Unable to place Temporary Files on restricted folders

[azroldan]

I'm having a problem with temporary files on the MSI installer.

The scenario is that we've set Temporary Files to be extracted to the APPDIR folder, and we're expecting these files to be placed there when the installer runs.

tempfiles.png (10.79 KiB) Viewed 8407 times

The parameters dictate that the installer must run in admin mode.

installationoptions.png (5.16 KiB) Viewed 8407 times

The issue is:

When a regular user runs the MSI, a UAC prompt will show up to ask for an admin's permission.
After an admin accepts this, the temporary files don't get placed inside the APPDIR folder during installation.

In contrast, when an admin user runs the MSI, no UAC prompt shows up as expected, but it was still able to place the temporary files in the APPDIR folder.

Can you advise what we're doing wrong here?

I'm also looking for ways to work around this issue, such as making them non-temporary files and deleting them after the installation finishes. However, this brings an issue where the files don't get extracted again when the uninstaller runs.

Help is greatly appreciated.

[azroldan]

In contrast, when an admin user runs the MSI, no UAC prompt shows up as expected, but it was still able to place the temporary files in the APPDIR folder.

Further tests show that this is actually incorrect.
The temporary files are only placed inside the APPDIR folder when the msi is run with the following steps, regardless if the current user is admin or not:
1. Open CMD in admin mode
2. Execute msiexec /i <msi>

[Catalin]

Hello Roden and welcome to our forums,

Please note that the encountered behavior is the expected one and please allow me to explain why.

First of all, I'm gonna explain some terms so we can better understand why this is happening.

MSI - bunch of actions (both standard and custom) that run in a sequence (order)

normal files - files that you add in your project and that are added during the "Add resources" action group

Screenshot_60.png (144.68 KiB) Viewed 8296 times

temporary files - files that are extracted much earlier than normal files so they can be used by different custom actions in your project. These are also removed when the installation ends.

Temporary Files Operations in the Files and Folders Page

Temporary files are copied on the machine during the CostFinalize standard action, which is part of the "Paths Resolution" action group.

Now, temporary files are copied on the machine in the predefined folder location, the temporary folder.

In your case, you have changed this location to a location that does not exist - so what does the installer have to do? Well, it basically has to create it.

Since your installation type is set to per-machine, the "Application Folder" will be a in a per-machine location that requires admin rights (as opposed to the %temp% folder, which doesn't).

The MSI installation consists of two processes:

- the Wizard Dialogs Stage, where the dialogs are spawned

- the Install Execution Stage, where the actualy installation logic happens

Now, these two processes are connected by the "Install" button. When this button is pressed, the setup elevates (gains admin rights) and then goes into Install Execution Stage.

Now that all these are clear, let's discuss your scenarios:

When a regular user runs the MSI, a UAC prompt will show up to ask for an admin's permission.
After an admin accepts this, the temporary files don't get placed inside the APPDIR folder during installation.

Screenshot_61.png (25.71 KiB) Viewed 8296 times

As we can see in the attached screenshot, the setup will try to create the folders in a location that requires admin rights before actually having admin rights, because the elevation happens when the user presses the Install button (if not launched elevated from the start).

In contrast, when an admin user runs the MSI, no UAC prompt shows up as expected, but it was still able to place the temporary files in the APPDIR folder.

As you later mentioned, this is not quite true and this works basically the same as before - the only difference being you're not prompted for admin credentials, but the UAC still appears and you have to confirm.

Further tests show that this is actually incorrect.
The temporary files are only placed inside the APPDIR folder when the msi is run with the following steps, regardless if the current user is admin or not:
1. Open CMD in admin mode
2. Execute msiexec /i <msi>

This works because the MSI (including the Dialogs Stage process) will inherit admin rights from the CMD prompt and therefore will have the required rights to create the folder.

Hope the explanation helps!

Best regards,
Catalin

[azroldan]

Hi Catalin,

I understand now, thank you.

Is there a way to make the MSI ask for elevation before CostFinalize?

We need to place the temporary files in a restricted path to avoid a possible security issue while the installer runs, so it's not an option to place them somewhere else. I tried playing around with the configs and custom actions to meet our requirements but it doesn't seem to be possible.

[Catalin]

Hello,

Yes, you can do so by checking the "Run as administrator" option from the "Install Parameters" page.

However, please note that this will automatically turn your setup into an EXE, because a normal MSI does not have a "Run as administrator" option and the only way to elevate it before CostFinalize would be through launching it from an elevated command prompt.

Best regards,
Catalin

[azroldan]

Yes, you can do so by checking the "Run as administrator" option from the "Install Parameters" page.

We've actually done this too, but we ticked back the "MSI" option. We can't really make it an EXE installer because some deployment tools require an MSI file. Some users may want to install the MSI directly, and it would be good if they can do it seamlessly without having to run it in admin mode command prompt.

Is it possible to consider having an option of requiring elevation when working with temporary files and folders?

[Catalin]

Hello,

You can indeed tick back to MSI and still have the "Run as administrator" option.

However, please note that this goes against the MSI design and therefore has some drawbacks - e.g. with the digital signature where the company does not show in the UAC.

Best regards,
Catalin

[azroldan]

Hello,

You can indeed tick back to MSI and still have the "Run as administrator" option.

However, please note that this goes against the MSI design and therefore has some drawbacks - e.g. with the digital signature where the company does not show in the UAC.

Best regards,
Catalin

Can we also have an option so that it elevates the installer at the very beginning?

[Catalin]

Hello,

Can we also have an option so that it elevates the installer at the very beginning?

I'm afraid not, as MSI does not support such option - an MSI does not have the option to right click on it --> "Run as administrator". The only way to run it elevated is to run it from an elevated process (such as command line) so it can inherit the rights.

Best regards,
Catalin