I have made one installer using InstallShield. I have written some Custom Actions in that.
While installing this installer, the logs (execution steps) of those CustomActions gets printed in log file. But I want to prevent to log some CustomActions's data (execution steps) into log file. I don't want to let user know what exactly the Custom Action is doing for security purpose.
我使用InstallShield制作了一个安装程序。我已经写了一些自定义操作。安装此安装程序时,这些CustomActions的日志(执行步骤)将打印在日志文件中。但我想阻止将一些CustomActions的数据(执行步骤)记录到日志文件中。我不想让用户知道Custom Action出于安全目的究竟做了什么。
So how I can prevent some CustmAction to log their execution steps into log files ? I want to prevent whole CustomAction's logs.
Or can we pause a logging for some duration time while installation in InstallShield ?
那么如何防止一些CustmAction将其执行步骤记录到日志文件中呢?我想阻止整个CustomAction的日志。或者我们可以在InstallShield中安装时暂停一段时间的日志记录吗?
1 个解决方案
#1
1
That would make an interesting feature request! Perhaps InstallShield could be taught to respect the value of a (theoretical) ISSuppressLogging
property that is non-empty at the time of an immediate action, or when a deferred action is scheduled. But that's not available now, and would require code-based changes to InstallShield's custom actions.
那将是一个有趣的功能请求!也许InstallShield可以被教导尊重(理论上)ISSuppressLogging属性的值,该属性在立即操作时或者在安排延迟操作时是非空的。但是现在不可用,并且需要对InstallShield的自定义操作进行基于代码的更改。
Back to the present. InstallShield does not offer any option to suppress its logging statements, at least beyond a few scenarios that it explicitly attempts to support, so you are left with the following options that probably don't cover your needs:
回到现在。 InstallShield没有提供任何选项来抑制其日志记录语句,至少在它明确尝试支持的几种情况下,因此您可能会留下以下可能无法满足您需求的选项:
-
Use
MsiHiddenProperties
to explicitly prevent the logging of specific property's values. Note that several actions will format strings, and in doing so lose track of what properties comprise the resulting value, so do not respectMsiHiddenProperties
.使用MsiHiddenProperties显式阻止记录特定属性的值。请注意,有几个操作会格式化字符串,并且这样做会忘记生成值的属性,因此不要忽视MsiHiddenProperties。
-
Use the custom action type flag 0x2000 / 8192 Custom Action Hidden Target Option to prevent logging the value of a deferred action's
CustomActionData
property, for example. Again this does not propagate to any further logging based on values the custom action extracts from this property. Note that you must add (technically bitwise OR) the value 8192 to the existing value in the Type column of the CustomAction table; the other bits of that value contain important information as well, such as its base type and its execution options.例如,使用自定义操作类型标志0x2000 / 8192自定义操作隐藏目标选项来防止记录延迟操作的CustomActionData属性的值。同样,这不会根据自定义操作从此属性中提取的值传播到任何进一步的日志记录。请注意,必须将值8192(技术上按位OR)添加到CustomAction表的Type列中的现有值;该值的其他位也包含重要信息,例如其基类型和执行选项。
(See the linked Preventing Confidential Information from Being Written into the Log File for some more suggestions along this line, none of which will help here.)
(请参阅链接的防止保密信息被写入日志文件以获取更多有关此行的建议,这些建议在此处都没有帮助。)
-
Run the custom action from a ControlEvent. This one is a little wild, and definitely impractical for most uses, as you probably desire to hide logging detail from items that modify the system and need to run with elevated privileges. But if that's not the case, a quirk in the DoAction control event happens to prevent all log messages from making it to the log.
从ControlEvent运行自定义操作。这个有点疯狂,对于大多数用途来说绝对不切实际,因为您可能希望隐藏修改系统的项目的日志记录详细信息,并且需要使用提升的权限运行。但如果情况并非如此,DoAction控件事件中的一个怪癖就会阻止所有日志消息进入日志。
As a general comment, I often see this request with regards to custom actions that store strings in plain text in another file. In those cases I'm very unclear why the log file's copy of the string must be obscured. If the data is particularly sensitive, it may be better to somehow encrypt its value, and store only the encrypted value. Then, perhaps with help from MsiHiddenProperties
and the hidden target flag as described in the bullets, the log would contain only the encrypted value.
