[wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
Hoover, Jacob
Jacob.Hoover at greenheck.com
Wed Aug 5 15:27:54 PDT 2020
I have to admit I’m not experienced with WIP’s, but I did attempt to do a draft of this a while back https://github.com/wixtoolset/web/blob/develop/src/Web/Static/documents/development/wips/3704-sharing-bundle-variables-across-bundle-versions.html.md
I am hearing several points in this thread and am trying to gather them into one list so hopefully we can discuss them today.
1. Don’t use a shared context, but instead migrate all variables to the registry (No more rsm blob).
2. The ability to encrypt some or all the data is desirable
3. Non-hidden but persisted variables need to be accessible
We could implement persistence in the registry, with all the hidden variables being serialized into a Binary value, using the DPAPI to protect them, and have all the persisted but not hidden variables be written as a native type. String -> REG_SZ, and try to coerce a numeric into either a QWORD or a binary value.
From: Bob Arnson <bob at firegiant.com>
Sent: Wednesday, August 5, 2020 4:36 PM
To: Edwin Castro <egcastr at gmail.com>; WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com>; Rob Mensching <rob at firegiant.com>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
I consider this an “all other things being equal” scenario. So, all other things being equal, if we’re implementing a feature whose implementation solves the designated problem and also – for minimal extra effort – solves another problem, great. I wouldn’t go out of my way to do it, however, and this scenario is one that could go either way: Today, variables are persisted in a blob so implementing 3704 might require teasing that apart, which would be useful to also allow “naked” access. But the blob contains the variable types, which might be difficult to pull off without encoding it somehow. It might be better to provide a butil API to read the blob, even if we moved from using a file to a binary registry value.
But this is why we require WIPs for this kind of change, so someone digs deeper into the code and discusses the considerations and alternatives.
From: Edwin Castro <egcastr at gmail.com<mailto:egcastr at gmail.com>>
Sent: Wednesday, 5 August, 2020 16:37
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>; Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com>>; Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
As a bundle author, if I can persist non-hidden and hidden variables in the registry, then I'd like to have the option of reading non-hidden variables from the registry without needing to use butil to do so. Not all applications can consume butil.
Would it make sense to persist variables in an implementation dependent way _and_ mirror non-hidden variables to a visible and findable location in the registry? I'd support such a mirror being strictly "read-only" meaning that any writes done "out of band" do not affect future bundle execution. Effectively burn would ignore their current values and overwrite them with the one-true-value from real storage.
--
Edwin G. Castro
On Wed, Aug 5, 2020 at 11:35 AM Bob Arnson via wix-devs <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>> wrote:
Meh. YAGNI. If we're writing individual persisted variables as individual registry values, then obfuscation is just annoying to someone who needs the data. If we're attempting to replace the state file with a binary blob in the registry, then sure, encode and encrypt, why not?
From: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>
Sent: Wednesday, 5 August, 2020 14:10
To: Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com>>; WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>; Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com>>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
Right, but if we ever need to change the storage location/encryption in the future, the API will isolate the consumer from the implementation. I don't think we want to be painted into a corner with no ability to change it. In addition, I would expect the butil API to handle the encryption/decryption.
From: Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com><mailto:bob at firegiant.com<mailto:bob at firegiant.com>>>
Sent: Wednesday, August 5, 2020 12:58 PM
To: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>>; WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>>; Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>>>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
That doesn't cover a lot of scenarios. If we're going to use the registry without some kind of encoding (not encryption), blocking "plain" use of the registry seems like overkill.
From: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>>
Sent: Wednesday, 5 August, 2020 13:53
To: Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com><mailto:bob at firegiant.com<mailto:bob at firegiant.com>>>; WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>>; Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>>>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
No... Don't look it up in the registry, use butil API to get to it.
From: Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com><mailto:bob at firegiant.com<mailto:bob at firegiant.com>>>
Sent: Wednesday, August 5, 2020 12:52 PM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>>; Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>>>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
There's non-sensitive data that a bundle author might want to expose for non-bundle use (e.g., "go ahead and look up Foo in the registry <here>."
-----Original Message-----
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>>> On Behalf Of Hoover, Jacob via wix-devs
Sent: Wednesday, 5 August, 2020 13:44
To: Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>>>; WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
I guess from my standpoint, if we were to encrypt one variable, we might as well encrypt "them" all. At least then it would be a single behavior for storage and retrieval. Then the only thing you'd have to worry about is the compiler warning when persisting if the variable is defined as hidden. Are we only encrypting stings, or would we encrypt all variable types?
