New Plugins Home (where Notepad++ will load from)
-
@Meta-Chuh said:
currently we have to answer these scenarios again and again:
…
possible solutions:
grey out “Don’t use %APPDATA%” if the selected path matches %PROGRAMFILES% or %PROGRAMFILES(X86)%@donho
btw: thanks for your commit
(Make installer more coherent for the option doLocalConf.xml) 👍very much appreciated
-
This is a security nightmare!
All users are allowed to write new files (and so DLLs) to programdata, but only the creator-owner is allowed to change a file by default. So updates of a plugin can be installed by the user that installed the plugin or by an account that as administrator priviligues. And every user is allowed to install new plugins for all users. Is this really the intended behaviour or will the Notepad++ installer change the NTFS right so that only users with administrator priviligues are allowed to install plugins/updates?
-
And every user is allowed to install new plugins for all users.
not true, you need to have administrator rights to install plugins via plugins admin.
furthermore it was the wish of almost all it pro’s within this community to have a single plugin location for all users instead for each user manually, as they need it for a simple and quick deployment.
-
I have to second @ldlx . What he wants to point out is that every user can drop new e.g. DLL files in any subdirectory of %ProgramData%. Normal Windows users are only prohibited to delete, change or overwrite already existing files which have been created by another user.
Thus it is indeed a security hole. Me and other people already pointed that out in the past. But it seems to be more important to be able to provide a Windows Store app (the reason for the whole plugin relocation) than to follow common security guidelines.
I already wrote down my thoughts to UWP (Windows Store) apps in this comment. When this specification has been designed, the author(s) had obviously not in mind that there could be apps with a plugin interface like Notepad++. This kind of apps is not suitable for UWP because they have no other choice than to store executable code (the plugins) in some kind of user profile which are unsecure locations.
Maybe Microsoft will change the UWP app specification somewhere in the future and will forbid to store executable code in unsecure locations. Then all the hassle we are faced with currently will be for nothing.
-
@Meta-Chuh said:
And every user is allowed to install new plugins for all users.
not true, you need to have administrator rights to install plugins via plugins admin.
EVERY USER can store files to programdata. But only the creator-owner can change/save/delete files that he created.
furthermore it was the wish of almost all it pro’s within this community to have a single plugin location for all users instead for each user manually, as they need it for a simple and quick deployment.
There’s a good location where only administrator users can write - the folder where the program is stored in %programfiles% - only administrative users can write to that location.
-
@dinkumoil
if you remember, the original proposed locations were both at %LOCALAPPDATA% and switchable to an all user installation at %PROGRAMDATA% or %PROGRAMFILES%
but so many people (the ones who posted actively, not me) wanted it to be as it is now, simple and a single plugins folder for all users.now we have a situation where everyone originally wanted chocolate ice cream and now that it’s served they’d prefer vanilla.
do you have an idea what’s best to do now ?
-
@dinkumoil Windows Store Apps are provided on a per-user base - which are placed inside the user profile (afaik). It makes no sense to provide plugins on a per-machine base when the installation is on a per-user base.
@Meta-Chuh said:
@dinkumoil
if you remember, the original proposed locations were both at %LOCALAPPDATA% and switchable to an all user installation at %PROGRAMDATA% or %PROGRAMFILES%
but so many people (the ones who posted actively, not me) wanted it to be as it is now, simple and a single plugins folder for all users.now we have a situation where everyone originally wanted chocolate ice cream and now that it’s served they’d prefer vanilla.
do you have an idea what’s best to do now ?
keep it the same way as before:
- users can install there plugins in %appdata% (or %localappdata%, but I believe it is %appdata%) - when “allowAppDataPlugins.xml” is present in the program files folder
- all-users-plugins can be put in the program files-plugin folder.
imho: it doesn’t make sense to install programs on a per-user base (UWP-apps) and to provide plugins to all users on a per-machine base (in %programdata%).
-
This is not a question of vanilla and chocolate ice cream.
@donho was only willing to implement loading plugins from a specific user profile or from the AllUsers profile (the %ProgramData% directory). And the reason for the relocation of plugins is, that he wants to publish an UWP version of Notepad++, which requires in turn that the installation directory of that (future) app is immutable after its installation. That is what @donho said to that thing, I have to trust him because I don’t know anything about the details of UWP apps.
I was even not involved in the discussion about “store plugins in %LocalAppData% or in %ProgramData%”. My most important point was, that it would be a bad idea to put the plugin list into a specific user profile. That would mean that only the user who has installed Notepad++ would have a plugin list.
do you have an idea what’s best to do now ?
What I always said: Forget this UWP app thing and revert plugin storage location back to the installation directory. But this will never happen. The only thing I can do is to try to influence the further development in such a way that it results in a product that is first and foremost convenient for me as a user and plugin developer.
-
@ldlx said:
will the Notepad++ installer change the NTFS right so that only users with administrator priviligues are allowed to install plugins/updates?
Yes, you are right about it. The right to add files of this folder should be Admin only, and this feature will be in the next release.
-
@donho said:
The right to add files of this folder should be Admin only, and this feature will be in the next release.
