wix/src/burn, branch bob/Fixes.240629

wix/src/burn, branch bob/Fixes.240629 A mirror of https://github.com/wixtoolset/wix.git https://git.lua4.win/wix/atom?h=bob%2FFixes.240629 2024-07-15T19:14:09+00:00 Remove unused const. 2024-07-15T19:14:09+00:00 Bob Arnson bob@firegiant.com 2024-06-30T00:27:54+00:00 urn:sha1:b9d8b1ec959b6126cd84de358aee325e717544e7 Move to ReleaseFlow and SomeVer 2024-04-25T20:31:39+00:00 Rob Mensching rob@firegiant.com 2024-04-07T10:26:12+00:00 urn:sha1:4983aeeb2da6e96bc8aad698752b3b962f58e585 Protect elevated working folder from malicious data 2024-03-22T18:57:27+00:00 Rob Mensching rob@firegiant.com 2024-03-21T06:51:53+00:00 urn:sha1:fed3d69eb4da7fa2bafdd8f555ce5869c36925f7 When running elevated, Burn uses the Windows Temp folder as its working folder to prevent normal processes from tampering with the files. Windows Temp does allow non-elevated processes to write to the folder but they cannot see the files there. Unfortunately, contrary to our belief, non-elevated processes can read the files in Windows Temp by watching for directory changes. This allows a malicious process to lie in wait, watching the Windows Temp folder until a Burn process is launched elevated, then attack the working folder. Mitigate that attack by protecting the working folder to only elevated users. Managed custom actions also fall back to using the Windows Temp folder in some cases and thus can be exposed in a similar fashion as an elevated Burn process. Remove that possibility. Simplify BootstrapperApplication header files 2024-03-21T20:07:14+00:00 Rob Mensching rob@firegiant.com 2024-03-21T07:59:21+00:00 urn:sha1:90cdebbe94c7f60db86965ffb97d9ba51d0bc9fc Take this breaking change opportunity to simplify the header files used by BA devs. Clean up Burn a bit. 2024-03-14T21:21:36+00:00 Bob Arnson bob@firegiant.com 2024-03-14T17:48:20+00:00 urn:sha1:f104c01bc29378b544c0f458c45106bcfd63c11b Rename "bundle extension" to "bootstrapper extension" for more consistency 2024-03-07T18:55:57+00:00 Rob Mensching rob@firegiant.com 2024-03-07T17:41:29+00:00 urn:sha1:5baa1dfe8ba2a3bd4728bca118fe1de225f848d4 Also renames WixToolet.BextUtil nupkg to WixToolset.BootstrapperExtensionApi. Better .nupkg names 2024-03-07T18:55:57+00:00 Rob Mensching rob@firegiant.com 2024-03-06T22:48:10+00:00 urn:sha1:3d2d46f62fc01e2653d0251ad9703090574e7c41 WIP - BA header simplification 2024-03-07T02:03:38+00:00 Rob Mensching rob@firegiant.com 2024-03-06T18:20:29+00:00 urn:sha1:a8504dc4eb1c2d09965b0858699ac737336ef3c1 Move the BootstrapperApplication out of proc 2024-03-07T02:03:38+00:00 Rob Mensching rob@firegiant.com 2024-01-12T02:26:20+00:00 urn:sha1:0d3d54992104288e9ee0c834d0b96e8502fd2d42 Mitigate .local DLL redirection Windows bug. 2024-03-07T02:03:38+00:00 Bob Arnson bob@firegiant.com 2024-01-24T22:38:55+00:00 urn:sha1:ce9ef4702cddf9a2398f6fbb7702988b662b5565