WINAMP.COM | Forums : Powered by vBulletin version 2.3.9 WINAMP.COM | Forums > Developer Center > NSIS Discussion > Win Vista/7: No writing in directories with spaces in the name
  Last Thread   Next Thread
Author
Thread Post New Thread    Post A Reply
raphaelm
Junior Member

Registered: Nov 2009
From:

Win Vista/7: No writing in directories with spaces in the name

Hello!
I'm using the following piece of code to build my setup with NSIS. I built it on Windows XP and it works fine with Windows XP and 2000. But on Windows 7 and Vista, NSIS isn't able to write files to "C:\Program files\software name". But if I use a target directory wich doesn't include spaces, for example "C:\softwarename", it works.

Do you have any idea, why or what I shall do for get it working?

code:
; Needs:
; URL submitted by user.
!define MUI_ICON cookiepascal.ico
!define MUI_UNICON ${NSISDIR}\Contrib\Graphics\Icons\orange-uninstall.ico
!define MUI_HEADERIMAGE_BITMAP ${NSISDIR}\Contrib\Graphics\Header\orange.bmp
!define MUI_HEADERIMAGE_UNBITMAP ${NSISDIR}\Contrib\Graphics\Header\orange-uninstall.bmp
!define MUI_WELCOMEFINISHPAGE_BITMAP left.bmp
!define MUI_UNWELCOMEFINISHPAGE_BITMAP left-un.bmp
!define MUI_FINISHPAGE_NOAUTOCLOSE
!define MUI_UNFINISHPAGE_NOAUTOCLOSE

!include "MUI2.nsh"
!include "ZipDLL.nsh"

Name "Cookie Pascal"
OutFile "setup_win32.exe"

InstallDir "$PROGRAMFILES\CookiePascal"

RequestExecutionLevel user

!define MUI_ABORTWARNING

!insertmacro MUI_PAGE_WELCOME
!insertmacro MUI_PAGE_COMPONENTS
!insertmacro MUI_PAGE_DIRECTORY
!insertmacro MUI_PAGE_INSTFILES
!insertmacro MUI_PAGE_FINISH

!insertmacro MUI_UNPAGE_WELCOME
!insertmacro MUI_UNPAGE_CONFIRM
!insertmacro MUI_UNPAGE_INSTFILES
!insertmacro MUI_UNPAGE_FINISH

!insertmacro MUI_LANGUAGE "German"

!define MUI_WELCOMEPAGE_TITLE "Installation"

Function .onInit

  !insertmacro MUI_LANGDLL_DISPLAY

FunctionEnd



section
setOutPath $INSTDIR
File "CookiePascal.exe"
File "cookiepascal.ico"
File "default-windows-config.conf"
File "bins.zip" ; contains:
			  ; - Folder units/ with all FPC-units directly (e.g. subdir "rtl")
			  ; - as.exe, cp.exe, cpp.exe, diff.exe, fp.exe, fp32.ico, fpc.cfg, fpc.exe, fpcmake.exe, fpcmkcfg.exe, fpcsubst.exe, fpdoc.exe, fpmc.exe,
			  ;   fppkg.exe, fprcp.exe, gcc.exe, gdate.exe, gdb.exe, gecho.exe, ginstall.exe, gmkdir.exe, grep.exe, ld.exe, make.exe, mv.exe, patch.exe,
			  ;   ppc386.exe, rm.exe, unzip.exe, upx.exe, zip.exe
!insertmacro ZIPDLL_EXTRACT "$INSTDIR\bins.zip" "$INSTDIR" "<ALL>"
Rename "$INSTDIR\default-windows-config.conf" "$INSTDIR\cookiepascal.conf"
writeUninstaller "$INSTDIR\uninstaller.exe"
delete "$INSTDIR\bins.zip"

 WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "DisplayName" "Cookie Pascal" ;angezeigter Name
 WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "UninstallString" "$INSTDIR\uninstaller.exe"
 WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "InstallLocation" "$INSTDIR"
 WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "Publisher" "geek's factory"
 WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "DisplayVersion" "1.0.0.0"
 WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "NoModify" 0 ; Keine nachträgliche Modifizierung möglich
 WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal" \
   "NoRepair" 1 ; Keine Reparatur möglich
 WriteRegStr HKLM "Software\geeksfactory\CookiePascal" \
   "Path" $INSTDIR ; Keine Reparatur möglich

sectionEnd

section "Desktop-Icons"
createShortCut "$DESKTOP\Cookie Pascal.lnk" "$INSTDIR\CookiePascal.exe"
sectionEnd

section "Startmenue-Eintrag"
createShortCut "$SMPROGRAMS\Cookie Pascal.lnk" "$INSTDIR\CookiePascal.exe"
sectionEnd

section "Schnellstartverknuepfung"
createShortCut "$QUICKLAUNCH\Cookie Pascal.lnk" "$INSTDIR\CookiePascal.exe"
sectionEnd

section "Uninstall"