So you will have to remove access rights inheritance from the directory
%ProgramData%\Notepad++\plugins
because the ability for normal users to write to this directory is inherited from the%ProgramData%
directory. Does NSIS provide a feature to change that?If you remove access rights inheritance via Windows Explorer’s Properties dialog, you can choose to remove all existing inherited acces rights or to convert them into explicit access rights for the folder in question.
If you choose the latter one, you have to delete unwanted access rights (the ones for owner/creator and normal users) after that. If you choose the first approach you have to carefully design and configure your own set of access rights for the directory.
In all cases you have to activate inheritance of the newly set acces rights to files and directories inside the directory in question.
-
We are a University and using NPP on many student computers. The users are not Administrators. They are using different plugins which we can not preinstall.
The problem is, that they are not able to install or update plugins with Plugin Manager.
They will be prompted by an UAC dialog, but there, they can not enter an administrator account because they don’t have such an account.The plugin installation has worked until NPP 7.5.9 for non admin users but now this is not possible anymore!
This means, we can not update NPP to newer versions anymore.
Is there a solution planned for this problem? -
Well, if the switch to the new plugin hosting model and Plugin Admin would be complete, I would say you can use portable versions of Notepad++ for your students. But unfortunately currently there is the limitation that there is no Plugin Admin in portable versions.
But there is still a possible solution, have a look at this posting and the following ones. But this implies some oddities you will recognize by yourself.
-
@dinkumoil said:
Well, if the switch to the new plugin hosting model and Plugin Admin would be complete, I would say you can use portable versions of Notepad++ for your students. But unfortunately currently there is the limitation that there is no Plugin Admin in portable versions.
But there is still a possible solution, have a look at this posting and the following ones. But this implies some oddities you will recognize by yourself.
Maybe it isn’t possible or managable that there’s a copy of Notepad++ in every user profile on a number of different computers. Maybe running executables in unsafe locations (everything except %programfiles% or %systemroot%) is forbidden.
-
Yes we prefer to install the application once on every computer by our sw managing tool (silent in the background). With this approach, we have always the same version installed on all computers and make updates of the application as needed e.g. if there are security updates available.
The users e.g. students should be able to install the plugins they need. This is unfortunately not possible anymore.
-
Only in case you aren’t aware of that - I’m not involved in development of Notepad++, I’m a volunteer that tries to help people coming to this forum.
In the following I will give you a workaround which takes some effort but it is a scriptable solution. @donho , the developer of Notepad++, decided to simplify the way plugins are loaded. The hybrid installation scenario you used in the past isn’t supported anymore. Nevertheless you are right to demand this feature.
You could create a directory for unpacking the portable version’s ZIP file, e.g.
C:\Apps\Notepad++
. Set ownership of this directory to the Administrators users group. Configure its ACL to prohibit write access by normal users. Add the files needed to get Plugin Admin. Remove access rights inheritance of the directoryC:\Apps\Notepad++\plugins
and configure access rights in a way that normal users can write to it and its subfolders.Updating Notepad++ means to unzip the latest version’s ZIP package to
C:\Apps\Notepad++
. It should be possible to automate that as well. -
Why would you mess with things that worked very well? Now I need to hunt for the new plugin location after every update, and things don’t really work still, like plugins won’t install or update, and I cannot find some plugins, like PyScript. My automation is broken, and I need to go back to before 7.6.
This was a bad idea to re-do this whole thing. -
@Evgenii-Puchkaryov
I agree absolutely! -
@donho said:
@ldlx said:
will the Notepad++ installer change the NTFS right so that only users with administrator priviligues are allowed to install plugins/updates?
Yes, you are right about it. The right to add files of this folder should be Admin only, and this feature will be in the next release.
@ldlx The right of
%PROGRAMDATA%\Notepad++\plugins\
has been modified by installer here:
https://notepad-plus-plus.org/temp/npp.7.6.1.Installer.exeCould you test it and confirm me it’s what you expected?
-
What if you are not allowed to copy to <NPP_INST_DIR>\plugins\ ? My company has removed local admin access from all Windows machines. I have tried all ideas for where to put XMLTools, but I am not able to get it loaded.
-
@donho said:
@donho said:
@ldlx said:
will the Notepad++ installer change the NTFS right so that only users with administrator priviligues are allowed to install plugins/updates?
Yes, you are right about it. The right to add files of this folder should be Admin only, and this feature will be in the next release.
@ldlx The right of
%PROGRAMDATA%\Notepad++\plugins\
has been modified by installer here:
https://notepad-plus-plus.org/temp/npp.7.6.1.Installer.exeCould you test it and confirm me it’s what you expected?
Just tried (Win10 1809x64)… didn’t work. Inheritance is still active.
I had to run
icacls “c:\ProgramData\Notepad++\plugins” /inheritance:d
to disable inheritance (with copying the ACL, /r to remove inherited ACLs)
-> running icacls as part of the installer should not be the favoured approach imho.Wouldn’t it be possible to store plugins in another folder inside %programfiles%, e. g. “%programfiles%\Notepad++ Plugins”, or “%commonprogramfiles%\Notepad++” ?