From: Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>>>
Sent: Wednesday, August 5, 2020 12:39 PM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>>>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>>>
Subject: RE: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
1. I don't completely disagree about the futility. However, storing secrets in plain text is hard to defend. So, if we store them it seems reasonable to at least do the minimum described in the Win32 documentation:
* https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata<https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata><https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata<https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata>>
* https://docs.microsoft.com/en-us/windows/win32/secbp/handling-passwords<https://docs.microsoft.com/en-us/windows/win32/secbp/handling-passwords><https://docs.microsoft.com/en-us/windows/win32/secbp/handling-passwords<https://docs.microsoft.com/en-us/windows/win32/secbp/handling-passwords>>
2. I think it would definitely be a good idea to have at least a warning when Persisting Hidden variables. I could see someone argue that the warning should be an error if the above doesn't sound secure enough to allow anyone to store hidden variables easily.
-----Original Message-----
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>>>> On Behalf Of Hoover, Jacob via wix-devs
Sent: Wednesday, August 5, 2020 10:23 AM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>
Cc: Hoover, Jacob <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com><mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>%3cmailto:Jacob.Hoover at greenheck.com<mailto:3cmailto%3AJacob.Hoover at greenheck.com>>>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
The question I have is what is the value of encrypting them? If were just trying to deter the casual observer, then that's fine, but I would expect butil to expose an API for reading variables. Are you suggesting that hidden variables would be excluded from being shared? (I could see using the bundle id as a seed for encrypting them, but even then it's only going to protect from the casual observer as WIX is open source so a skilled individual could always write the code to do the same as the bundle is doing.)
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>>>> On Behalf Of Bob Arnson via wix-devs
Sent: Wednesday, August 5, 2020 9:30 AM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>
Cc: Bob Arnson <bob at firegiant.com<mailto:bob at firegiant.com><mailto:bob at firegiant.com<mailto:bob at firegiant.com><mailto:bob at firegiant.com<mailto:bob at firegiant.com>%3cmailto:bob at firegiant.com<mailto:3cmailto%3Abob at firegiant.com>>>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
We could separate "hidden" from "secure" or "encryptedAtRest" in v2.
-----Original Message-----
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>>>>> On Behalf Of Rob Mensching via wix-devs
Sent: Wednesday, 5 August, 2020 10:25
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>>
Cc: Rob Mensching <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com>>>>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
> If Windows Installer really doesn't protect Hidden variables with encryption, then I'm not sure there's value in Burn doing the encryption during runtime or at rest.
Reasonable argument but persisted MSI Properties is an oft requested feature (that's why my Remember Property Pattern blog post is very popular) and doing it with secure variables requires more complicated machinery.
I am of the opinion (and I could be convinced I'm wrong), that protecting secrets in memory is overkill. There is always a point somewhere in the process where the secret is not encrypted in memory (like being typed into a password text box or sent to an external process). So, the goal should be to protect the secret from non-authorized users. That's why I thought DAPI would work because it prevents a hard drive from being stolen and inspected. AFAIK, there is no protecting secrets from users on the machine who run processes that operate on those secrets.
Anyway, I totally understand if Persisted Hidden variables are not encrypted in the first version of the feature.
Also, I think it is a bit of a hassle for a BA to securely store Hidden variables. Namely, it'd have to create a parallel set of persisted variables that are updated when their non-secure variables are changed. Doable, just a bit of a hassle.
-----Original Message-----
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs-bounces at lists.wixtoolset.org>>>>> On Behalf Of Sean Hall via wix-devs
Sent: Sunday, August 2, 2020 4:48 PM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>>
Cc: Sean Hall <r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com><mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>>>>>
Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted variables from related bundles
If Windows Installer really doesn't protect Hidden variables with encryption, then I'm not sure there's value in Burn doing the encryption during runtime or at rest. It would always need to be decrypted and sent to an external process to actually be used which defeats the purpose. At which point we should probably copy Windows Installer and say that Hidden only protects it from being written to the log. If the BA wants it decrypted, it can encrypt it and set a string variable to the base64 value.
On Sat, Aug 1, 2020 at 1:08 PM Rob Mensching via wix-devs < wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>> wrote:
> > added a warning or something to Variables marked Hidden and Persisted.
>
> Or... should we investigate DAPI encrypting Hidden variables in the
> registry? Just throwing that out there if Jacob (or someone) wanted to
> noodle on it. I have not thought through the issues to the bottom.
>
> -----Original Message-----
> From: wix-devs
> <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.w<mailto:wix-devs-bounces at lists.w>
<mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b<mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:0b%253cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b>>> ixtoolset.org<http://ixtoolset.org>>> On Behalf Of Rob Mensching via wix-devs
> Sent: Saturday, August 1, 2020 11:13 AM
> To: WiX Toolset Developer Mailing List
> <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><ma
<mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cma%0b>> ilto:wix-devs at lists.wixtoolset.org<mailto:ilto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.
