WiX Toolset
CVE-2024-29187 fix broke setup scenario, where setup gets started by a service account #8154
rkieslinger
started this conversation in
WiX Development
Replies: 2 comments
-
|
In my very adhoc testing of Burn's handling, it did respect the TMP system variable to determine where to place the Temporary files. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thx for the information, but I don't really want to tamper with the TMP system variable. There's not really a good point in time when to temporarly change the TMP system variable and also this could have side effects. IMO it's an obvious bug in an edge case. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
After updating from Wix 3.11.2.4516 to 3.14.1.8722, our setup fails if it gets started by a service account (Managed Service Account or Virtual Service Account).
It seems the newly introduced check, if a process is elevated, always returns
trueif it is run by a service account. This results in the temp directory always getting created underC:\Windows\Temp, where then the service account without administrator privileges hasn't proper access.I think the problem also exists in Wix 4 (and maybe 5) (seems to be the same code).
Beta Was this translation helpful? Give feedback.
All reactions