kicad-developers team mailing list archive

[Nick Østergaard <oe.nick@xxxxxxxxx>]

2016-02-18 19:36 GMT+01:00 Mark Roszko <mark.roszko@xxxxxxxxx>:
> Yea that escalation is fine. Microsoft just wants the UAC directive in
> all the kicad executable manifests. The directive can simply be "asInvoked"
> meaning do not escalate. Its simply a security item for them they want
> checked off. We don't have to tell it to escalate all the kicad
> executables to admin or highest.

Ok, I see. Can't we add an "external" manifest as the result suggests?
If yes, what exactly is that, is that a file we can define next to it
and embed in the exe or how does this work? (I always find googling
such windows speficic things hard, hence I ask, because I faild at
finding a good answer.)

> When I was talking about Publisher I wasn't referring to the test
> failing. I was saying SmartScreen might be happier if the installer
> executable Publisher Matched the certificate or had something not
> blank.

Yeah, ok, I see, I realised that now. I think it might help too.

> On Thu, Feb 18, 2016 at 1:33 PM, Nick Østergaard <oe.nick@xxxxxxxxx> wrote:
>> FWIW, I will add that the current UAC escalation that is implemented
>> in the installer is such that it will install the %PROGRAM_FILES%
>> without starting to put stuff in the users %APPDATA%/Roaming and sort
>> of break the installation.
>>
>> 2016-02-18 17:18 GMT+01:00 Nick Østergaard <oe.nick@xxxxxxxxx>:
>>> 2016-02-18 16:21 GMT+01:00 Mark Roszko <mark.roszko@xxxxxxxxx>:
>>>> The not marked manifested issue has to be fixed in the kicad repo. It
>>>> wants the UAC setting defined either "asInvoker, highestAvaliable or
>>>> administrator". The problem is the manifest right now comes from
>>>> wxwidgets(yay)
>>>>
>>>> https://github.com/wxWidgets/wxWidgets/blob/master/include/wx/msw/wx.rc
>>>> (last few lines include the manifest)
>>>>
>>>> So we would need to write our own manifests that currently defines UAC
>>>> level and conditionally compile them in.
>>>>
>>>>
>>>>
>>>> The uninstaller is more complicated to fix because its generated
>>>> inside the installer on runtime. The link I gave before shows how to
>>>> workaround it...hackishly..
>>>>
>>>>
>>>>
>>>> Though I wonder if the Publisher field being set would help it shutup
>>>> because Smartscreen might be doing something as simple as comparing
>>>> installer Publisher to certificate Publisher and being happy.
>>>
>>> I did just set the Publisher and as you can see it still fail for the
>>> manifest stuffs, but it also proposes a waiver justifications dialog
>>> where you can argue why this is not important, but I am not sure what
>>> yo write there. You can retry it on the latest nightly to test
>>> yourself.
>
>
>
> --
> Mark