View Issue Details

IDProjectCategoryView StatusLast Update
0003702MediaMonkey (current)Framework: Scripts/Extensionspublic2010-10-09 00:36
Reporterjiri 
PriorityurgentSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version3.0 
Target VersionFixed in Version4.0 
Summary0003702: Extensions: Cleanup/Support for non-Admin installation of plugins
DescriptionOne of our users (and also a script author) reports that he can't install Extensions at all, it seems to fail in every case - but without any meaningful error message.

Extensions source should be improved, so that some probablems are reported and so user does know what's going on.

This is an issue for Vista and Windows 7
Additional Informationhttp://www.mediamonkey.com/support/staff/index.php?_m=tickets&_a=viewticket&ticketid=2673
http://www.mediamonkey.com/forum/viewtopic.php?f=6&t=37531
http://www.mediamonkey.com/forum/viewtopic.php?f=6&t=36082
TagsNo tags attached.
Fixed in build1300

Relationships

related to 0004912 closedLudek Non-Admin users can't install scripts 
parent of 0005072 closedLudek Pre-test for Admin (warning for add-ons installation) 
related to 0005534 closedpeke Installation of extensions fails in some cases even if MM is running as Admin 

Activities

jiri

2007-10-02 14:14

administrator   ~0011111

To further clarify: The error the user always gets is: 'Product installation error.'

user9

2007-10-06 10:04

  ~0011203

Fixed in build 1085.

user9

2007-10-08 07:29

  ~0011209

Fixed in build 1085.

jiri

2007-10-08 21:47

administrator   ~0011228

Last edited: 2007-10-08 21:48

The user clarified that the problem is when he tries to run MM without Administrative rights - it probably can't write to {Program files} folder then. In order to fix this, we have to add support for Vista 'elevation' feature, so that user can give MM chance to do necessary stuff. This is non-trivial though...

A good description of the problem is here: http://channel9.msdn.com/Showpost.aspx?postid=209647

rusty

2007-11-14 21:02

administrator   ~0012034

Last edited: 2007-11-14 21:06

Per discussion--we'll defer this to 3.01 to:

1) improve the error message (if necessary)
2) fix the issue

peke

2008-10-27 00:48

developer   ~0014831

As each MMIP while installing needs to have access to "c:\Documents and Settings\All Users\Application Data\MediaMonkey\"(Win XP) and "c:\Users\All Users\MediaMonkey\" (Vista).

Under Vista that folder is considered System folder and it is locked by UAC.
For more info See http://lists.runrev.com/pipermail/use-revolution/2007-February/094217.html

I wonder If Complete Switch to User Installation Would Solve all issues:
- Using CSIDL_APPDATA (for all native scripts that come with MM installation and User Installed Skins including MM.DB and MediaMonkey.ini due to portability)
- Using CSIDL_LOCAL_APPDATA (for extensions.ini and all Installed Scripts)

MSDN Reference http://msdn.microsoft.com/en-us/library/ms995853.aspx

I'm suggesting that this kind of Approach should Increase MediaMonkey Security and safety apron to Malware Applications, trojans, spywares, ...

peke

2008-10-27 00:53

developer   ~0014832

Reminder sent to: jiri, Ludek, petr, rusty

That issue raised another security issue I have been talked with Petr on IM. MM currently is not safest Application and can be exploited very very easily thrum scripting.

rusty

2009-04-03 17:59

administrator   ~0017318

This is a very common complaint in the forums. Anything we can do for 3.1?

jiri

2009-04-05 14:52

administrator   ~0017391

I don't see anything we could do easily about this issue, for 4.0 we should completely redesign installation of scripts.

peke

2009-04-06 09:39

developer   ~0017394

I agree with Jiri, there are lots of holes that needs to be corrected.

peke

2009-04-23 23:15

developer   ~0017568

For now things that we need to look after:
- Using Non Limited folder but not so easy accessible (like Registering only MM class to access the folder similar to Windows XP/Vista/7 "System Volume Information" system folder where Windows Restore points are saved where admins need to manually change access right and add themselves to allowed list).
- Authentication of registered/signed plugins (similar how firefox handles it)
- Better Update/Compatibility Checking
- Secure access warning/limitations

Ludek

2009-08-24 13:44

developer   ~0018679

Resolved in build 1300.

Resolved by resolving issue 0004912 where we added ability to install scripts to the current user's folders only.

peke

2010-10-09 00:36

developer   ~0020689

Verified 1314