问题
I have made one installer using InstallShield. I have written some Custom Actions in that.
While installing this installer, the logs (execution steps) of those CustomActions gets printed in log file. But I want to prevent to log some CustomActions's data (execution steps) into log file. I don't want to let user know what exactly the Custom Action is doing for security purpose.
So how I can prevent some CustmAction to log their execution steps into log files ? I want to prevent whole CustomAction's logs.
Or can we pause a logging for some duration time while installation in InstallShield ?
回答1:
That would make an interesting feature request! Perhaps InstallShield could be taught to respect the value of a (theoretical) ISSuppressLogging
property that is non-empty at the time of an immediate action, or when a deferred action is scheduled. But that's not available now, and would require code-based changes to InstallShield's custom actions.
Back to the present. InstallShield does not offer any option to suppress its logging statements, at least beyond a few scenarios that it explicitly attempts to support, so you are left with the following options that probably don't cover your needs:
Use
MsiHiddenProperties
to explicitly prevent the logging of specific property's values. Note that several actions will format strings, and in doing so lose track of what properties comprise the resulting value, so do not respectMsiHiddenProperties
.Use the custom action type flag 0x2000 / 8192 Custom Action Hidden Target Option to prevent logging the value of a deferred action's
CustomActionData
property, for example. Again this does not propagate to any further logging based on values the custom action extracts from this property. Note that you must add (technically bitwise OR) the value 8192 to the existing value in the Type column of the CustomAction table; the other bits of that value contain important information as well, such as its base type and its execution options.(See the linked Preventing Confidential Information from Being Written into the Log File for some more suggestions along this line, none of which will help here.)
Run the custom action from a ControlEvent. This one is a little wild, and definitely impractical for most uses, as you probably desire to hide logging detail from items that modify the system and need to run with elevated privileges. But if that's not the case, a quirk in the DoAction control event happens to prevent all log messages from making it to the log.
As a general comment, I often see this request with regards to custom actions that store strings in plain text in another file. In those cases I'm very unclear why the log file's copy of the string must be obscured. If the data is particularly sensitive, it may be better to somehow encrypt its value, and store only the encrypted value. Then, perhaps with help from MsiHiddenProperties
and the hidden target flag as described in the bullets, the log would contain only the encrypted value.
来源:https://stackoverflow.com/questions/38617646/how-to-prevent-to-log-execution-steps-of-custom-action-in-installshield