Comments (14)
This is set here:
CKAN/Core/AutoUpdate/CkanUpdate.cs
Lines 21 to 22 in d1387c3
from ckan.
FYI, I just tried setting up such an exclusion, and I'm not sure it actually works the way hoped for here:
- Start → Settings
- Update & Security
- Windows Security
- Virus & threat protection
- Virus & thread protection settings → Manage settings
- Add an exclusion
- Since no download is in progress, I entered:
%TEMP%\ckan.exe
for testing
It looks like it only works for specific files that actually exist, not just a list of paths, which means you would have to navigate through these steps while CKAN was in the middle of downloading an auto-update, since as soon as it's done it will be moved to replace the running ckan.exe (if it isn't deleted by Defender). At my current typical network speeds this would give me about 0.2 seconds to react. I haven't tested that, but if such a file changes, I suspect it would no longer be considered the same file, and the exclusion would no longer apply.
And notably, there is no support for globs, which could be needed if we have to download to %TEMP%\ckan-<UUID>.exe
to handle collisions.
from ckan.
Can't you just enter ckan.exe
as the exclusion?
Ah, yeah, try doing "process" and entering ckan.exe:
from ckan.
Can't you just enter
ckan.exe
as the exclusion?
Not successfully. "Add an exclusion" drops down this dropdown:
Clicking "File" brings up a File Open popup, not an "enter a string" popup.
It says this:
Ah, yeah, try doing "process" and entering ckan.exe:
But that would only work for a process, right? The message shown in the OP here is just for a file that has not even been run yet (C:\Users\Jon\AppData\Local\Temp\449e655d-f7ad-4de7-a352-85d26e33c81f.exe
), so it's not a process.
from ckan.
Ah right...hmm... docs are here: https://support.microsoft.com/en-us/topic/how-to-add-a-file-type-or-process-exclusion-to-windows-security-e524cbc2-3975-63c2-f9d1-7c2eb5331e53
The new exe is created by the old ckan.exe process right? Oh! It's not!
from ckan.
- Old exe downloads new ckan.exe and the updater exe to temp folder
- Old exe runs the updater and passes it the path to the old and new ckan.exe
- Old exe closes
- Updater replaces ckan.exe with the new file
- Updater runs the new ckan.exe and closes
I am guessing that the Defender message in the OP happens in step 1 (since that corresponds to when Defender auto-deleted the download for me when I tried it with a browser). Please add more details if there's reason to doubt that.
from ckan.
Is there a good way to test this process? I don't have older exes to run
from ckan.
oh heh there was a new dev build just put out. So I already had ckan.exe added as a process exclusion, and I added AutoUpdate.exe this time, and it seems to have worked!
However it's possible that defender just didn't detect a problem this time.
from ckan.
Adding AutoUpdate.exe wouldn't do anything, since the file is never renamed to that. It's executed at its temp file location.
from ckan.
I think this is what I eventually turned off to work around Defender's very high false positive rate:
from ckan.
ok, so maybe the issue should be "ckan.exe should download the autoupdate.exe to a consistent filename." e.g. temp<guid>\ckan-autoupdate.exe. Then you can add ckan-autoupdate.exe and ckan.exe as process exclusions and it should work? maybe?
from ckan.
That would help if the problem happens after the updater is executed.
It would not help if it happens after the download step, before execution. So far that seems more likely to me.
from ckan.
According to the docs, the file created by ckan.exe should be excluded from scanning.
Oh...but that should have already been happening for me, since I had ckan.exe added. hm. but maybe it got scanned after ckan.exe closed?
The docs on process exclusions look interesting, regarding folders and environment variables...
from ckan.
I'm thinking the best we can do here is to auto-launch a URL for a new wiki when the user clicks "Use dev builds" (on Windows) that explains Defender's false positives, how to turn off "reputation-based protection 🤮", and the attendant risks, then explains how to turn dev builds off again in the settings if the user isn't comfortable with that.
from ckan.
Related Issues (20)
- Cannot find central directory for ProceduralParts v2.5.8.0 HOT 14
- [Bug]: instance not detected HOT 2
- [Bug]: CKAN does not appear to work with a symlink to a network folder. HOT 1
- [Bug]: CKAN can't load mods becase: "Object reference not set to an instance of an object." HOT 10
- [Bug]: Error Code 403 and Repository Update Failed.
- [Bug]: Error code 403 & Object reference not set to an instance of an object. Repository update failed! HOT 3
- ConsoleUI should check for conflicts between chosen recommendations and suggestions, plus a crash HOT 3
- [Feature]: Icons! HOT 4
- [Bug]: CKAN crashes on start after installing Windows 11's KB5036893 update HOT 4
- [Bug]: Unmet dependencies trying to install the .deb on Mint HOT 8
- [Bug]: Repository Update Failed Error while Updating HOT 4
- [Feature] Ability to install from .ckan file for ConsoleUI HOT 14
- [Feature]: Download cache change management
- [Feature]: Symlinks for GameData
- Can't access registry.locked HOT 7
- [Feature]: Flatpak HOT 7
- [Bug]: CKAN just loading after trying to use a .ckan file. HOT 4
- [Bug]: Repository updated failed because of SquadExpansion created by buying/installing/leaving activating one DLC HOT 3
- [Bug]: Environmental Visual Enhancements from Blackrack's cloud mod (RaymarchedVolumetricsEarlyAccess27_03_24) not detected as a manually installed mod. HOT 3
- [Bug]: TweakScale/L displayed some error message about a DLL HOT 20
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ckan.