search

ThePacielloGroup / CCAe

The Colour Contrast Analyser (CCA) helps you determine the legibility of text and the contrast of visual elements, such as graphical controls and visual indicators.
http://www.paciellogroup.com/resources/contrastanalyser/
GNU General Public License v3.0
468 stars 105 forks source link

Eyedropper doesn't open with AppLocker #309

Closed ferllings closed 10 months ago

ferllings commented 11 months ago

As reported "...if i use the CCA Tool as an User with Admin Right´s .. the pipet control button …is still working. A Default / Normal user, without administrative rights… the pipet control is still NOT working.

To give users for example modify / delete rights includes security permissions to the application folder.. still not modify/ change the behaviour .. the pipet control will still not work…"

The issue seems related to Applocker:

"In our environment.. we use Applocker Rules... So i look in the event-logs (event viewer) and found that the executable will randomly be created.. and blocked.."

i.e. %OSDRIVE%\USERS\XXX\APPDATA\LOCAL\TEMP\3ADF39E4-BF83-462D-AE40-54A1D5365122.TMP.EXE

[2023-08-29 15:56:40.914] [warn]  [ERROR] getColorFromPickerAddOn Error: spawn UNKNOWN
    at ChildProcess.spawn (node:internal/child_process:413:11)
    at spawn (node:child_process:709:9)
    at execFile (node:child_process:336:17)
    at t.<computed> (node:electron/js2c/asar_bundle:5:2501)
    at C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\picker\win32\index.js:3:61
    at new Promise (<anonymous>)
    at exports.runColorPicker (C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\picker\win32\index.js:3:28)
    at exports.getColorFromPickerAddOn (C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\picker\index.js:8:36)
    at CCAController.getColorFromPicker (C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\CCAcontroller.js:81:30)
    at IpcMainImpl.emit (node:events:527:28)
[2023-08-29 15:56:41.187] [warn]  [ERROR] getColorFromPickerAddOn Error: color picker already running!
    at exports.getColorFromPickerAddOn (C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\picker\index.js:6:54)
    at CCAController.getColorFromPicker (C:\Program Files\Colour Contrast Analyser\resources\app.asar\src\CCAcontroller.js:81:30)
    at IpcMainImpl.emit (node:events:527:28)
    at EventEmitter.<anonymous> (node:electron/js2c/browser_init:165:11237)
    at EventEmitter.emit (node:events:527:28)
Daydreaming23 commented 11 months ago

I noticed the same in our environment and if trying to implement an exemption in AppLocker the certificate on the file has expired so not valid for a publisher rule. image

ferllings commented 11 months ago

Ah, yes. I might have forgot to re-sign the eyedropper. Good catch, Thanks

Daydreaming23 commented 10 months ago

Hi Ferlings, I have downloaded the updated installer, it seems on the first opening all is working but if I close and re-open it errors again. It looks like the Certificates on the exe have been updated but the file in the local app data is appearing blocked again with an expired certificate.

ferllings commented 10 months ago

Could you try this? https://github.com/ThePacielloGroup/CCAe/releases/tag/v3.4.1

Daydreaming23 commented 10 months ago

That has done the trick. On the current version it is working now. Thank you.

ferllings commented 10 months ago

@Daydreaming23 Thanks for the confirmation