作为一般性评论,我经常看到关于将字符串以纯文本形式存储在另一个文件中的自定义操作的请求。在那些情况下,我很清楚为什么必须隐藏日志文件的字符串副本。如果数据特别敏感,以某种方式加密其值并仅存储加密值可能更好。然后,也许在MsiHiddenProperties的帮助和子弹中描述的隐藏目标标志的情况下,日志将仅包含加密值。
#1
1
That would make an interesting feature request! Perhaps InstallShield could be taught to respect the value of a (theoretical) ISSuppressLogging
property that is non-empty at the time of an immediate action, or when a deferred action is scheduled. But that's not available now, and would require code-based changes to InstallShield's custom actions.
那将是一个有趣的功能请求!也许InstallShield可以被教导尊重(理论上)ISSuppressLogging属性的值,该属性在立即操作时或者在安排延迟操作时是非空的。但是现在不可用,并且需要对InstallShield的自定义操作进行基于代码的更改。
Back to the present. InstallShield does not offer any option to suppress its logging statements, at least beyond a few scenarios that it explicitly attempts to support, so you are left with the following options that probably don't cover your needs:
回到现在。 InstallShield没有提供任何选项来抑制其日志记录语句,至少在它明确尝试支持的几种情况下,因此您可能会留下以下可能无法满足您需求的选项:
-
Use
MsiHiddenProperties
to explicitly prevent the logging of specific property's values. Note that several actions will format strings, and in doing so lose track of what properties comprise the resulting value, so do not respectMsiHiddenProperties
.使用MsiHiddenProperties显式阻止记录特定属性的值。请注意,有几个操作会格式化字符串,并且这样做会忘记生成值的属性,因此不要忽视MsiHiddenProperties。
-
Use the custom action type flag 0x2000 / 8192 Custom Action Hidden Target Option to prevent logging the value of a deferred action's
CustomActionData
property, for example. Again this does not propagate to any further logging based on values the custom action extracts from this property. Note that you must add (technically bitwise OR) the value 8192 to the existing value in the Type column of the CustomAction table; the other bits of that value contain important information as well, such as its base type and its execution options.例如,使用自定义操作类型标志0x2000 / 8192自定义操作隐藏目标选项来防止记录延迟操作的CustomActionData属性的值。同样,这不会根据自定义操作从此属性中提取的值传播到任何进一步的日志记录。请注意,必须将值8192(技术上按位OR)添加到CustomAction表的Type列中的现有值;该值的其他位也包含重要信息,例如其基类型和执行选项。
(See the linked Preventing Confidential Information from Being Written into the Log File for some more suggestions along this line, none of which will help here.)
(请参阅链接的防止保密信息被写入日志文件以获取更多有关此行的建议,这些建议在此处都没有帮助。)
-
Run the custom action from a ControlEvent. This one is a little wild, and definitely impractical for most uses, as you probably desire to hide logging detail from items that modify the system and need to run with elevated privileges. But if that's not the case, a quirk in the DoAction control event happens to prevent all log messages from making it to the log.
从ControlEvent运行自定义操作。这个有点疯狂,对于大多数用途来说绝对不切实际,因为您可能希望隐藏修改系统的项目的日志记录详细信息,并且需要使用提升的权限运行。但如果情况并非如此,DoAction控件事件中的一个怪癖就会阻止所有日志消息进入日志。
As a general comment, I often see this request with regards to custom actions that store strings in plain text in another file. In those cases I'm very unclear why the log file's copy of the string must be obscured. If the data is particularly sensitive, it may be better to somehow encrypt its value, and store only the encrypted value. Then, perhaps with help from MsiHiddenProperties
and the hidden target flag as described in the bullets, the log would contain only the encrypted value.
作为一般性评论,我经常看到关于将字符串以纯文本形式存储在另一个文件中的自定义操作的请求。在那些情况下,我很清楚为什么必须隐藏日志文件的字符串副本。如果数据特别敏感,以某种方式加密其值并仅存储加密值可能更好。然后,也许在MsiHiddenProperties的帮助和子弹中描述的隐藏目标标志的情况下,日志将仅包含加密值。