Page 1 of 1
AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 9:19 am
by c4s
A new version of my program decompresses an executable to the AppData path and runs it when needed. Previously I used the TempPath but thought AppData would be better because it doesn't get cleared.
Now I received much feedback where my users said that the program doesn't work anymore. Well, I thought the error is somewhere else because I also switched to unicode (basically using
this code) but yesterday I had the flash of genius that it must be because of accessing privileges of the AppData path?!
I wasn't able to find more information about that - msdn can be pretty overwhelming in information - so can you tell me if I'm right?
Re: AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 12:00 pm
by Fred
If you use the AppData for the logged user (ie: not the global appdata), then you shouldn't have any problem, you can safely write to it.
Re: AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 12:19 pm
by Thorium
Fred wrote:If you use the AppData for the logged user (ie: not the global appdata), then you shouldn't have any problem, you can safely write to it.
Yes, but the question is if you can execute there. Maybe some virusscanner block execution from that path.
Re: AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 12:39 pm
by freak
I'd think it is a security feature. Either by Windows itself, or its just a policy on your users computers.
It kind of makes sense too: The folder is meant for application settings only. Many users don't even know the folder exists, so it would be a good place to hide a malicious executable.
Re: AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 4:45 pm
by c4s
I send out some debug versions and the results are the same for TempPath and AppdataPath - it doesn't work. Now I found out that it must be CreateProcess_()
from the following code that raises the error.
Freak and/or Fred could you please tell me what's different to the internal RunProgram() because I'm trying to emulate its behavior and just do it because ReadErrorString() doesn't work when used with an ascii executable out of my Unicode program.
Why doesn't CreateProcess_() work here ("program" is of course a valid executable that exists!):
Code: Select all
Structure PROCESS_OBJ
hReadStdOut.i
hWriteStdOut.i
hReadStdErr.i
hWwriteStdErr.i
process.PROCESS_INFORMATION
dataRead.i
lastErrChar.ASCII
lastStdChar.ASCII
EndStructure
Procedure proc_RunProgram(program.s, command.s, flags.l=0, *err.INTEGER=#Null)
Define *this.PROCESS_OBJ, start.STARTUPINFO, sa.SECURITY_ATTRIBUTES, error
*this = AllocateMemory(SizeOf(PROCESS_OBJ))
error = 0
;Create the Pipes
sa\nLength =SizeOf(SECURITY_ATTRIBUTES)
sa\bInheritHandle = 1
sa\lpSecurityDescriptor = 0
If CreatePipe_(@*this\hReadStdOut, @*this\hWriteStdOut, @sa, 0)
If CreatePipe_(@*this\hReadStdErr, @*this\hWwriteStdErr, @sa, 0)
start\cb = SizeOf(STARTUPINFO)
start\dwFlags = #STARTF_USESHOWWINDOW | #STARTF_USESTDHANDLES
start\hStdOutput = *this\hWriteStdOut
If flags & 2 = 2 ; #PROCESS_JOIN_OUTPUT
start\hStdError = *this\hWriteStdOut
Else
start\hStdError = *this\hWwriteStdErr
EndIf
If CreateProcess_(#Null, program + " " + command, @sa, @sa, #True, #NORMAL_PRIORITY_CLASS, #Null, #Null, @start, @*this\process)
CloseHandle_(*this\hWriteStdOut)
CloseHandle_(*this\hWwriteStdErr)
Else ;CreateProcess error
error = -3
EndIf
Else ;pipe error
error = -2
EndIf
Else ;pipe error
error = -1
EndIf
If *err : *err\i = error : EndIf
If error=0
ProcedureReturn *this
Else ;error
CloseHandle_(*this\hReadStdErr)
CloseHandle_(*this\hReadStdOut)
CloseHandle_(*this\hWriteStdOut)
CloseHandle_(*this\hWwriteStdErr)
FreeMemory(*this)
ProcedureReturn #False
EndIf
EndProcedure
Re: AppData path - Execution not allowed?
Posted: Fri Oct 29, 2010 8:24 pm
by Mistrel
I can't find a reference. I know we can read/write/delete from our local app data folder as well as "all users". But I never considered whether we could execute something from there.
Re: AppData path - Execution not allowed?
Posted: Sat Oct 30, 2010 12:30 pm
by c4s
I'm pretty ashamed but it looks like the solution is to modify that line:
Code: Select all
If CreateProcess_(#Null, program + " " + command, @sa, @sa, #True, #NORMAL_PRIORITY_CLASS, #Null, #Null, @start, @*this\process)
...to this:
Code: Select all
If CreateProcess_(#Null, #DQUOTE$ + program + #DQUOTE$ + " " + command, @sa, @sa, #True, #NORMAL_PRIORITY_CLASS, #Null, #Null, @start, @*this\process)
I send this fix out and it seems to work on their pc's.