| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Protect elevated working folder from malicious data | Rob Mensching | 2024-03-22 | 1 | -4/+31 |
| | | | | | | | | | | | | | | | | When running elevated, Burn uses the Windows Temp folder as its working folder to prevent normal processes from tampering with the files. Windows Temp does allow non-elevated processes to write to the folder but they cannot see the files there. Unfortunately, contrary to our belief, non-elevated processes can read the files in Windows Temp by watching for directory changes. This allows a malicious process to lie in wait, watching the Windows Temp folder until a Burn process is launched elevated, then attack the working folder. Mitigate that attack by protecting the working folder to only elevated users. Managed custom actions also fall back to using the Windows Temp folder in some cases and thus can be exposed in a similar fashion as an elevated Burn process. Remove that possibility. | ||||
| * | Ignore cache bundle failure if it already exists in the package cache. | Sean Hall | 2022-09-15 | 1 | -7/+5 |
| | | | | | Fixes 6848 | ||||
| * | Skip logging errors in some places when they are due to missing files or ↵ | Sean Hall | 2022-08-09 | 1 | -2/+1 |
| | | | | | | | registry keys or values. Related to 6696 | ||||
| * | Add ability to skip a local path candidate if it failed verification. | Sean Hall | 2022-08-03 | 1 | -7/+63 |
| | | | | | Fixes 6818 | ||||
| * | Add longPathAware to Burn manifest to support long paths. | Sean Hall | 2022-06-27 | 1 | -3/+3 |
| | | | | | Fixes 3455 | ||||
| * | Make sure base paths are fully qualified in Burn. | Sean Hall | 2022-06-07 | 1 | -25/+31 |
| | | |||||
| * | Update Burn algorithm for picking elevated temp path to use SystemTemp. | Sean Hall | 2022-06-07 | 1 | -3/+16 |
| | | |||||
| * | Make PathGetSystemPath return an array of paths ordered by preference. | Sean Hall | 2022-06-07 | 1 | -55/+72 |
| | | |||||
| * | Replace PathCompare with PathCompareCanonicalized. | Sean Hall | 2022-06-07 | 1 | -9/+9 |
| | | |||||
| * | Add PathConcatRelativeToBase and use it in Burn. | Sean Hall | 2022-05-31 | 1 | -16/+16 |
| | | | | | Fixes 6707 | ||||
| * | Replace PathIsAbsolute with PathIsRooted and add PathIsFullyQualified. | Sean Hall | 2022-05-31 | 1 | -1/+1 |
| | | |||||
| * | Always use user's temp directory as basis for acquisition folder. | Sean Hall | 2021-08-04 | 1 | -29/+61 |
| | | | | | Fixes #5830 | ||||
| * | Add argument and policy setting to set Burn's base working directory. | Sean Hall | 2021-08-04 | 1 | -9/+56 |
| | | | | | Fixes #5856 | ||||
| * | Replace static cache internals with a struct. | Sean Hall | 2021-08-04 | 1 | -246/+259 |
| | | | | | Initialize them explicitly to make it clearer when that happens. | ||||
| * | Get system TEMP path from the registry. | Sean Hall | 2021-08-04 | 1 | -14/+9 |
| | | | | | Also, correctly handle return codes from related path APIs. | ||||
| * | Bring back Burn's implementation of signature verification. | Sean Hall | 2021-05-11 | 1 | -0/+131 |
| | | | | | partial #6447 | ||||
| * | Enforce payload and container verification. | Sean Hall | 2021-05-11 | 1 | -15/+80 |
| | | |||||
| * | Reset the package's cache folder only once. | Sean Hall | 2021-05-11 | 1 | -15/+43 |
| | | | | | | | This behavior makes it work similar to the root package cache folder and avoids performance problems when there are many payloads in the package. #4774 | ||||
| * | Allow launching approved exes from the original package cache. | Sean Hall | 2021-05-11 | 1 | -20/+71 |
| | | |||||
| * | Move burn into burn | Rob Mensching | 2021-04-29 | 1 | -0/+2052 |
 |
index : wix | |
| A mirror of https://github.com/wixtoolset/wix.git |
| aboutsummaryrefslogtreecommitdiff |