Chuck wrote: > Why is it not recommended and what about it is difficult to get right? >
You have to extract the files securely; an insecure extraction for a per-machine install is a security vulnerability, as it can be used to execute arbitrary code as the local system account (MSI when elevated). Especially when admins use advertisement to "bless" packages for non-admin users, it's definitely a potential escalation of privilege. -- sig://boB http://bobs.org ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
