|
@@ -49,7 +49,7 @@ type
|
|
|
|
|
|
|
|
function CheckForMutexes(const Mutexes: String): Boolean;
|
|
function CheckForMutexes(const Mutexes: String): Boolean;
|
|
|
procedure CreateMutexes(const Mutexes: String);
|
|
procedure CreateMutexes(const Mutexes: String);
|
|
|
-function CreateTempDir(const IsAdminAndNotDebugging: Boolean): String;
|
|
|
|
|
|
|
+function CreateTempDir(const AllowOnlyPrivilegedAccess: Boolean): String;
|
|
|
function DecrementSharedCount(const RegView: TRegView; const Filename: String): Boolean;
|
|
function DecrementSharedCount(const RegView: TRegView; const Filename: String): Boolean;
|
|
|
procedure DelayDeleteFile(const DisableFsRedir: Boolean; const Filename: String;
|
|
procedure DelayDeleteFile(const DisableFsRedir: Boolean; const Filename: String;
|
|
|
const MaxTries, FirstRetryDelayMS, SubsequentRetryDelayMS: Integer);
|
|
const MaxTries, FirstRetryDelayMS, SubsequentRetryDelayMS: Integer);
|
|
@@ -62,7 +62,7 @@ function DetermineDefaultLanguage(const GetLanguageEntryProc: TGetLanguageEntryP
|
|
|
var ResultIndex: Integer): TDetermineDefaultLanguageResult;
|
|
var ResultIndex: Integer): TDetermineDefaultLanguageResult;
|
|
|
procedure EnumFileReplaceOperationsFilenames(const EnumFunc: TEnumFROFilenamesProc;
|
|
procedure EnumFileReplaceOperationsFilenames(const EnumFunc: TEnumFROFilenamesProc;
|
|
|
Param: Pointer);
|
|
Param: Pointer);
|
|
|
-function GenerateNonRandomUniqueTempDir(const IsAdminAndNotDebugging: Boolean;
|
|
|
|
|
|
|
+function GenerateNonRandomUniqueTempDir(const AllowOnlyPrivilegedAccess: Boolean;
|
|
|
Path: String; var TempDir: String): Boolean;
|
|
Path: String; var TempDir: String): Boolean;
|
|
|
function GenerateUniqueName(const DisableFsRedir: Boolean; Path: String;
|
|
function GenerateUniqueName(const DisableFsRedir: Boolean; Path: String;
|
|
|
const Extension: String): String;
|
|
const Extension: String): String;
|
|
@@ -174,7 +174,7 @@ function ConvertStringSecurityDescriptorToSecurityDescriptorW(
|
|
|
StringSDRevision: DWORD; var ppSecurityDescriptor: Pointer;
|
|
StringSDRevision: DWORD; var ppSecurityDescriptor: Pointer;
|
|
|
dummy: Pointer): BOOL; stdcall; external advapi32;
|
|
dummy: Pointer): BOOL; stdcall; external advapi32;
|
|
|
|
|
|
|
|
-function CreateSafeDirectory(const IsAdminAndNotDebugging: Boolean; Path: String;
|
|
|
|
|
|
|
+function CreateSafeDirectory(const AllowOnlyPrivilegedAccess: Boolean; Path: String;
|
|
|
var ErrorCode: DWORD): Boolean;
|
|
var ErrorCode: DWORD): Boolean;
|
|
|
{ Creates a protected directory if
|
|
{ Creates a protected directory if
|
|
|
-it's a subdirectory of c:\WINDOWS\TEMP, or
|
|
-it's a subdirectory of c:\WINDOWS\TEMP, or
|
|
@@ -192,7 +192,7 @@ begin
|
|
|
var IsUnderWindowsTemp := Pos(PathLowercase(AddBackslash(GetSystemWinDir) + 'TEMP\'),
|
|
var IsUnderWindowsTemp := Pos(PathLowercase(AddBackslash(GetSystemWinDir) + 'TEMP\'),
|
|
|
PathLowercase(Path)) = 1;
|
|
PathLowercase(Path)) = 1;
|
|
|
var Drive := PathExtractDrive(Path);
|
|
var Drive := PathExtractDrive(Path);
|
|
|
- var IsAdminAndIsLocalTemp := IsAdminAndNotDebugging and (Drive <> '') and
|
|
|
|
|
|
|
+ var IsAdminAndIsLocalTemp := AllowOnlyPrivilegedAccess and (Drive <> '') and
|
|
|
not PathCharIsSlash(Drive[1]) and
|
|
not PathCharIsSlash(Drive[1]) and
|
|
|
(GetDriveType(PChar(AddBackslash(Drive))) <> DRIVE_NETWORK);
|
|
