>Re: [WiX-users] Heat - Include question
>From: Mike Carlson <corfe83@gm...> - 2013-05-28 20:01
>It's not a good idea for your application to write to allow non-elevated
>users to write to its installed application folder under program files
>folder. Allowing users to overwrite the application binaries is a security
>hole for any customers who might have untrusted users on the machine.
I know, but I think that is the only solution: the application is
derived from Unix, and it is "self contained".
What I mean: the application is based on MSYS and when a new user
starts the unix shell, he needs write access to folders like /home,
... . And /home is contained inside the Programfiles\aplications
folder.
So in my opinion i'm in a jail and I can't find other solution.
Perhaps someone has an idea ...
>Did you intend to store user preferences or other user data there? Instead
>your app should be written to store this in the user's profile folder such
>as under %LOCALAPPDATA%, or in the registry (HKCU). This avoids security
>issues, and allows each user on the same machine to specify their own
>preferences.
I know, but in my case this is not possible, as explained before.
>Anyway, what you want can be done by manually adding your own PermissionEx
>element(s). I wouldn't know what to recommend as far as exact authoring of
>the PermissionEx, but suggest you read the wix.chm or look through old
>threads about it on the wix-users archives.
Well, In my case I solved it creating permissions on the folder as:
<DirectoryRef Id="INSTALLDIR"><Component Id="NTFSPermissionsComponent"
Guid="51EC5D4E-E1EA-4964-BE30-38C2AE897C40">
<CreateFolder><Permission User="Everyone" GenericAll="yes"/
</CreateFolder></Component>
</DirectoryRef>
But ... I will take you recommendation of security, and I will try to
allow only the minimum folders with write access inside the program.
And I can confirm: using "Everyone" is OK on other languages than
English as explained here:
http://blogs.msdn.com/b/cjacks/archive/2008/12/04/how-to-set-directory-permissions-at-install-time-using-an-msi-created-using-windows-installer-xml-wix.aspx)
Thanks a lot for your time.
Regards.
2013/5/27 BGINFO4X <bginf...@kztsoftware.com>:
> Hello everyone,
>
> I'm already finish, ...., but I have a little problem related to the
> NTFS Permissions:
>
> The normal permissions inside %program files% are: Administrators ->
> FULL CONTROL ; Users -> Read
>
> But when the application is executed as a normal user, it doesn't
> work: Normal users NEED write access to the folder's program.
>
> So, I think that the solution goes to giving NTFS to Everyone -> Full
> control (as explained in:
> http://blogs.msdn.com/b/cjacks/archive/2008/12/04/how-to-set-directory-permissions-at-install-time-using-an-msi-created-using-windows-installer-xml-wix.aspx)
>
> The question is: how to assign NTFS permissions with HEAT as a Harvest tool?
>
> Is the following sentence true? "“The common user names ‘Everyone’
> and ‘Administrators’ may be entered in English and are mapped to
> well-known SIDs.” Or there will be localization problems when
> installed in other languages?
>
> Do you have some recommendations?
>
> Thanks a lot for your time.
>
>
>
> 2013/5/22 BGINFO4X <bginf...@kztsoftware.com>:
>> Ok, thanks a lot.
>>
>> Regards.
>>
>> 2013/5/21 Mike Carlson <corf...@gmail.com>:
>>> Ah, then you do want to support upgrades. Get your upgrade scenario right,
>>> and you won't have to worry about having a consistent shortcut name.
>>>
>>> Read up on "Major Upgrades" here:
>>> http://msdn.microsoft.com/en-us/library/windows/desktop/aa369786(v=vs.85).aspx.
>>> This will cause the old version to be uninstalled as part of installing the
>>> new version.
>>>
>>> Or you might want to explore "Minor Upgrades" which are slightly lighter
>>> weight:
>>> http://msdn.microsoft.com/en-us/library/windows/desktop/aa370037(v=vs.85).aspx
>>> .
>>>
>>>
>>>
>>> On Tue, May 21, 2013 at 9:34 AM, BGINFO4X <bginf...@kztsoftware.com> wrote:
>>>
>>>> 2013/5/21 Mike Carlson <corf...@gmail.com>:
>>>> > You should be able to. Create the shortcut in your own authoring file. To
>>>> > point to the file in the generated authoring, see the "Target" attribute
>>>> of
>>>> > the shortcut element in wix.chm.
>>>> >
>>>>
>>>> Thanks a lot , I will try it.
>>>>
>>>> I have a conceptual question regarding shortcuts:
>>>>
>>>> I want the installer creates a shortcut in the startup folder for all
>>>> users, so the program is started automatically each time the users
>>>> logon.
>>>>
>>>> If the user install a new version without uninstalling the previous
>>>> one, then two versions of the program will be executed, and this is
>>>> not desirable.
>>>>
>>>> Is a good practice to create always the same name in the shortcut in
>>>> the manner that newer versions overwrite the previous shortcut?
>>>>
>>>> How to manage this situation?
>>>>
>>>> Thanks a lot.
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Try New Relic Now & We'll Send You this Cool Shirt
>>>> New Relic is the only SaaS-based application performance monitoring service
>>>> that delivers powerful full stack analytics. Optimize and monitor your
>>>> browser, app, & servers with just a few lines of code. Try New Relic
>>>> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
>>>> _______________________________________________
>>>> WiX-users mailing list
>>>> WiX-users@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/wix-users
>>>>
>>> ------------------------------------------------------------------------------
>>> Try New Relic Now & We'll Send You this Cool Shirt
>>> New Relic is the only SaaS-based application performance monitoring service
>>> that delivers powerful full stack analytics. Optimize and monitor your
>>> browser, app, & servers with just a few lines of code. Try New Relic
>>> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
>>> _______________________________________________
>>> WiX-users mailing list
>>> WiX-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/wix-users
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite
It's a free troubleshooting tool designed for production
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users
