Handle case where applocker test script fails to delete#8627
Merged
TravisEz13 merged 2 commits intoPowerShell:masterfrom Jan 16, 2019
Merged
Handle case where applocker test script fails to delete#8627TravisEz13 merged 2 commits intoPowerShell:masterfrom
TravisEz13 merged 2 commits intoPowerShell:masterfrom
Conversation
PaulHigin
approved these changes
Jan 11, 2019
anmenaga
reviewed
Jan 11, 2019
Collaborator
|
If we can not delete the file is it secure to leave it on file system? |
Member
Author
|
@iSazonov yes, the test script is harmless and doesn't expose anything, it just validates whether scripts can be run or not. It is not ideal to leave the file in the temp folder, but worse is to prevent PowerShell from starting simply because something else decided to lock that file. |
Member
Author
|
@PaulHigin can you take another look? Made some changes based on feedback |
iSazonov
approved these changes
Jan 15, 2019
PaulHigin
approved these changes
Jan 15, 2019
Collaborator
|
@TravisEz13 Please merge the PR. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Summary
One reported case where during applocker policy check, the test script that is created cannot be deleted because something else (malware scanner?) has a lock on the file. This results in an exception being thrown in finally block which ultimately causes PowerShell to crash due to the unhandled exception. Fix is to wrap the deletion in the finally block with try..catch and ignore any exceptions and leave the temp file.
TFS:20156282
PR Checklist
.h,.cpp,.cs,.ps1and.psm1files have the correct copyright headerWIP:to the beginning of the title and remove the prefix when the PR is ready.[feature]if the change is significant or affects feature tests