My question is not about how to run the scripts with double click!
I'm curious about the reason of such behavior.
The .bat, .cmd, .vbs, .exe, and many others runs with the double-click, but .ps1 not, why?
The reason to associate .ps1 with Notepad is about security.
Back in the days, Microsoft got burned really bad because of associations' default actions. Per default, Windows' file manager (later known as File Explorer) aimed at easy usage. It didn't show file extensions. That is, MyResume.doc was shown in the default Explorer list as simply MyResume - and it often had a Word icon too.
While this was convenient a way to save screen real estate, it offered a wonderful way to exploit systems. A lot of users simply double-clicked files based on their names and icons. Now, crackers started to send around files that had double extension like MyResume.doc.vbs. Explorer's default action was to strip the .vbs, which meant that the file actually was Visual Basic Scripting file. Since Windows associated .vbs to Windows Scripting Host, the script file was executed with user permissions. To prevent this attack vector, Powershell files are not associated with powershell.exe per default.
Famous cases of extension exploits are the love letter ILOVEYOU and promise of adult content about Anna Kournikova.
Another can of worms (sorry for the horrible pun) are Windows screen saver files. The .scr files are really just executables. A lot of users were fooled to install backdoors to systems, as they didn't understand risks of installing screensavers. This was further exploited by sending files that had extensions not matching the payload, and relying that OS still picked the proper application association.
Related
I store the MRU of logins to my application in a file called login.ini and I save it in widnows application folders.
I noticed that on some systems — I don't know why; I cannot find a common cause — the user cannot create the file, whereas it creates all other files in the same folder.
The only reason I can think of is that some antivirus/windows setting/... doesn't allow this particular user to create the file on this system.
I solved the problem by renaming the file and it seems ok, but I'd like to be sure. Does anyone know more?
Note for bounty:
This is a related question I asked that details a little more what I am doing.
A little Google-fu turns up that other Windows developers have sucessfully created login.ini for their programs, and others use it in a third-party Windows login management program, so I would expect that its "reservedness" is partially dependent on its location in the file system (i.e. in the system files). However, I don't think the name "login.ini" is a system-wide reserved name, no.
I think you're right - certain antivirus programs MAY be messing with the creation of that file, as it is a fairly likely candidate imho for a virus filename. It looks as if it may already have been used for that purpose somewhere (apparently outside of the US), tho don't quote me on that.
So, if a different name works for you, I'd go with that. :)
Anti-virus is a definite possibility for messing with your file. Stuff like that happened all the time to me when I was using Norton.
'login.ini' is not a system-wide reserved name, it would only mess things up with the OS if you had it in the (assuming your drive is C:) C:\WINDOWS or C:\WINDOWS\System32 directories.
If you just have the file in an application files directory (like C:\Program Files or C:\All Users\Application Settings and such) it shouldn't interfere with the system.
If you determine that anti-virus is a definite problem, you could change the name to something like loginData and maybe make up a new file extension if you want to (assuming you are just going to read the file from a program, where the extension doesn't matter. otherwise stick to a recognized file extension)
I was contemplating moving to a version control system at work, but the learning curve may be too much for the many copywriters that open simple html files and editt them on our shared development server. The main issue is that sometimes two people will work on the same file (on our development server) at once and overwrite each other.
Is there any extension to Windows explorer that will simply display a lock icon near a shared file that is already in use? For us, something like this maybe be simpler than teaching everyone to develop from their own working copies and use version control clients. I just want a visible warning to users that a file is already in use and should not be worked on. Thanks
There might not even be enough information on the fileserver itself to determine this. For example, if you open an HTML file in Notepad, the file is loaded from disk and then the file is closed. Notepad keeps a copy in memory without keeping the file open on disk. This means that the fileserver doesn't even know that somebody is busy editing the file.
Some text editors might keep the file open but this is probably the exception rather than the rule.
A version control system (Subversion with TortoiseSVN is easy for people to use) allows users to declare their intent without relying on the underlying technology opening files in just the right way. TortoiseSVN displays a "lock" icon beside files that are locked (you lock a file with a "Get Lock" menu option). Files without the lock are marked read-only to help the user know that they aren't ready to edit them yet.
