[bug] avoid installing in custom paths

A vulnerability in QtIFW produces improper ACLs to be set when installing in custom locations. This can lead to privilege escalation if a non-privileged user overwrites the openvpn binary. Thanks to researchers at Tenable for finding and reporting this! Impact is considered low-medium, since an installation outside of the suggested path is needed to trigger the issue. Privileged execution of openvpn should be abandoned in next release, in favor of the interactive service. A bug upstream should be filed since other projects could be affected by this vulnerability too. -Resolves: #569
author: kali <kali@win> 2021-12-15 19:45:11 +0100
committer: kali kaneko (leap communications) <kali@leap.se> 2021-12-15 20:02:12 +0100
commit: e694a038c7edc146b63557425b307833b11aea57 (patch)
tree: 4cef985ee8e19c040c5eedc0daf4a302a2e49bfa /branding/templates
parent: 7ab7b8cd822dc0e4548f9cf6795567f2eeef44e1 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
index b97d0a7..aa3da1f 100644
--- a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
+++ b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js
@@ -29,6 +29,7 @@ function Component() {
 
     console.log("OS: " + systemInfo.productType);
     console.log("Kernel: " + systemInfo.kernelType + "/" + systemInfo.kernelVersion);
+    installer.setDefaultPageVisible(QInstaller.TargetDirectory, false);
 
     var validOs = false;
author	kali <kali@win>	2021-12-15 19:45:11 +0100
committer	kali kaneko (leap communications) <kali@leap.se>	2021-12-15 20:02:12 +0100
commit	e694a038c7edc146b63557425b307833b11aea57 (patch)
tree	4cef985ee8e19c040c5eedc0daf4a302a2e49bfa /branding/templates
parent	7ab7b8cd822dc0e4548f9cf6795567f2eeef44e1 (diff)