> org>>>
> Cc: Rob Mensching
> <rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com><mailto:rob at firegiant.com<mailto:rob at firegiant.com>%3
<mailto:rob at firegiant.com<mailto:rob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com>%3cmailto:rob at firegiant.com<mailto:3cmailto%3Arob at firegiant.com>%253%0b>> cmailto:rob at firegiant.com<mailto:cmailto%3Arob at firegiant.com>>>>
> Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted
> variables from related bundles
>
> Quick historical note:
>
> > I feel like the interaction between Hidden and Persisted wasn't
> > fully thought through
>
> It wasn't that it wasn't thought through, the problem was just punted
> in the first version of Burn. Maybe that's the same thing but the
> intent was different. <smile/>
>
> In the end, we probably should have added a warning or something to
> Variables marked Hidden and Persisted. Maybe not too late to consider...
> especially if the values are going to be more obvious in the registry?
>
>
> -----Original Message-----
> From: wix-devs
> <wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org><mailto:wix-devs-bounces at lists.w<mailto:wix-devs-bounces at lists.w>
<mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b<mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b%3cmailto:wix-devs-bounces at lists.wixtoolset.org<mailto:0b%253cmailto%3Awix-devs-bounces at lists.wixtoolset.org>%3cmailto:wix-devs-bounces at lists.w%0b>>> ixtoolset.org<http://ixtoolset.org>>> On Behalf Of Sean Hall via wix-devs
> Sent: Wednesday, July 29, 2020 10:46 AM
> To: WiX Toolset Developer Mailing List
> <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><ma
<mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cma%0b>> ilto:wix-devs at lists.wixtoolset.org<mailto:ilto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.
> org>>>
> Cc: Sean Hall
> <r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.hall<mailto:r.sean.hall>
<mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>%3cmailto:r.sean.hall%0b>> @gmail.com<http://gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>>>>
> Subject: Re: [wix-devs] WIXBUG3704 - Allow access to persisted
> variables from related bundles
>
> By "secure", you mean a Variable that is Hidden="yes"? The state file
> is just as secure as the registry. I feel like the interaction between
> Hidden and Persisted wasn't fully thought through, hence the issue I
> created -
> https://github.com/wixtoolset/issues/issues/4862<https://github.com/wixtoolset/issues/issues/4862><https://github.com/wi<https://github.com/wi>
> xtoolset/issues/issues/4862><https://github.com/wi<https://github.com/wi><https://github.com/<https://github.com/><https://github.com<https://github.com>>
> wi> xtoolset/issues/issues/4862>. I've been following the .NET Core
> discussion about obsoleting SecureString (
> https://github.com/dotnet/designs/pull/147<https://github.com/dotnet/designs/pull/147><https://github.com/dotnet/d<https://github.com/dotnet/d>
> esigns/pull/147><https://github.com/dotnet/d<https://github.com/dotnet/d><https://github.com/dotnet<https://github.com/dotnet>
> /d>
> esigns/pull/147>) and I'm wondering if there's actually value in the
> engine encrypting Hidden variables. I had hoped that MSI was also
> trying to be careful with Hidden properties, but I think the WiX documentation is right - it only hides it from being written to the log.
>
> I didn't see anything in your POC that removed the "shared" variables
> from the state file.
>
> I'm suggesting that "shared" is unnecessary, and that all Persisted="yes"
> variables should be stored in the registry instead of the state file.
>
> On Wed, Jul 29, 2020 at 11:07 AM Hoover, Jacob
> <Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>
<mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>%0b<mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>%0b%3cmailto:Jacob.Hoover at greenheck.com<mailto:0b%253cmailto%3AJacob.Hoover at greenheck.com>%0b<mailto:Jacob.Hoover at greenheck.com<mailto:Jacob.Hoover at greenheck.com>%0b%3cmailto:Jacob.Hoover at greenheck.com<mailto:0b%253cmailto%3AJacob.Hoover at greenheck.com>%0b%3cmailto:Jacob.Hoover at greenheck.com<mailto:0b%253cmailto%3AJacob.Hoover at greenheck.com>%0b%3cmailto:Jacob.Hoover at greenheck.com<mailto:0b%253cmailto%3AJacob.Hoover at greenheck.com>%0b>>>> >
> wrote:
>
> > I was trying to find a happy medium. As the registry isn't a "secure"
> > location, I was envisioning that it would be limited use so the
> > author could explicitly define what they wanted to share. Going from
> > memory, I don't think my POC implementation stores in both locations.
> >
> >
> >
> > Are you suggesting of eliminating local storage of variables and
> > place them all in the registry?
> >
> >
> >
> > I'll work on a WIP as soon as I can garner enough feedback to at
> > least ensure I am not totally off base.
