Start-Process: Fix -Credential error as non-admin #21393
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 tasks
Collaborator
Author
|
Just as an FYI I did not create a test in this as it would require being able to create another user (requires admin) then run as non-admin. The test runner doesn't seem to have an easy way to really do this so I skipped it. |
When using Start-Process -Credential in a non-administrator context with a different user's credentials the code currently throws an exception when attempting to get the new process' handle. This change treats this error as a warning only if -PassThru was specified as it only affects certain members on the returned object like ExitCode but others like WaitForExit() still work fine.
iSazonov
approved these changes
Mar 30, 2024
Collaborator
We could try to create a test hook. Keyword is |
iSazonov
added
CL-General
Collaborator
Author
Isn't that to just tell PowerShell to do something differently internally? I'm not sure how that would help here as the exception occurs in .NET code and not PowerShell. Unless I'm mistaken? The problem that we need to test is doing |
Collaborator
|
Test hooks are definitely something we do internally. It's kind of like having our own test Web server. And that's not easy to implement for processes. This effort makes sense if we want to actively develop this cmdlet. On the other hand, I suppose we could use the GiHub action config to create a regular user with a single-session password. Or try |
Collaborator
Author
|
Yea the proper method would be to configure CI to create a test user for this (and other tests) as an admin before it starts pester as the non-admin user. I’ve got no experience with the CI setup in this repository and I probably don’t want to go fiddling around with it without someone from that side advising what they want to do there. As for the test hook I can see if being useful if we want to test out specific code branches but in this case it’s an exception being raised in code that we are calling rather than in code that we control. It wouldn’t make sense to raise an exception ourselves here to just catch it IMO. |
Collaborator
|
Interesting, .Net uses WindowsTestAccount to create a test user. |
Collaborator
Author
|
Creating the test user is the simple part with builtin cmdlets |
Collaborator
I forget that we have Windows PowerShell. 😄 We run unelevated tests with Lines 1664 to 1682 in b23607e So it seems it is easy to create a test user account. |
Collaborator
Author
The question is more when to integrate it. We would need to create the test user before running the Pester process and pass through the credentials somehow. It also would need to cleanup the user once the test is done. I don’t feel comfortable enough without the people who maintain the CI part of this repo to provide their input. I’m also somewhat concerned that the talk to add tests will bog down the fix especially since it should be backported to the next 7.4 release. |
Collaborator
|
I think this PR will be reviewed quickly as it is a regression. Also, I think we can easily add (and remove) a user to build.psm1 in the try-catch-finally block that is listed above. The only requirement is to generate a password dynamically. It will be in a pwsh variable for the duration of the test. |
daxian-dbw
reviewed
Apr 1, 2024
Collaborator
|
For WG. It seems we never write "warnings" to avoid "noise". So we could remove the "warning" at all or replace it with "verbose" or "debug". |
SteveL-MSFT
reviewed
Apr 3, 2024
| { | ||
| _ = process.Handle; | ||
| } | ||
| catch (Win32Exception e) |
Member
There was a problem hiding this comment.
Should we check the HRESULT for the specific error rather than treating them all the same?
Collaborator
Author
There was a problem hiding this comment.
As getting the Handle was an attempt to try and set the internal state and not something that is being used in the code I didn't think it was worth setting a specific error code. I can change it but I didn't think it warranted catching a specific error because we aren't doing anything to work around the error.
Collaborator
There was a problem hiding this comment.
@SteveL-MSFT Here we should rather move in the other direction. Since the only operation we do is getting a handle, we rather need to catch and ignore all exceptions, especially since if there is a question about behavior, we can always display the debug message.
Although I think Win32Exception covers everything that is needed.
