Skip to content

Configuration processor auditing improvements#6193

Open
JohnMcPMS wants to merge 9 commits intomicrosoft:masterfrom
JohnMcPMS:config-proc
Open

Configuration processor auditing improvements#6193
JohnMcPMS wants to merge 9 commits intomicrosoft:masterfrom
JohnMcPMS:config-proc

Conversation

@JohnMcPMS
Copy link
Copy Markdown
Member

@JohnMcPMS JohnMcPMS commented May 1, 2026
edited
Loading

Change

When a processor path is provided, inform the user about that fact in the output. Ensure that the server agrees on the hash of the processor that is provided in its CLI arguments.

When the target processor is an app execution alias, the hash is of the contents of the reparse point data. Otherwise, it is a hash of the contents of the file itself.

Custom processor path:
  Path: C:\Program Files\WindowsApps\Microsoft.DesiredStateConfiguration_3.2.0.0_x64__8wekyb3d8bbwe\dsc.exe
  Hash: 6ee88bd4c93c4a94539a0af0667ace8ffba48f5b8732930e1421721621ca19de
  Signed By: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Validation

Tests are added for the scenario and individual operations.

Microsoft Reviewers: Open in CodeFlow

@JohnMcPMS JohnMcPMS requested a review from a team as a code owner May 1, 2026 20:01
florelis
florelis previously approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@florelis florelis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not familiar with the configuration code, so my review of that part was superficial and it may be wise to get somebody else to look at it.

Comment thread src/AppInstallerCLIPackage/Shared/Strings/en-us/winget.resw
Comment thread src/AppInstallerCLIPackage/Shared/Strings/en-us/winget.resw Outdated
Comment thread src/AppInstallerCLIPackage/Shared/Strings/en-us/winget.resw Outdated
Comment thread src/AppInstallerCLIPackage/Shared/Strings/en-us/winget.resw
Comment thread src/AppInstallerCLI.sln
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "doc", "doc", "{3FF6C881-2548-486E-8D70-7555A90030F5}"
ProjectSection(SolutionItems) = preProject
..\doc\windows\package-manager\winget\returnCodes.md = ..\doc\windows\package-manager\winget\returnCodes.md
..\doc\Settings.md = ..\doc\Settings.md
Copy link
Copy Markdown
Member

@florelis florelis May 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we move all the .mds here?

Comment thread src/AppInstallerSharedLib/Certificates.cpp Outdated
Comment thread src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp
Comment on lines +195 to +196
result.IsAlias = true;
result.HashString = Utility::SHA256::ConvertToString(
Copy link
Copy Markdown
Member

@florelis florelis May 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we extract the signer/publisher from the package that owns the alias?

Copy link
Copy Markdown
Member Author

@JohnMcPMS JohnMcPMS May 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't know that with OS APIs. We could infer things about the path and likely find the family name, then the full name, then extract the signing information. But all of that is a guess, and a bad actor could easily replace the alias contents while we claimed signature information from the other package.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@florelis florelis florelis left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JohnMcPMS @florelis