Re: [PR] MINIFICPP-2342 Do not overwrite config files during an upgrade [nifi-minifi-cpp]

Tue, 09 Dec 2025 02:13:58 -0800 


fgerlits commented on code in PR #2069:
URL: https://github.com/apache/nifi-minifi-cpp/pull/2069#discussion_r2601924467


##########
packaging/msi/WixWin.wsi.in:
##########
@@ -263,16 +262,16 @@ ${WIX_EXTRA_FEATURES}
 
     </UI>
 
-    <Property Id="AGENT_CLASS"  Value="Your Agent Class" />
-    <Property Id="AGENT_IDENTIFIER"  />
-    <Property Id="AGENT_HEARTBEAT"  Value="30 sec" />
-    <Property Id="SERVER_PATH_BASE"  Value="http://localhost:8181/api"; />
-    <Property Id="SERVER_HEARTBEAT"  Value="/c2-protocol/heartbeat" />
-    <Property Id="SERVER_ACK"  Value="/c2-protocol/acknowledge" />
-    <Property Id="ENABLEC2" />
-    <Property Id="AUTOSTART" Value="1" />
-    <Property Id="SERVICEACCOUNT" Value="LocalSystem" />
-    <Property Id="SERVICEACCOUNTPASSWORD" />
+    <Property Id="AGENT_CLASS" Secure="yes" Value="Your Agent Class" />
+    <Property Id="AGENT_IDENTIFIER" Secure="yes" />
+    <Property Id="AGENT_HEARTBEAT" Secure="yes" Value="30 sec" />
+    <Property Id="SERVER_PATH_BASE" Secure="yes" 
Value="http://localhost:8181/api"; />
+    <Property Id="SERVER_HEARTBEAT" Secure="yes" 
Value="/c2-protocol/heartbeat" />
+    <Property Id="SERVER_ACK" Secure="yes" Value="/c2-protocol/acknowledge" />
+    <Property Id="ENABLEC2" Secure="yes" />
+    <Property Id="AUTOSTART" Secure="yes" Value="1" />
+    <Property Id="SERVICEACCOUNT" Secure="yes" Value="LocalSystem" />
+    <Property Id="SERVICEACCOUNTPASSWORD" Secure="yes" />

Review Comment:
   The idea is that (in some cases?) when the installer executes, the dialogs 
are running as the (non-privileged) user, but later the installation of files 
etc are running as Administrator. By default, the data entered by the user on 
the non-privileged side is not visible to the other, Administrator side, for 
security reasons. Only variables marked "Secure" are allowed to cross this 
boundary.
   
   
https://stackoverflow.com/questions/31115759/what-does-it-means-that-a-msi-property-can-be-passed-to-the-server-side-when-do
   
   The MSI generator looks for a `SecureCustomProperties` (I think 
semicolon-separated) list which contains these "Secure" properties. The 
`Secure="yes"` attribute is syntactic sugar provided by the WiX toolset; it 
generates the `SecureCustomProperties` list.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to