Member
|
The @PowerShell/wg-powershell-cmdlets discussed this and compared the behavior to WinPS5.1. We recommend changing from Warning to a Debug message, then handle is null w/o any message so the behavior is consistent with 5.1. |
SteveL-MSFT
added
WG-Reviewed
Collaborator
Author
|
Updated to become |
microsoft-github-policy-service
bot
added
the
Review - Needed
daxian-dbw
approved these changes
Apr 15, 2024
microsoft-github-policy-service
bot
removed
the
Review - Needed
Collaborator
Author
|
Thanks for the reviews and merge! |
Member
|
We will wait on this change to be released in a preview before considering a backport to 7.4. |
Collaborator
Author
|
Will that even make a difference. There are people already affected by this and the chances of someone actually using the preview for such use cases I see as rare. |
imatthewtanner
added a commit
to tannerpresscorp/PowerShell
that referenced
this pull request
May 28, 2024
* Bump xunit from 2.6.3 to 2.6.4 (PowerShell#20967) Bumps [xunit](https://github.com/xunit/xunit) from 2.6.3 to 2.6.4. - [Commits](xunit/xunit@2.6.3...2.6.4) --- updated-dependencies: - dependency-name: xunit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump xunit.runner.visualstudio from 2.5.5 to 2.5.6 (PowerShell#20966) Bumps [xunit.runner.visualstudio](https://github.com/xunit/visualstudio.xunit) from 2.5.5 to 2.5.6. - [Release notes](https://github.com/xunit/visualstudio.xunit/releases) - [Commits](xunit/visualstudio.xunit@2.5.5...2.5.6) --- updated-dependencies: - dependency-name: xunit.runner.visualstudio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add Import-LocalizedData implicit Localization fallback (PowerShell#19896) * Adds culture fallback to Import-LocalizedData * Only add fallback if current culture is not en-US * Pester 4 compatibility * Missing param block in It * Missed param block for It * Skip UICulture name test for Linux and Mac * Removed test fragment * Fix typo in remotingexceptions.cs (PowerShell#21015) formating -> formatting * Fix failures in GitHub action `markdown-link-check` (PowerShell#20996) * Bump xunit from 2.6.4 to 2.6.5 (PowerShell#21008) * Include information about upgrading in README (PowerShell#20993) * Update the cgmanifest (PowerShell#20955) * Add `Aliases` to the properties shown up when formatting the help content of the parameter returned by `Get-Help` (PowerShell#20994) * Bump JsonSchema.Net from 5.4.2 to 5.5.0 (PowerShell#21027) * Fix regression -Tail 0 -Wait (PowerShell#20734) * Update README.md and metadata.json for v7.2.18 and v7.4.1 releases (PowerShell#21044) * Update changelog for v7.2 and v7.3 (PowerShell#21052) * Bump xunit from 2.6.5 to 2.6.6 (PowerShell#21071) * Bump StyleCop.Analyzers from 1.2.0-beta.507 to 1.2.0-beta.556 (PowerShell#20953) * Update to the latest NOTICES file (PowerShell#20905) * Update the cgmanifest (PowerShell#21047) * Fix completion crash for the SCCM provider (PowerShell#20915) * Bump .NET SDK to 8.0.101 (PowerShell#21084) * Add `WinGetCommandNotFound` and `CompletionPredictor` modules to track usage (PowerShell#21040) * Merged PR 29314: Update ChangeLog for v7.5.0-preview.1 Update ChangeLog for v7.5.0-preview.1 * Update `README.md` and `metadata.json` for v7.5.0-preview.1 release (PowerShell#21094) * Fix Get-Error serialization of array values (PowerShell#21085) Ensure Get-Error does not hang when attempting to serialize an exception that contains a property whose type is an array of System.Type instances. Also ensures that primitive types like System.Int32, System.Boolean as well as System.String is formatted as a string rather than an object with properties. * Validate the value for `using namespace` during semantic checks to prevent declaring invalid namespaces (PowerShell#21162) * Fix `using assembly` to use `Path.Combine` when constructing assembly paths (PowerShell#21169) * Add `DirectoryInfo` to the `OutputType` for `New-Item` (PowerShell#21126) * Bump JsonSchema.Net to v5.5.1 (PowerShell#21120) * Update changelog for v7.4.1 (PowerShell#21098) * Update WG members (PowerShell#21091) * Update the cgmanifest (PowerShell#21093) * Fix incorrect examples in XML docs in `PowerShell.cs` (PowerShell#21173) * Generate MSI for `win-arm64` installer (PowerShell#20516) * Rewrite the mac syslog tests to make them less flaky (PowerShell#21174) * Update versions of PSResourceGet (PowerShell#21190) * Add tilde