Skip to content

Handle case where applocker test script fails to delete #8627

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TravisEz13 merged 2 commits into from
Jan 16, 2019
Merged

Handle case where applocker test script fails to delete #8627

TravisEz13 merged 2 commits into from
Jan 16, 2019

Conversation

@SteveL-MSFT
Copy link
Member

@SteveL-MSFT SteveL-MSFT commented Jan 11, 2019
edited
Loading

PR Summary

One reported case where during applocker policy check, the test script that is created cannot be deleted because something else (malware scanner?) has a lock on the file. This results in an exception being thrown in finally block which ultimately causes PowerShell to crash due to the unhandled exception. Fix is to wrap the deletion in the finally block with try..catch and ignore any exceptions and leave the temp file.

TFS:20156282

PR Checklist

@SteveL-MSFT SteveL-MSFT requested a review from PaulHigin January 11, 2019 18:32
anmenaga
anmenaga reviewed Jan 11, 2019
View reviewed changes
@iSazonov iSazonov added the CL-Engine Indicates that a PR should be marked as an engine change in the Change Log label Jan 12, 2019
@iSazonov
Copy link
Collaborator

iSazonov commented Jan 12, 2019
edited
Loading

If we can not delete the file is it secure to leave it on file system?

@SteveL-MSFT
Copy link
Member Author

SteveL-MSFT commented Jan 15, 2019

@iSazonov yes, the test script is harmless and doesn't expose anything, it just validates whether scripts can be run or not. It is not ideal to leave the file in the temp folder, but worse is to prevent PowerShell from starting simply because something else decided to lock that file.

@SteveL-MSFT
Copy link
Member Author

SteveL-MSFT commented Jan 15, 2019

@PaulHigin can you take another look? Made some changes based on feedback

@iSazonov
Copy link
Collaborator

iSazonov commented Jan 16, 2019

@TravisEz13 Please merge the PR.

@TravisEz13 TravisEz13 merged commit a04f694 into PowerShell:master Jan 16, 2019
@SteveL-MSFT SteveL-MSFT deleted the applocker-policy branch January 18, 2019 04:34
@Niehweune Niehweune mentioned this pull request Jun 4, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iSazonov iSazonov iSazonov approved these changes

+2 more reviewers

@anmenaga anmenaga anmenaga left review comments

@PaulHigin PaulHigin PaulHigin approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@TravisEz13 TravisEz13

Labels

CL-Engine Indicates that a PR should be marked as an engine change in the Change Log

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@SteveL-MSFT @iSazonov @anmenaga @PaulHigin @TravisEz13