delete "$INSTDIR\uninstaller.exe"
delete "$INSTDIR\CookiePascal.exe"
delete "$SMPROGRAMS\Cookie Pascal.lnk"
delete "$QUICKLAUNCH\Cookie Pascal.lnk"
delete "$DESKTOP\Cookie Pascal.lnk"
delete "$INSTDIR\cookiepascal.conf"
delete "$INSTDIR\cookiepascal.ico"
delete "$INSTDIR\as.exe"
delete "$INSTDIR\cp.exe"
delete "$INSTDIR\cpp.exe"
delete "$INSTDIR\diff.exe"
delete "$INSTDIR\fp.exe"
delete "$INSTDIR\fp32.ico"
delete "$INSTDIR\fpc.cfg"
delete "$INSTDIR\fpc.exe"
delete "$INSTDIR\fpcmake.exe"
delete "$INSTDIR\fpcmkcfg.exe"
delete "$INSTDIR\fpcsubst.exe"
delete "$INSTDIR\fpdoc.exe"
delete "$INSTDIR\fpmc.exe"
delete "$INSTDIR\fppkg.exe"
delete "$INSTDIR\fprcp.exe"
delete "$INSTDIR\gcc.exe"
delete "$INSTDIR\gdate.exe"
delete "$INSTDIR\gdb.exe"
delete "$INSTDIR\gecho.exe"
delete "$INSTDIR\ginstall.exe"
delete "$INSTDIR\gmkdir.exe"
delete "$INSTDIR\grep.exe"
delete "$INSTDIR\ld.exe"
delete "$INSTDIR\make.exe"
delete "$INSTDIR\mv.exe"
delete "$INSTDIR\patch.exe"
delete "$INSTDIR\ppc386.exe"
delete "$INSTDIR\rm.exe"
delete "$INSTDIR\unzip.exe"
delete "$INSTDIR\upx.exe"
delete "$INSTDIR\zip.exe"
DeleteRegKey HKLM Software\Microsoft\Windows\CurrentVersion\Uninstall\CookiePascal
RMDir $INSTDIR

sectionEnd

Raphael

Quick Link | Report this post to a moderator | IP: Logged

raphaelm is offline Old Post 11-26-2009 07:21 PM
Click Here to See the Profile for raphaelm Click here to Send raphaelm a Private Message Click Here to Email raphaelm Find more posts by raphaelm Add raphaelm to your buddy list Edit/Delete Message Reply w/Quote
Anders
Major Dude

Registered: Jun 2002
From: N/A

RequestExecutionLevel user << needs to be admin
...you also need to make sure the user is admin by calling the userinfo plugin at some point (in .oninit for example)

__________________
IntOp $PostCount $PostCount + 1

Quick Link | Report this post to a moderator | IP: Logged

Anders is offline Old Post 11-26-2009 07:25 PM
Click Here to See the Profile for Anders Click here to Send Anders a Private Message Visit Anders's homepage! Find more posts by Anders Add Anders to your buddy list Edit/Delete Message Reply w/Quote
Ciceti
Junior Member

Registered: Nov 2009
From:

Since I (and others) am having the same problems, I try to better understand:

1) with RequestExecution level set to user, no way of installing files to program files under vista/7. In my case, I have written a Photoshop script that should be put under "Program Files (x86)\Photoshop\...." folder.
Correct?

2) if installing files to program files subfolders is needed (my case), then the NSIS script must have on top

code:
RequestExecutionLevel admin

Why should I also check the user privilege in onInit function?

Also to be able to freely write to and read from all the nested subfolders when the program is launched by a normal user, I should install the AccessControl plugin in NSIS and add to the script a
code:
	AccessControl::GrantOnFile "$INSTDIR\subfolder" "Everyone" "FullAccess"

Correct?
Other things am I missing?

Thanks a lot!

Ciceti

Quick Link | Report this post to a moderator | IP: Logged

Ciceti is offline Old Post 11-27-2009 06:44 PM
Click Here to See the Profile for Ciceti Click here to Send Ciceti a Private Message Find more posts by Ciceti Add Ciceti to your buddy list Edit/Delete Message Reply w/Quote
MSG
Senior Member

Registered: Oct 2006
From:

quote:
Originally posted by Ciceti
Why should I also check the user privilege in onInit function?

Because windows ignores the requested execution level if UAC is disabled.

quote:
Originally posted by Ciceti
Also to be able to freely write to and read from all the nested subfolders when the program is launched by a normal user, I should install the AccessControl plugin in NSIS and add to the script a
code:
	AccessControl::GrantOnFile "$INSTDIR\subfolder" "Everyone" "FullAccess"

Correct?
Other things am I missing?

Looks about right. But you really shouldn't open up a directory to all users like that. What if $INSTDIR is somewhere in Program Files? Then that subdir would become open to all users, some user does something stupid to put a virus into that open directory, and then a system admin might run the virus at admin level because he thinks "an application in program files is safe, because only an admin could have put it there."

Instead, you should program your application to write to LocalAppData or something like that.