expansion for windows native executables (PowerShell#20402) * Bump XunitXml.TestLogger from 3.1.17 to 3.1.20 (PowerShell#21207) * Remove `PSScheduledJob` module source code (PowerShell#21189) * Update to the latest NOTICES file (PowerShell#21177) * Update the cgmanifest (PowerShell#21178) * Fix a typo in `CoreAdapter.cs` (PowerShell#21179) * ConvertFrom-Json: Add -DateKind parameter (PowerShell#20925) Adds the -DateKind parameter to the ConvertFrom-Json that allows the caller to control how DateTime strings are converted into an object. The default behaviour is to create a DateTime value with the Kind being Unspecified if no TZ is set, Utc if the TZ Z is set, Local (after conversion) if an explicit TZ is set. This adds a Utc, Local to explicitly set the Kind as desired as well as a Offset and String value to create a DateTimeOffset or keep as a string. * Bump Microsoft.NET.Test.Sdk from 17.8.0 to 17.9.0 Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.8.0 to 17.9.0. - [Release notes](https://github.com/microsoft/vstest/releases) - [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md) - [Commits](microsoft/vstest@v17.8.0...v17.9.0) --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update dependabot.yml Signed-off-by: Matthew Tanner <[email protected]> * Create codeql.yml Signed-off-by: Matthew Tanner <[email protected]> * Bump the nuget group across 1 directories with 1 update Bumps the nuget group with 1 update in the /test/tools/TestAlc/nested directory: [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json). Updates `Newtonsoft.Json` from 10.0.1 to 13.0.1 - [Release notes](https://github.com/JamesNK/Newtonsoft.Json/releases) - [Commits](JamesNK/Newtonsoft.Json@10.0.1...13.0.1) --- updated-dependencies: - dependency-name: Newtonsoft.Json dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump PowerShellGet from 2.2.5 to 2.2.5.1 in /src/Modules Bumps [PowerShellGet](https://github.com/PowerShell/PowerShellGet) from 2.2.5 to 2.2.5.1. - [Changelog](https://github.com/PowerShell/PowerShellGet/blob/master/CHANGELOG.md) - [Commits](https://github.com/PowerShell/PowerShellGet/commits) --- updated-dependencies: - dependency-name: PowerShellGet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump to .NET 9 Preview 1 (PowerShell#21229) * Update the cgmanifest (PowerShell#21237) * Update to the latest NOTICES file (PowerShell#21236) * Update experimental-feature json files (PowerShell#21213) * Remove `surrogateFile` setting of APIScan (PowerShell#21238) * Add dotenv install as latest version does not work with current Ruby version (PowerShell#21239) * Bump xunit from 2.6.6 to 2.7.0 Bumps [xunit](https://github.com/xunit/xunit) from 2.6.6 to 2.7.0. - [Commits](xunit/xunit@2.6.6...2.7.0) --- updated-dependencies: - dependency-name: xunit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump xunit.runner.visualstudio from 2.5.6 to 2.5.7 Bumps [xunit.runner.visualstudio](https://github.com/xunit/visualstudio.xunit) from 2.5.6 to 2.5.7. - [Release notes](https://github.com/xunit/visualstudio.xunit/releases) - [Commits](xunit/visualstudio.xunit@2.5.6...2.5.7) --- updated-dependencies: - dependency-name: xunit.runner.visualstudio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Add dotnet-runtime-9.0 as a dependency for the Mariner package (PowerShell#21259) * Adding WG membership template (PowerShell#21153) * Adding WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Editing WG membership template * Update .github/ISSUE_TEMPLATE/WG_member_request.yaml Co-authored-by: Steve Lee <[email protected]> * Update .github/ISSUE_TEMPLATE/WG_member_request.yaml Co-authored-by: Steve Lee <[email protected]> --------- Co-authored-by: Jason.Helmick <[email protected]> Co-authored-by: Steve Lee <[email protected]> * Update `metadata.json` and `README.md` (PowerShell#21264) * Skip test on Windows Server 2012 R2 for `no-nl` (PowerShell#21265) * Fix a regression in `Format-Table` when header label is empty (PowerShell#21156) * Revert "Adjust PUT method behavior to POST one for default content type in WebCmdlets" (PowerShell#21049) * Fix the regression when doing type inference for `$_` (PowerShell#21223) * ConvertTo-Json: Serialize `BigInteger` as a number (PowerShell#21000) * Remove `JetBrains.Annotations` attributes (PowerShell#21246) * Suppress MacOS package manager output (PowerShell#21244) * Enable CA1868: Unnecessary