[wix-users] Custom BA: Reading Registry Key Without User Read Permission

Bryan Dam bryand at recastsoftware.com
Wed Feb 17 12:17:56 PST 2021 

Rob/Sean, thanks ever so much for the response and clarifications.  The approach makes perfect sense.

FWIW, I just wrote up a feature request along the lines of what Sean outlined: https://github.com/wixtoolset/issues/issues/6358.  Though I appreciate it's probably a niche use case.
      Bryan

-----Original Message-----
From: Rob Mensching <rob at firegiant.com> 
Sent: Wednesday, February 17, 2021 2:48 PM
To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
Cc: Sean Hall <r.sean.hall at gmail.com>; Bryan Dam <bryand at recastsoftware.com>
Subject: RE: [wix-users] Custom BA: Reading Registry Key Without User Read Permission

For reference, at FireGiant we've built a couple custom BAs that used custom EXEs manifested to elevate launched from a user interface element, often a button with the UAC shield icon on it, to return data back to the BA with the detection information. There is no single elevation but all of the resulting elevations are "expected" by the user given the UI treatments.

-----Original Message-----
From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of Sean Hall via wix-users
Sent: Wednesday, February 17, 2021 11:38 AM
To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
Cc: Sean Hall <r.sean.hall at gmail.com>
Subject: Re: [wix-users] Custom BA: Reading Registry Key Without User Read Permission

The BA has to do everything in v3, there's no extensibility.

On Wed, Feb 17, 2021 at 12:42 PM Bryan Dam <bryand at recastsoftware.com>
wrote:

> Thanks Sean!
>
> > one from the utility exe during Detect
> How is the utility exe ran in that situation?  Just write code in the 
> bootstrapper UI to call it, let Windows handle UAC based on its 
> manifest, and somehow consume the output?  Or is there a way to have 
> the Detect routine call it?  Or are you saying that the exe is part of 
> the installer chain?
>
>
>
> -----Original Message-----
> From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of 
> Sean Hall via wix-users
> Sent: Wednesday, February 17, 2021 12:05 PM
> To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
> Cc: Sean Hall <r.sean.hall at gmail.com>
> Subject: Re: [wix-users] Custom BA: Reading Registry Key Without User 
> Read Permission
>
> I believe that currently people will include a utility exe with their 
> BA so that they can detect that kind of information. This has the 
> drawback of the user getting two UAC prompts - one from the utility 
> exe during Detect and one from the bundle when it elevates.
>
> In v4, there is a new concept of a bundle extension that can perform 
> custom searches during Detect. I think it's a reasonable feature 
> request for the extension to be able to declare that the search must 
> run in the elevated engine, but no one's submitted that feature request yet.
>
> The handle for Detect, Elevate, and Apply is supposed to be the window 
> handle for your UI, Windows Installer and various other APIs that get 
> called require one.
>
> On Wed, Feb 17, 2021 at 10:37 AM Bryan Dam via wix-users < 
> wix-users at lists.wixtoolset.org> wrote:
>
> > We have a custom BA to install an extension/plugin to a Microsoft 
> > product.  We need to get some connection information about that 
> > product from the user and ideally verify that the service account 
> > they provide can access it.  Nothing too crazy there and that's all 
> > working
> just fine.
> > However, the idea was put forth that we should be able to 
> > automatically detect a lot of that information.  We might have to 
> > bounce around making some remote registry calls but the info is all 
> > there.  I've got that working with a singular exception: some of the 
> > registry keys do not have read only permissions for the Users group.
> > It's not my product, I'm not writing those keys, so there's nothing 
> > I can do about that part.  If I right click and run the installer as 
> > administrator it all works beautifully.  Any ideas on how to handle this?
> >
> > Auto-elevating the entire BA would obviously work but I've read 
> > those threads and it seems that's just bad ju-ju even if I'm not 
> > modifying anything.
> >
> > There's Engine.Elevate() but that intentionally doesn't elevate the 
> > UI and I'm not exactly sure what handle I should be giving it.  Is 
> > it possible to elevate the engine and then run elevated code using
> Detect/Plan callbacks?
> >
> > Or is this just a fools errand?
> >
> >        Thanks,
> >              Bryan
> >
> > ____________________________________________________________________
> > WiX Toolset Users Mailing List provided by FireGiant 
> > https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww
> > .f
> > iregiant.com%2F&data=04%7C01%7Cbryand%40recastsoftware.com%7Ca56
> > 82
> > bb70ad84ffe313808d8d366408b%7C9315bb44634846c6bd378880b87e774e%7C0%7
> > C0
> > %7C637491783412563364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLC
> > JQ
> > IjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6%2FegXn
> > FS
> > %2FyoGG5IfIqY%2FY30F%2BdugRRoW%2B9cHiqkNBoc%3D&reserved=0
> >
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2F&data=04%7C01%7Cbryand%40recastsoftware.com%7Ca5682
> bb70ad84ffe313808d8d366408b%7C9315bb44634846c6bd378880b87e774e%7C0%7C0
> %7C637491783412563364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQ
> IjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6%2FegXnFS
> %2FyoGG5IfIqY%2FY30F%2BdugRRoW%2B9cHiqkNBoc%3D&reserved=0
>

____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.firegiant.com%2F&data=04%7C01%7Cbryand%40recastsoftware.com%7Cc6720ce2890441a812d808d8d37cef17%7C9315bb44634846c6bd378880b87e774e%7C0%7C0%7C637491880845214974%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2BCGohJr1RThcSp1fl2X4X4hibmrl5r0C779WvEPKuuM%3D&reserved=0

More information about the wix-users mailing list