This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Pass a password as parameter to setup / How to hide from log file?
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Dec 04, 2018
04:44 AM
Pass a password as parameter to setup / How to hide from log file?
Hi!
I have a Basic MSI setup that can take a user and a password for one of it's services as a parameter (silent installation)
This seems to work fine. If the parameters are set, then the corresponding variables are updated with the given values and the Windows Service will use the credentials to run the service in a user context.
However, we noticed that the Command Line parameters that are given to the setup are logged in plain text to the log file of the setup. this means the password can be read in the log file!!!
I have two questions regarding this issue:
1. There a way to tell the MSI setup to not log the value of a specific parameter / variable?
2. Is there a way to somehow decrypt a given password-parameter within the MSI setup if it was somehow given encrypted?
Maybe there is another way to solve this problem?
Please help!
Regards
Ralf
I have a Basic MSI setup that can take a user and a password for one of it's services as a parameter (silent installation)
This seems to work fine. If the parameters are set, then the corresponding variables are updated with the given values and the Windows Service will use the credentials to run the service in a user context.
However, we noticed that the Command Line parameters that are given to the setup are logged in plain text to the log file of the setup. this means the password can be read in the log file!!!
I have two questions regarding this issue:
1. There a way to tell the MSI setup to not log the value of a specific parameter / variable?
2. Is there a way to somehow decrypt a given password-parameter within the MSI setup if it was somehow given encrypted?
Maybe there is another way to solve this problem?
Please help!
Regards
Ralf
(2) Replies
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Dec 05, 2018
01:47 AM
Nobody is answering, so I'm under the impression there is no nice way to handle this. However, a colleague of mine had a nice idea for a hack, which I am going to use now.
The programm that calls the setup silently and also provides the parameters is aware of the log file's path. I will modify the calling programm to remove the password from the log file as soon as the setup has finished. Not nice, but not bad either...
The programm that calls the setup silently and also provides the parameters is aware of the log file's path. I will modify the calling programm to remove the password from the log file as soon as the setup has finished. Not nice, but not bad either...
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Dec 06, 2018
11:58 AM
https://docs.microsoft.com/en-us/windows/desktop/msi/msihiddenproperties
If you know the property name that will contain values that should be hidden in the log file then set the property to be hidden. You can find MsiHiddenProperties in the direct editor. Just append your property name to this list.