> >
> >
> >
> > *From:* wix-devs [mailto:wix-devs-bounces at lists.wixtoolset.org<mailto:wix-devs-bounces at lists.wixtoolset.org>] *On
> > Behalf Of *Sean Hall via wix-devs
> > *Sent:* Tuesday, July 28, 2020 6:46 PM
> > *To:* WiX Toolset Developer Mailing List
> > <wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><
<mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3c%0b>> > mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtool
> > set.org<http://set.org>>>
> > >
> > *Cc:* Sean Hall
> > <r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com><mailto:r.sean.ha<mailto:r.sean.ha>
<mailto:r.sean.hall at gmail.com<mailto:r.sean.hall at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>%3cmailto:r.sean.ha%0b>> > ll at gmail.com<mailto:ll at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com><mailto:ll at gmail.com<mailto:ll at gmail.com>%3cmailto:r.sean.hall at gmail.com<mailto:3cmailto%3Ar.sean.hall at gmail.com>>>>>
> > *Subject:* Re: [wix-devs] WIXBUG3704 - Allow access to persisted
> > variables from related bundles
> >
> >
> >
> > I think it's a good idea to persist the variables in the registry. I
> > think there should be a single source of truth so I don't think they
> > should also be persisted to the state file.
> >
> > I'm having trouble coming up with a use case for persisting a
> > variable for the bundle but not for related bundles. Why shouldn't
> > all persisted variables be "shared"?
> >
> > Please write a WIP.
> >
> > On Fri, Jul 24, 2020 at 10:14 AM Hoover, Jacob via wix-devs <
> > wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org><mailto:wix-devs at lists.wixtoolset.org<mailto:wix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>%3cmailto:wix-devs at lists.wixtoolset.org<mailto:3cmailto%3Awix-devs at lists.wixtoolset.org>>>>> wrote:
> >
> > > https://github.com/wixtoolset/issues/issues/3704<https://github.com/wixtoolset/issues/issues/3704><https://github.co<https://github.co>
> > > m/wixtoolset/issues/issues/3704><https://github.co<https://github.co><https://github.
> > > co>
> > > m/wixtoolset/issues/issues/3704>
> > >
> > > I haven't done my searching yet, but this is related to some work
> > > I had done internally. My thought was instead of allowing access
> > > to persisted variables, to allow for "shared" variables which
> > > would be written to the registry. In addition to not needing to be
> > > concerned with format/version and/or invoking the other bundle to
> > > ask it for data, we could simply
> > allow
> > > for shared variables to be accessed via the registry.
> > >
> > > I believe this was my rough in of the POC:
> > >
> > https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFEA<https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFEA>
> > <https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE<https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE>
> > A>
> > <https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE<https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE>
> > <https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE<https://github.com/wixtoolset/wix3/compare/develop...jchoover:WIXFE>
> > >
> > A>
> > T3
> > 704
> > >
> > > Thoughts?
> > >
> > > Thanks,
> > > Jacob
> > >
> > > __________________________________________________________________
> > > __ WiX Toolset Developer Mailing List provided by FireGiant
> > > http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com<http://www.firegiant.com>><http://www.firegiant.com<http://www.firegiant.com>><http://www.fir
> > > egiant.com<http://egiant.com><http://www.firegiant.com<http://www.firegiant.com>>>
> > >
> > ____________________________________________________________________
> > WiX Toolset Developer Mailing List provided by FireGiant
> > http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.fire<http://www.fire>
> > giant.com/<http://giant.com/><http://giant.com<http://giant.com>><http://www.firegiant.com/<http://www.firegiant.com/>>>
> >
> > NOTE: This email was received from an external source. Please use
> > caution when opening links or attachments in the message.
> >
> ____________________________________________________________________
> WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegi
> ant.com/<http://ant.com/><http://ant.com<http://ant.com>><http://www.firegiant.com/<http://www.firegiant.com/>>>
> ____________________________________________________________________
> WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegi
> ant.com/<http://ant.com/><http://ant.com/<http://ant.com/>><http://www.firegiant.com/<http://www.firegiant.com/>>>
> ____________________________________________________________________
> WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegi
> ant.com/<http://ant.com/><http://ant.com/<http://ant.com/>><http://www.firegiant.com/<http://www.firegiant.com/>>>
>
____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>>> ____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>>>
____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>><http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>>>
NOTE: This email was received from an external source. Please use caution when opening links or attachments in the message.
____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/><http://www.firegiant.com/<http://www.firegiant.com/>>
NOTE: This email was received from an external source. Please use caution when opening links or attachments in the message.
____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/>
NOTE: This email was received from an external source. Please use caution when opening links or attachments in the message.
NOTE: This email was received from an external source. Please use caution when opening links or attachments in the message.
____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant http://www.firegiant.com/<http://www.firegiant.com/>
NOTE: This email was received from an external source. Please use caution when opening links or attachments in the message.
More information about the wix-devs
mailing list