call to 'Contains' for sets (PowerShell#21165) https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1868 * Bump Microsoft.CodeAnalysis.CSharp from 4.8.0 to 4.9.2 Bumps [Microsoft.CodeAnalysis.CSharp](https://github.com/dotnet/roslyn) from 4.8.0 to 4.9.2. - [Release notes](https://github.com/dotnet/roslyn/releases) - [Changelog](https://github.com/dotnet/roslyn/blob/main/docs/Breaking%20API%20Changes.md) - [Commits](https://github.com/dotnet/roslyn/commits) --- updated-dependencies: - dependency-name: Microsoft.CodeAnalysis.CSharp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump Microsoft.CodeAnalysis.Analyzers (PowerShell#21297) * Bump Microsoft.CodeAnalysis.CSharp from 4.9.0-3.final to 4.9.2 (PowerShell#21298) * Fix error formatting for pipeline enumeration exceptions (PowerShell#20211) * Fall back to type inference when hashtable key value cannot be retrieved from safe expression (PowerShell#21184) * Get-Process: Remove admin requirement for `-IncludeUserName` (PowerShell#21302) * Bump Microsoft.CodeAnalysis.Analyzers (PowerShell#21305) * Fix a typo in `releaseTools.psm1` (PowerShell#21306) * Fix PowerShell class to support deriving from an abstract class with abstract properties (PowerShell#21331) * Handle the case that `Runspace.DefaultRunspace is null` when logging for WDAC Audit (PowerShell#21344) * Make sure both stdout and stderr can be redirected from a native executable (PowerShell#20997) * Fix typo in ast.cs (PowerShell#21350) statment -> statement * Make sure the assembly/library resolvers are registered at early stage (PowerShell#21361) * Revert the PR PowerShell#17856 (Do not preserve temporary results when no need to do so) (PowerShell#21368) * Add file description to `pwsh.exe` (PowerShell#21352) * PowerShell co-ordinated build OneBranch pipeline (PowerShell#21364) * Fix argument passing in `GlobalToolShim` (PowerShell#21333) * Fix build failure due to missing reference in `GlobalToolShim.cs` (PowerShell#21388) * Fix typo in a test (PowerShell#21337) connectiong -> connecting * Fix `Test-Path -IsValid` to check for invalid path and filename characters (PowerShell#21358) * Fix typo in SessionStateCmdletAPIs.cs (PowerShell#21413) hte -> the * Update `PSReadLine` to `v2.3.5` for the next `v7.4.x` servicing release (PowerShell#21414) * Multiple fixes in official build pipeline (PowerShell#21408) * Add back two transitive dependency packages (PowerShell#21415) * Verify environment variable for OneBranch before we try to copy (PowerShell#21441) * Update PSResourceGet version from 1.0.2 to 1.0.4.1 (PowerShell#21439) * fix package build to not check some files for a signature. (PowerShell#21458) * Update `metadata.json` and `README.md` (PowerShell#21454) * Fix grammar in FAQ.md (PowerShell#21468) Fix grammar in docs FAQ * Update CHANGELOG for v7.2.19, v7.3.12 and v7.4.2 (PowerShell#21462) * Fix the error when using `Start-Process -Credential` without the admin privilege (PowerShell#21393) * Add `RecommendedAction` to `ConciseView` of the error reporting (PowerShell#20826) * Update Engine & Interactive-UX Working Group Member lists (PowerShell#20991) * Bump `Microsoft.CodeAnalysis.Analyzers` (PowerShell#21449) * Don't complete parameter name and class member declarations (PowerShell#21182) * Update the doc about how to build PowerShell (PowerShell#21334) * [StepSecurity] Apply security best practices (PowerShell#21480) * [StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <[email protected]> * Update dependabot.yml * Delete tools/releaseBuild/Images/microsoft_powershell_centos7 directory * Delete tools/releaseBuild/Images/microsoft_powershell_ubuntu16.04 directory * Delete tools/releaseBuild/Images/microsoft_powershell_ubuntu18.04 directory * Delete tools/releaseBuild/Images/microsoft_powershell_windowsservercore/Dockerfile --------- Signed-off-by: StepSecurity Bot <[email protected]> Co-authored-by: Travis Plunk <[email protected]> * Bump ossf/scorecard-action from 2.0.6 to 2.3.1 (PowerShell#21485) * Bump ossf/scorecard-action from 2.0.6 to 2.3.1 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@99c5375...0864cf1) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update windows.yml * Update linux.yml * Update windows.yml * Update mac.yml --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Travis Plunk <[email protected]> * Bump actions/upload-artifact from 3.1.3 to 4.3.2 (PowerShell#21501) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.3.