From e694a038c7edc146b63557425b307833b11aea57 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 15 Dec 2021 19:45:11 +0100 Subject: [bug] avoid installing in custom paths A vulnerability in QtIFW produces improper ACLs to be set when installing in custom locations. This can lead to privilege escalation if a non-privileged user overwrites the openvpn binary. Thanks to researchers at Tenable for finding and reporting this! Impact is considered low-medium, since an installation outside of the suggested path is needed to trigger the issue. Privileged execution of openvpn should be abandoned in next release, in favor of the interactive service. A bug upstream should be filed since other projects could be affected by this vulnerability too. -Resolves: #569 --- branding/scripts/gen-qtinstaller | 2 +- branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'branding') diff --git a/branding/scripts/gen-qtinstaller b/branding/scripts/gen-qtinstaller index 5b4d103..eb11d3b 100755 --- a/branding/scripts/gen-qtinstaller +++ b/branding/scripts/gen-qtinstaller @@ -27,7 +27,7 @@ OS_CONFIG = { """, 'windows': """ - @ApplicationsDir@/$APPNAME + c:/Program Files (x86)/$APPNAME $APPNAME @TargetDir@/$BINNAME.exe diff --git a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js index b97d0a7..aa3da1f 100644 --- a/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js +++ b/branding/templates/qtinstaller/packages/bitmaskvpn/meta/install.js @@ -29,6 +29,7 @@ function Component() { console.log("OS: " + systemInfo.productType); console.log("Kernel: " + systemInfo.kernelType + "/" + systemInfo.kernelVersion); + installer.setDefaultPageVisible(QInstaller.TargetDirectory, false); var validOs = false; -- cgit v1.2.3