From e694a038c7edc146b63557425b307833b11aea57 Mon Sep 17 00:00:00 2001
From: kali <kali@win>
Date: Wed, 15 Dec 2021 19:45:11 +0100
Subject: [bug] avoid installing in custom paths

A vulnerability in QtIFW produces improper ACLs to be set when
installing in custom locations. This can lead to privilege escalation if
a non-privileged user overwrites the openvpn binary. Thanks to
researchers at Tenable for finding and reporting this!

Impact is considered low-medium, since an installation outside of the
suggested path is needed to trigger the issue.

Privileged execution of openvpn should be abandoned in next release, in
favor of the interactive service.

A bug upstream should be filed since other projects could be affected by
this vulnerability too.

-Resolves: #569
---
 branding/scripts/gen-qtinstaller | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'branding/scripts')

diff --git a/branding/scripts/gen-qtinstaller b/branding/scripts/gen-qtinstaller
index 5b4d103..eb11d3b 100755
--- a/branding/scripts/gen-qtinstaller
+++ b/branding/scripts/gen-qtinstaller
@@ -27,7 +27,7 @@ OS_CONFIG = {
 """,
     'windows': """
     <!-- windows -->
-    <TargetDir>@ApplicationsDir@/$APPNAME</TargetDir>
+    <TargetDir>c:/Program Files (x86)/$APPNAME</TargetDir>
     <StartMenuDir>$APPNAME</StartMenuDir>
 
     <RunProgram>@TargetDir@/$BINNAME.exe</RunProgram>
-- 
cgit v1.2.3