I want that an exe file can't be copied or cut from the Windows file system to paste somewhere.
The exe is made in C#. which must have to be in only one PC.
I have worked with FileSystemWatcher, NSIS, Clipboard. but for all I need to detect whether that file is being copied.
I also have seen 'Prevent'(http www free-download-blog.com disable-cut-paste-copy-delete-rename-functions-using-prevent ), but I need to prevent only that particular exe from being copied or cut.
Any pointer or idea will help.
As others have suggested you won't be able to disable the copy/cut behaviour so easily.
An alternative would be to disable the execution of the copied versions. In your executable you could check many things like :
The path of the present executable is explicitly your_path
The name of the machine and user is the one you authorise
You could even prevent the file of being executed more than once using Windows register entries (if already 1 don't launch). It won't be perfect since any experimented user could tweak that out, assuming they are seeking for that. But depending on your users profile it might be sufficient.
If you need the exe to be executable, you need to permit loading it into memory.
As soon as you do, anyone can read it to memory using ReadFile and then write to an arbitrary location using WriteFile. No shell-detectable copying involved.
A good reading: Raymond's post and its comments on preventing copying.
Well, this is a hard problem. Even if you get explorer.exe to disable cut&paste, what prevents a user from using the command window? Or writing their own exe to do it? Booting up in linux and reading it?
Still, you have a few options (there will be more, most likely) which you could try:
Use the right permissions: Set the
permissions such that the users who
you don't want to cut&paste cannot
read the file.
Write a device driver which can hook
onto the filesystem calls and do that
for you.
Encrypt the file.
And some hacky options like:
Use the APPINIT_DLLS regkey to put your own dll to be loaded into each process ( I am not sure if this will work with console process though). Then on your dll load, do IAT hooking to replace the kernel32.dll file calls.
Replace kernel32.dll with your own version. Might have to do some messing around with the PE format etc.
There are no guarantees though. If for instance, you expect them to be able to execute it, but not copy it, you are probably stuck.
Any local admin will be able to undo anything you do to prevent copying. I can pretty much guarantee the program on that page you mention relies on a service or background process to prevent copy-and-paste, and therefore is easily circumventable. If your users are in a closed environment where none of them are admins and they have very limited rights to their PCs, then you have a chance.
if you could completly block explorer from copying or moving files, then all u need is a 3rd party software for copying files (but make sure it can filter file extensions) for example Copy Handler
Set up an ENVIRONMENT variable in your machine
In your code add a check
if (ENVIRONMENT Variable=='Same as defined')
//Execute code
else
//Suspend execution
To me its a no-brainer. The settings for my program go into the Windows Registry. After all, that's what it's for, isn't it?
But some programmers are still hesitant in using the Registry. They state that as it grows it slows down your computer. Or they state that it gets corrupted and causes your computer to malfunction.
So they write their own configuration files, or may use the INI files that Microsoft has depreciated since a few OS's ago.
From what I hear, the problems with the registry that occurred in early Windows OS's were mostly fixed as of Windows XP. It may be the plethora of companies that make Registry Cleaners that are keeping up the rumors that "registry bloat" and "orphaned entries" are still bad.
So I ask, is there any reason today not to use the Windows Registry to store my program configuration settings?
If the user does not allow registry access, you're screwed.
If the user reinstalls Windows and he wants to migrate his settings, it's much more complicated than with a simple file
Working with a config file means your app is portable
Much simpler for the user to change a setting manually
When you'll want to port your app to other OS, what are you gonna do with your registry settings ?
Windows Registry is bloated. Do you really want to contribute to this chaos?
For me, quickly installing, migrating and moving applications is a key point to productivity. I can't if I need to care of hundreds of possible registry keys. If there's a simple .ini or .cfg or .xml file somewhere in my user folder (or even the application directory if it is a portable app), migration is easy.
Often-heard argument pro registry: easy to write and read (assuming you're using plain WinAPI). Really? I consider the RegXXXfamily of functions pretty verbose ... too many function calls and typing work for storing just a few bits of information. So you always end up wrapping the registry away .. and now compare this effort with a simple text configuration file, maybe just key=value-like.
It depends, when you have small entries that need to read by multiple programs registry is ok, as database have locking issues, and config files are application based.
