From 152f1a9c786d3a511b8f1fa3f66797a9264a8974 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Thu, 22 May 2025 09:31:13 +0200 Subject: [PATCH] installer: test any custom editor on a _writable_ file When choosing a custom editor, there is the convenient "Test Custom Editor" button. When clicking it, a file is written and the specified editor is invoked to edit that file. The file is then deleted. The contents of that file specifically encourage the user to make changes and write the file. Unfortunately, due to security concerns InnoSetup nowadays restricts the permissions of its temporary directory, which means that the file (which is written by the elevated installer process) is not writable by the (non-elevated) custom editor. Let's just write the file _next_ to that temporary directory, which is the user's TEMP directory and therefore writable. This fixes https://github.com/git-for-windows/git/issues/5618. Signed-off-by: Johannes Schindelin --- installer/install.iss | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/installer/install.iss b/installer/install.iss index 5da6b2f246..ae3b327216 100644 --- a/installer/install.iss +++ b/installer/install.iss @@ -1731,7 +1731,10 @@ begin Exit; end; - TmpFile:=ExpandConstant('{tmp}\editor-test.txt'); + // We are _not_ writing into the `{tmp}` directory, because it is private to the + // elevated process and cannot be written to by the non-elevated editor. + // Instead, we write _next_ to the `{tmp}` directory. + TmpFile:=ExpandConstant('{tmp}-editor-test.txt'); InputText:='Please modify this text, e.g. delete it, then save it and exit the editor.' SaveStringToFile(TmpFile,InputText,False); @@ -1744,17 +1747,20 @@ begin if not ShellExecAsOriginalUser('',CustomEditorPath,CustomEditorOptions+' "'+TmpFile+'"','',Show,ewWaitUntilTerminated,Res) then begin Wizardform.NextButton.Enabled:=False; SuppressibleMsgBox('Could not launch: "'+CustomEditorPath+'"',mbError,MB_OK,IDOK); + DeleteFile(TmpFile); // ignore errors, if any Exit; end; if (Res<>0) then begin Wizardform.NextButton.Enabled:=False; SuppressibleMsgBox('Exited with failure: "'+CustomEditorPath+'"',mbError,MB_OK,IDOK); + DeleteFile(TmpFile); // ignore errors, if any Exit; end; if not LoadStringFromFile(TmpFile,OutputText) then begin Wizardform.NextButton.Enabled:=False; SuppressibleMsgBox('Could not read "'+TmpFile+'"',mbError,MB_OK,IDOK); + DeleteFile(TmpFile); // ignore errors, if any Exit; end;