(GetDriveType(PChar(AddBackslash(Drive))) <> DRIVE_NETWORK);
|
|
|
|
|
|
|
@@ -207,7 +207,7 @@ begin
|
|
|
// D: adds a Discretionary ACL ("DACL", i.e. access control via SIDs)
|
|
// D: adds a Discretionary ACL ("DACL", i.e. access control via SIDs)
|
|
|
// P: prevents DACL from being modified by inherited ACLs
|
|
// P: prevents DACL from being modified by inherited ACLs
|
|
|
'D:P';
|
|
'D:P';
|
|
|
- if not IsAdminAndNotDebugging then begin
|
|
|
|
|
|
|
+ if not AllowOnlyPrivilegedAccess then begin
|
|
|
CurrentUserSid := GetCurrentUserSid;
|
|
CurrentUserSid := GetCurrentUserSid;
|
|
|
if CurrentUserSid = '' then
|
|
if CurrentUserSid = '' then
|
|
|
CurrentUserSid := 'OW'; // OW: owner rights
|
|
CurrentUserSid := 'OW'; // OW: owner rights
|
|
@@ -277,7 +277,7 @@ begin
|
|
|
Result := Filename;
|
|
Result := Filename;
|
|
|
end;
|
|
end;
|
|
|
|
|
|
|
|
-function GenerateNonRandomUniqueTempDir(const IsAdminAndNotDebugging: Boolean;
|
|
|
|
|
|
|
+function GenerateNonRandomUniqueTempDir(const AllowOnlyPrivilegedAccess: Boolean;
|
|
|
Path: String; var TempDir: String): Boolean;
|
|
Path: String; var TempDir: String): Boolean;
|
|
|
{ Creates a new temporary directory with a non-random name. Returns True if an
|
|
{ Creates a new temporary directory with a non-random name. Returns True if an
|
|
|
existing directory was re-created. This is called by Uninstall. }
|
|
existing directory was re-created. This is called by Uninstall. }
|
|
@@ -305,7 +305,7 @@ begin
|
|
|
end else if NewFileExists(TempDir) then
|
|
end else if NewFileExists(TempDir) then
|
|
|
if not DeleteFile(TempDir) then Continue;
|
|
if not DeleteFile(TempDir) then Continue;
|
|
|
|
|
|
|
|
- if CreateSafeDirectory(IsAdminAndNotDebugging, TempDir, ErrorCode) then Break;
|
|
|
|
|
|
|
+ if CreateSafeDirectory(AllowOnlyPrivilegedAccess, TempDir, ErrorCode) then Break;
|
|
|
if ErrorCode <> ERROR_ALREADY_EXISTS then
|
|
if ErrorCode <> ERROR_ALREADY_EXISTS then
|
|
|
raise Exception.Create(FmtSetupMessage(msgLastErrorMessage,
|
|
raise Exception.Create(FmtSetupMessage(msgLastErrorMessage,
|
|
|
[FmtSetupMessage1(msgErrorCreatingDir, TempDir), IntToStr(ErrorCode),
|
|
[FmtSetupMessage1(msgErrorCreatingDir, TempDir), IntToStr(ErrorCode),
|
|
@@ -313,7 +313,7 @@ begin
|
|
|
until False; // continue until a new directory was created
|
|
until False; // continue until a new directory was created
|
|
|
end;
|
|
end;
|
|
|
|
|
|
|
|
-function CreateTempDir(const IsAdminAndNotDebugging: Boolean): String;
|
|
|
|
|
|
|
+function CreateTempDir(const AllowOnlyPrivilegedAccess: Boolean): String;
|
|
|
{ This is called by SetupLdr, Setup, and Uninstall. }
|
|
{ This is called by SetupLdr, Setup, and Uninstall. }
|
|
|
var
|
|
var
|
|
|
Dir: String;
|
|
Dir: String;
|
|
@@ -321,7 +321,7 @@ var
|
|
|
begin
|
|
begin
|
|
|
while True do begin
|
|
while True do begin
|
|
|
Dir := GenerateUniqueName(False, GetTempDir, '.tmp');
|
|
Dir := GenerateUniqueName(False, GetTempDir, '.tmp');
|
|
|
- if CreateSafeDirectory(IsAdminAndNotDebugging, Dir, ErrorCode) then
|
|
|
|
|
|
|
+ if CreateSafeDirectory(AllowOnlyPrivilegedAccess, Dir, ErrorCode) then
|
|
|
Break;
|
|
Break;
|
|
|
if ErrorCode <> ERROR_ALREADY_EXISTS then
|
|
if ErrorCode <> ERROR_ALREADY_EXISTS then
|
|
|
raise Exception.Create(FmtSetupMessage(msgLastErrorMessage,
|
|
raise Exception.Create(FmtSetupMessage(msgLastErrorMessage,
|
Jordan Russell