Updater reduces security of installed versions
Bug #1443652 reported by
James Ross
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Open Rails |
Fix Released
|
Medium
|
James Ross |
Bug Description
When updating an installed version of Open Rails, the installer creates the new files in a temporary directory in the root of the same drive. This directory, by default, is less secure than Program Files, which is where it moves the files. Moving files keeps their security descriptors, so although the directory Program Files\Open Rails is still protected, the individual files within are not.
This should be easy to fix by reverting to using the installation directory for the temporary files.
Changed in or: | |
importance: | Undecided → Medium |
Changed in or: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Not quite as simple as expected but fixed in X3006.