kicad-developers team mailing list archive

Thread
Date

Re: Windows 10 reports stable 4.0.1 installer as malware.

To: Nick Østergaard <oe.nick@xxxxxxxxx>
From: Mark Roszko <mark.roszko@xxxxxxxxx>
Date: Thu, 18 Feb 2016 13:36:54 -0500
Cc: KiCad Developers <kicad-developers@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAOuK9LgE=J0cHKDfQDHb1wB0NQNFz2tG9GJ_igR=z4P=GxcKFQ@mail.gmail.com>

Yea that escalation is fine. Microsoft just wants the UAC directive in
all the kicad executable manifests. The directive can simply be "asInvoked"
meaning do not escalate. Its simply a security item for them they want
checked off. We don't have to tell it to escalate all the kicad
executables to admin or highest.

When I was talking about Publisher I wasn't referring to the test
failing. I was saying SmartScreen might be happier if the installer
executable Publisher Matched the certificate or had something not
blank.

On Thu, Feb 18, 2016 at 1:33 PM, Nick Østergaard <oe.nick@xxxxxxxxx> wrote:
> FWIW, I will add that the current UAC escalation that is implemented
> in the installer is such that it will install the %PROGRAM_FILES%
> without starting to put stuff in the users %APPDATA%/Roaming and sort
> of break the installation.
>
> 2016-02-18 17:18 GMT+01:00 Nick Østergaard <oe.nick@xxxxxxxxx>:
>> 2016-02-18 16:21 GMT+01:00 Mark Roszko <mark.roszko@xxxxxxxxx>:
>>> The not marked manifested issue has to be fixed in the kicad repo. It
>>> wants the UAC setting defined either "asInvoker, highestAvaliable or
>>> administrator". The problem is the manifest right now comes from
>>> wxwidgets(yay)
>>>
>>> https://github.com/wxWidgets/wxWidgets/blob/master/include/wx/msw/wx.rc
>>> (last few lines include the manifest)
>>>
>>> So we would need to write our own manifests that currently defines UAC
>>> level and conditionally compile them in.
>>>
>>>
>>>
>>> The uninstaller is more complicated to fix because its generated
>>> inside the installer on runtime. The link I gave before shows how to
>>> workaround it...hackishly..
>>>
>>>
>>>
>>> Though I wonder if the Publisher field being set would help it shutup
>>> because Smartscreen might be doing something as simple as comparing
>>> installer Publisher to certificate Publisher and being happy.
>>
>> I did just set the Publisher and as you can see it still fail for the
>> manifest stuffs, but it also proposes a waiver justifications dialog
>> where you can argue why this is not important, but I am not sure what
>> yo write there. You can retry it on the latest nightly to test
>> yourself.



-- 
Mark

Follow ups

Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-18

References

Windows 10 reports stable 4.0.1 installer as malware.
From: Wayne Stambaugh, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Simon Richter, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Wayne Stambaugh, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Wayne Stambaugh, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Mark Roszko, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Adam Wolf, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Mark Roszko, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-17
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Mark Roszko, 2016-02-18
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-18
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Mark Roszko, 2016-02-18
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-18
Re: Windows 10 reports stable 4.0.1 installer as malware.
From: Nick Østergaard, 2016-02-18