The problem happens when the user does not allow registry access, that are lots of software in the market that will show a pop up when anyone tries to modify registry and the user can cancel or allow the users. These programs are too common with the anti virus programs.
Putting your settings into the Registry means that if your user wants to move your program and its settings to another computer, he can't. Backup, ditto. Those settings are in a mysterious invisible place. I find this to be a hostile approach to one's users.
I've written numerous small-to-medium programs, and always used a .ini file. A tech-savy user can edit this file using an editor, he can check the settings in it, he can email it to a tech supporter, he can do a large variety of things that are significantly harder to do with registry entries.
And my programs don't contribute to slowing the computer down.
Personally speaking, I just don't like binary configuration of any type. I much prefer text file format which can be easily copied, edited, diffed & merged, and put under change control complete with history.
The last of these is the biggest reason not to use the registry - I can stick configuration files into SVN (or similar) with the full support given to text files, instead of having to treat it as a blob.
I don't really have much of an opinion for or against using the registry, but I'd like to note something... Many answers here indicate that registry access may be restricted for a certain user. I'd say the exact same thing goes for config files.
With registry you need to write to the "current user" to be fairly certain about having access (and should do so anyway, in many cases). Config files should be put in a user based area as well (e.g. AppData/Local) if you want "guaranteed" access without questions asked. As far as I know putting config files in "global" areas are as likely to yield access problems as the registry is.
I have some code that is reading a config file, but when I open the file in TextPad, I see different values than my application does. I checked it with Notepad. Notepad agrees with my application, TextPad shows something else.
This is on Vista x64 Business.
Any idea what could be causing this? I've looked in the Context Menu->Properties->Previous Versions details, but it says "There are no previous versions available".
Here's the steps to replicate (I can't make it happen reliably):
Installed .NET app in Program files.
That app reads the config file, but is falling over.
I manually edit that config file in Textpad.
The change doesn't take effect.
I open the config file in Notepad, and see something different.
Try making the change in Notepad and saving, and get this error message:
Notepad
Cannot create the C:\Program Files (x86)\Daniel Schaffer\WorkingOn for FogBugz\FogBugz > WorkingOn.exe.config file.
Make sure that the path and file name are correct.
I can't put the content here as it's XML and is being encoded by Superuser.com, but here's a link to a screencast: http://screencast.com/t/zhERl7mocp4.
Sounds like a case of you don't have administrator privs, when you installed your app. Sometimes when you install an app with no admin privs, it behave really strangely because of vista security model. I had a similar problem to this last year. It wasn't the exactly, but it was strange behaviour, until I figured out it was vista's security model. It elevates it into application/user security context, from what I know, as my brain froze when I was reading about it, as it was pure muck and virtually useless from what I can see.
Try opening Textpad (excellent app) with Run as Administrator, and then edit the config. See what happens. If it stays then same then its a prives problem. If that doesn't work, deinstall you app, and then install it as an administrator. That will give the app the write admin privs to work. Then when you edit the config. See if that works.
Take a look at this. You can elevate an app to run as administrator, Using the techniques found here. How to elevate an application.. Try all these before you do a reinstall.
If that doesn't work, post your question to server fault. Also post it to a suitable MSDN forum.
Hope that help.
Bob.
This is interesting. My guess is that a Vista Feature called UAC Virtualization (aka Data Redirection) is at work here. It basically redirects legacy applications to %USERPROFILE%\AppData\VirtualStore\Program Files\... so they can write files in the program's directory.
Maybe Textpad tries to open the file in read-write mode while both your application and Notepad use it read-only?
You can fire up Process Monitor to see the exact magic, and please let me know ;-)
Try just to strip that whitespace character from application name; my guess is something related to canonical path building
try to copy file to another path and reopen it. see if it changes the result.
One thing you can do is observe what exact file each of those methods ends up opening. To do this,
launch Process Monitor from the sysinternal suite.
look only for file operations (deselect registry operations on the right of the toolbar)
select only your own process (filter out all the processes that you don't care about, or just include your own process name in the filter list)
You can also simply use the search function for your file name, this might be the faster route.
Process monitor has helped me find so many issues it's amazing.