I just got the below issue again with a different customer (see end of e-mail): Installer fails because MSI is encrypted. This is the third time now in about a year. Anybody else seen this? I never seen anybody talk about it on any of the mailing lists. Pretty weird if I'm the only one seeing it.
I remember reviewing the burn code and saw maybe there was a potential weakness where encryption is not being removed from the cache folder. It was being removed from the working folder. Rob asked me for a test case and I did set up a VM of Win 7 Professional but was never able to reproduce it. I pasted that conversion below. I'm going to look into it again but posted here in the hopes someone else ran into this. Is this something worth changing in the burn code even without a repro? What are the risks? Wes --------------------------------------- Investigation: From: Rob Mensching [mailto:r...@robmensching.com] Hmm, that's a good point. It looks like Decrypt is only being done on the working folder. It's possible we're not preventing the inheritance from the LocalAppDataFolder! Do you have a consistent repro of this issue? On Mon, May 6, 2013 at 1:47 PM, Wesley Manning <wmann...@dynagen.ca> wrote: Can anyone tell me where the burn code checks/removes encryption from the Package Cache? I see that encryption is removed from the working folder by the method CacheEnsureWorkingFolder via method DecryptFileW but nothing for the cache folder. For the "Package Cache" folder the CreateCompletedPath method is used to create the Package Cache directory and set ACL permissions. Wes --------------------------------------- Issue description: -----Original Message----- From: Wesley Manning [mailto:wmann...@dynagen.ca] I had a second customer where our burn installer failed on Windows 7 Professional x64. I had him go into the "Package Cache" folder and encryption was not set on it and all subfolders but was set on the one remaining msi file. I had him remove the encryption from the file and rerun the installer and it then installed successfully. Must be a bug in rollback also because it left one MSI there (I cache 3 in total). I guess good thing otherwise I wouldn't have found the cause. Has there been any problems with Visual Studio install for Windows 7 professional? If I've seen this twice Visual Studio team must have seen this before. I tried reproducing this on my Windows 7 Ultimate x64 computer by encrypting the package cache folder and then installing but it installed fine (as you would expect). Where is the encryption code located in the burn source code? Maybe it should be changed to check MSI files before they are run from the cache and decrypt them. What do you guys think? Wes ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ WiX-devs mailing list WiX-devs@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-devs ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ WiX-devs mailing list WiX-devs@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-devs
