Old 22nd February 2016, 16:49   #1
ner0p
Junior Member
 
Join Date: Feb 2016
Posts: 3
Exclamation DeleteRegKey/ExecutionLevel bug

I think I've stumbled upon on a bug in NSIS which makes it impossible to delete registry keys without admin rights.
Specific keys that were created with user level and under the user's registry tree.

Here's an example:

code:
;some code
RequestExecutionLevel user
Section "install"
WriteUninstaller "$INSTDIR\Uninstall.exe"
WriteRegStr HKCU "Software\Microsoft\Windows\CurrentVersion\Uninstall\MyTestName" "DisplayName" "MyTestName"
WriteRegStr HKCU "Software\Microsoft\Windows\CurrentVersion\Uninstall\MyTestName" "UninstallString" "$INSTDIR\Uninstall.exe"
WriteRegStr HKCU "Software\Microsoft\Windows\CurrentVersion\Uninstall\MyTestName" "InstallString" "$INSTDIR"
SectionEnd

Section "uninstall"
Delete "$INSTDIR\Uninstall.exe"
RMDir /R "$INSTDIR\"
DeleteRegKey HKCU "Software\Microsoft\Windows\CurrentVersion\Uninstall\MyTestName"
SectionEnd



The result here is that, although everything has user read/write permissions, from the registry key to the InstallDir, the uninstall process cannot remove the registry key despite the setup having created it in the same way and without additional permissions.

The only way for this to work is if I set the RequestExecutionLevel higher than user (either highest or admin). Does anyone have a clue why RequestExecutionLevel must be higher than user level? Doesn't seem to make any sense, but... anyone?

Thanks!

PS: Currently testing this under Windows 7 and latest NSIS to date.

Last edited by Anders; 22nd February 2016 at 19:32. Reason: Sane font size
ner0p is offline   Reply With Quote
Old 22nd February 2016, 19:31   #2
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,524
This sounds very unlikely, NSIS does not change the ACL on keys when you create them.

Have you tried it on a fresh key to make sure there are no leftovers from other things? Have you tried deleting the key in the installer after writing? What does Process Monitor say?

If this is a 64-bit system, make sure you are looking at the correct key (Regedit vs NSIS SetRegView)

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 22nd February 2016, 20:58   #3
ner0p
Junior Member
 
Join Date: Feb 2016
Posts: 3
Yeah, I was also puzzled but turns out that the problem lies somewhere else.
This particular setup has to install to a folder that is under "AppData\LocalLow\" and this is where the problem starts.

So I did the test of deleting the registry key during the install, after it gets created. That works fine. I also tried using a different install folder like under "AppData\Local\", uninstall works as expected.

I get that I shouldn't be using LocalLow as a destination with user privileges and also it seems that on Windows 10 this gets even worse... when calling the uninstall executable I get the error: Error writing temporary file. Make sure your temp folder is valid.

Running as admin or running the executable outside of LocalLow works great.
Unfortunately for me I have no choice but to go this way since the setup is an add-on for an existing third-party software which uses that LocalLow sub-folder. I don't see a way around this and probably will have to use the highest execution level.
ner0p is offline   Reply With Quote
Old 22nd February 2016, 21:43   #4
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,524
IIRC the SACL on the LocalLow directory causes anything you run from there to have low integrity level and that would explain why you cannot delete the key because you would need medium integrity level to do that.

Can't you just put the uninstaller in it's own directory in $localappdata?

See also: https://msdn.microsoft.com/en-us/library/bb625960.aspx

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 22nd February 2016, 21:57   #5
ner0p
Junior Member
 
Join Date: Feb 2016
Posts: 3
Quote:
Originally Posted by Anders View Post
Can't you just put the uninstaller in it's own directory in $localappdata?
That had occurred to me but I completely forgot about the idea.
Thanks for mentioning that, I'll probably take that approach as it seems the best option and will keep the execution permissions at user level.

Thanks!
ner0p is offline   Reply With Quote
Old 22nd February 2016, 22:18   #6
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,524
Another solution would be to change/remove the SACL on your uninstaller .exe but I don't know if it is a good idea to do that to files in the Low directory.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Developer Center > NSIS Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump