and wants to be run with admin rights.
7) From the cmd.exe, I run "service uninstall", I get the warning for
Tomcat8.exe, but only one time.
Note that when running an elevated cmd.exe ("File" -> "Open command prompt" ->
"Open command prompt as administator"), I do not get any of the warnings.
When trying the use case with the Windows Service installier
(apache-tomcat-8.0.0-RC10.exe), then I get warnings when
1) Running the installer,
2) after installation is complete, run "Configure Tomcat" or "Monitor Tomcat"
from the Start screen which both run "tomcat8w.exe".
When I uninstall Tomcat from Control Panel -> Programs and Features, it shows
some certificate from Windows or the Windows installer, so there is no warning
here that it is unsigned.
So for me, the files where Windows showed a warning that they are not signed,
were:
1) apache-tomcat-8.0.0-RC10.exe
2) tomcat8.exe
3) tomcat8w.exe
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