Quick Link | Report this post to a moderator | IP: Logged

MSG is offline Old Post 11-27-2009 10:18 PM
Click Here to See the Profile for MSG Click here to Send MSG a Private Message Find more posts by MSG Add MSG to your buddy list Edit/Delete Message Reply w/Quote
Ciceti
Junior Member

Registered: Nov 2009
From:

Thanks, a couple of clarifications.

quote:
Originally posted by MSG
Because windows ignores the requested execution level if UAC is disabled.

... UAC is something that can be disabled by the user (sorry for stupid question)? So.. to be safe, what should I put into onInit?

quote:

Looks about right. But you really shouldn't open up a directory to all users like that. What if $INSTDIR is somewhere in Program Files? Then that subdir would become open to all users, some user does something stupid to put a virus into that open directory, and then a system admin might run the virus at admin level because he thinks "an application in program files is safe, because only an admin could have put it there."

Instead, you should program your application to write to LocalAppData or something like that.

Yes, my $INSTDIR is inside Program Files being a Photoshop plugin and I dont know how/if a plugin inside Photoshop can retrieve the LocalAppData, I will look for that. Otherwise can I give more restricted grants? I need write grants since the plugin saves a configuration file.

Thanks!!

Quick Link | Report this post to a moderator | IP: Logged

Ciceti is offline Old Post 11-27-2009 10:29 PM
Click Here to See the Profile for Ciceti Click here to Send Ciceti a Private Message Find more posts by Ciceti Add Ciceti to your buddy list Edit/Delete Message Reply w/Quote
MSG
Senior Member

Registered: Oct 2006
From:

quote:
Originally posted by Ciceti
UAC is something that can be disabled by the user (sorry for stupid question)? So.. to be safe, what should I put into onInit?

UAC can be disabled, yes. (Keep in mind that UAC is a Windows feature, and the UAC Plugin is an NSIS plugin. They're completely different things.)
In .onInit, you could do something like this:
code:
  UserInfo::GetAccountType
  Pop $1
  ${If} $1 != "Admin"
    MessageBox MB_OK "Admin required."
    quit
  ${EndIf}



quote:
Originally posted by Ciceti
Otherwise can I give more restricted grants? I need write grants since the plugin saves a configuration file.

Well yes, you can restrict as much as you like. To prevent giving 'all access' I currently use:
code:
  FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE | DELETE
= STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE | 
  STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | 
  STANDARD_RIGHTS_EXECUTE | FILE_EXECUTE | DELETE
= ReadControl + ReadData + ReadAttributes + ReadEA + Synchronize + 
  ReadControl + WriteData + WriteAttributes + WriteEA + AppendData +
  ReadControl + Execute + Delete

But as you can see, if you give them that much, it makes little difference to just give it all. If they can write, they can destroy, so you might as well make it easy on them.

Quick Link | Report this post to a moderator | IP: Logged

MSG is offline Old Post 11-28-2009 07:57 AM
Click Here to See the Profile for MSG Click here to Send MSG a Private Message Find more posts by MSG Add MSG to your buddy list Edit/Delete Message Reply w/Quote
Ciceti
Junior Member

Registered: Nov 2009
From:

Thanks a lot.
For restriction of grants, I will try with "GenericRead + GenericWrite" that should enable writing/reading config files while preventing executing dangerous files. Do you agree?
Cheers

Quick Link | Report this post to a moderator | IP: Logged

Ciceti is offline Old Post 11-28-2009 09:56 AM
Click Here to See the Profile for Ciceti Click here to Send Ciceti a Private Message Find more posts by Ciceti Add Ciceti to your buddy list Edit/Delete Message Reply w/Quote
MSG
Senior Member

Registered: Oct 2006
From:

quote:
Originally posted by Ciceti
Thanks a lot.
For restriction of grants, I will try with "GenericRead + GenericWrite" that should enable writing/reading config files while preventing executing dangerous files. Do you agree?
Cheers

Sadly that won't solve anything. The danger is not a user executing something dangerous, the danger is an *admin* executing something dangerous. The only way to prevent that from happening is not allowing users to write to the directory. And that would mean modifying your plugin to write to localappdata/mydocs/etc (or not write at all).

Quick Link | Report this post to a moderator | IP: Logged

MSG is offline Old Post 11-28-2009 06:28 PM
Click Here to See the Profile for MSG Click here to Send MSG a Private Message Find more posts by MSG Add MSG to your buddy list Edit/Delete Message Reply w/Quote
All times are GMT. The time now is 08:13 PM. Post New Thread    Post A Reply
  Last Thread   Next Thread
WINAMP.COM | Forums : Powered by vBulletin version 2.3.9 WINAMP.COM | Forums > Developer Center > NSIS Discussion > Win Vista/7: No writing in directories with spaces in the name
Show Printable Version
 | 
Email this Page
 | 
Subscribe to this Thread

Forum Jump:
 

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is off
vB code is ON
Smilies are ON
[IMG] code is ON