ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <bode...@apache.org>
Subject Re: Windows declares a zip file as dangerous
Date Tue, 09 Jul 2019 07:49:24 GMT
On 2019-07-09, Jochen Wiedmann wrote:

> I've got a zip file, which has been created by Ant's Zip task:

>     <zip destfile="foo-dist.zip">
>         <fileset dir="${dist.dir}" includes="myapp/**/*"/>
>     </zip>

> Now, when I transfer this file from my Windows 7 build host to the
> test servers (Windows 7, or Windows 10) using basic Copy&Paste, and do
> a right click on the file, I get a message

>     "Opening these files might be harmful."

> AFAICT, this is the same message, that I would get for opening a file,
> which has been downloaded via browser.

It most likely is not related to how the archive has been created and
only related to how you have transferred the archive to the test servers
- and what Windows knows about that process.

When you transfer the file Windows (the Attachment Manager or something
named in a similar way IIRC) adds meta data to the archive marking it as
unsafe. Whether or not Windows does so depends on how much it trusts the
source of your archive. Anything that gets copied from the "trusted
zone" is usually fine, but it also depends on the installed policies.

You should be able to silence the warning individually by clicking
"unblock" in the archive's properties (reachable via the context menu in
windows explorer).

A broader solution is to add your build server to the trusted zone or
even add a policy that says something like "do not preserve the zone of
origin" - both will require windows admin rights on the test servers and
both actions should be weighed against security concerns, of course.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org


Mime
View raw message