Summary: | Unable to launch uninstaller: insufficient permissions to access Uninstall.exe | ||
---|---|---|---|
Product: | Tomcat 9 | Reporter: | Konstantin Kolinko <knst.kolinko> |
Component: | Packaging | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | regression | ||
Priority: | P2 | ||
Version: | 9.0.26 | ||
Target Milestone: | ----- | ||
Hardware: | PC | ||
OS: | All |
Description
Konstantin Kolinko
2019-09-21 15:29:40 UTC
This looks like a result of the permissions changes made for bug 55969. This side-effect was discussed in that bug although no mitigation was put in place. I'm reluctant to make the whole installation readable to the current user but I do think there is an argument for making "Uninstall.exe" and "tomcat.ico" readable to all users / the current user depending on the option chosen for "Create shortcuts for all users" Having worked on this a bit I think there is a simpler option. Make the icon file readable and the uninstaller readable/executable for all authenticated users. Being able to execute the uninstaller isn't a privilege escalation as a) it will request admin privs and b) you still need privs to remove the service and/or installed files. This approach is much simpler to implement (it doesn't need to determine current user or vary depending on the option chosen for "Create shortcuts for all users". I should be in a position to commit a fix along these lines shortly. Fixed in: - master for 9.0.27 onwards - 8.5.x for 8.5.47 onwards - 7.0.x for 7.0.97 onwards |