7za.exe is subject to UAC file virtualization

[jberezanski]

7za.exe does not have an UAC manifest embedded, which makes it subject to UAC file virtualization.

This causes problems in the following scenario:

• a package uses Install-ChocolateyZipPackage to unzip to Program Files (or other admin-only location),
• Chocolatey is invoked from a non-elevated command prompt.

In that scenario, the contents of the archive are actually extracted to a per-user location for virtualized files (%LocalAppData%\VirtualStore), except for executable files, which are excluded from virtualization (and fail to extract). One package exhibiting that problem is nant.

UAC virtualization is disabled if an executable comes with a manifest (internal or external) specifying the needed execution level (asInvoker, highestAvailable or requireAdministrator). In this case asInvoker would be desired:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> 
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 
  <assemblyIdentity version="1.0.0.0" name="7za" processorArchitecture="*" type="win32" />
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> 
    <security> 
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> 
        <requestedExecutionLevel level="asInvoker" uiAccess="false" /> 
      </requestedPrivileges> 
    </security> 
  </trustInfo> 
</assembly>

The best solution would be for 7-Zip developers to embed the manifest in 7za.exe (and I will contact them). Until they do, however, the manifest can exist as a separate file, named 7za.exe.manifest, next to the 7za.exe binary. I have tested it and verified that UAC virtualization is no longer active. It would also be future-compatible in the sense that embedded manifests have precedence over external ones, so if/when 7za.exe gains an embedded manifest, it will be automatically used by the OS instead of the Chocolatey-provided external one.

I suggest including an external manifest for 7za.exe with Chocolatey, so that 7za behavior is deterministic.

[jberezanski]

When testing, please be aware that Windows caches manifest information for an executable (including whether the manifest is present or not) for the duration of the logon session, so the external manifest may be ignored by the system until you logoff and logon again, if it has just been added and 7za.exe has been run earlier. To force invalidation of the cached information, change the "last modified" time of 7za.exe (the actual value does not matter as long as it is different than the previous time).

[ferventcoder]

Is that file all I would need?

[jberezanski]

Yes, you just need to put it next to 7za.exe.

[ferventcoder]

Do you think I need one next to any of the files that are exes?

[jberezanski]

Good question. Each exe which might possibly write to a protected location should have a manifest. However, all other exes currently included with Chocolatey (shimgen.exe, checksum.exe, nuget.exe and even shimgen-generated exes in redirects directory) actually do have an embedded manifest with UAC info - you can quickly verify it with the sigcheck SysInternals tool (run sigcheck -m xyz.exe). So only 7za needs to be provided with an external one.