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@a8a3f3a...1746f4a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github/codeql-action from 2.25.0 to 3.25.1 (PowerShell#21498) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.25.0 to 3.25.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2.25.0...c7f9125) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/checkout from 3.6.0 to 4.1.2 (PowerShell#21482) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3.6.0...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/dependency-review-action from 2.5.1 to 4.2.5 (PowerShell#21484) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 2.5.1 to 4.2.5. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@0efb1d1...5bbc3ba) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add a PAT for fetching PMC cli (PowerShell#21503) * Use new pat * remove trailing whitespaces * Fix `[semver]` type to pass semver.org tests (PowerShell#21401) * Fix `[semver]` type to pass semver.org tests * fix test to split per OS specific newline * replace all regex with semver.org ones adding new one for build label, update tests --------- Co-authored-by: Steve Lee (POWERSHELL HE/HIM) (from Dev Box) <[email protected]> * Separate DSC configuration parser check for ARM processor (PowerShell#21395) * Official PowerShell Package pipeline (PowerShell#21504) * Revert to version available on `Nuget` for `Microsoft.CodeAnalysis.Analyzers` (PowerShell#21515) * Use correct signing certificates for RPM and DEBs (PowerShell#21522) * Add branch counter variables for daily package builds (PowerShell#21523) * Expand `~` to `$home` on Windows with tab completion (PowerShell#21529) * Bump github/codeql-action from 3.25.1 to 3.25.3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.1 to 3.25.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c7f9125...d39d31e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump actions/checkout from 4.1.2 to 4.1.4 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@9bb5618...0ad4b8f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump actions/upload-artifact from 4.3.2 to 4.3.3 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@1746f4a...6546280) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump super-linter/super-linter from 5.7.2 to 6.4.1 Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 5.7.2 to 6.4.1. - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](super-linter/super-linter@a8150b4...4758be6) --- updated-dependencies: - dependency-name: super-linter/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Delete .github/workflows/codeql-analysis.yml Signed-off-by: Matthew Tanner <[email protected]> * Update codeql.yml Signed-off-by: Matthew Tanner <[email protected]> * Update codeql.yml Signed-off-by: Matthew Tanner <[email protected]> * Delete .github/workflows/codeql.yml Signed-off-by: Matthew Tanner <[email protected]> * Bump actions/dependency-review-action from 4.2.5 to 4.3.2 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.2.5 to 4.3.2. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@5bbc3ba...0c155c5) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * update wix package install (PowerShell#21537) * Create the Windows.x64 global tool with shim for signing (PowerShell#21559) * Fix generating `OutputType` when running in Constrained Language Mode (PowerShell#21605) * Use PSScriptRoot to find path to Wix module (PowerShell#21611) * Bump actions/checkout from 4.1.4 to 4.1.5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@0ad4b8f...44c2b7a) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Remember installation options and used them to initialize options for the next installation (PowerShell#20420) * Bump github/codeql-action from 3.25.3 to 3.25.4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.3 to 3.25.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@d39d31e...ccf74c9) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump to .NET 9 preview 3 (PowerShell#21782) * Bump ossf/scorecard-action from 2.3.1 to 2.3.3 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@0864cf1...dc50aa9) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Use feed with Microsoft Wix toolset (PowerShell#21651) * Create codeql.yml Signed-off-by: Matthew Tanner <[email protected]> * Bump super-linter/super-linter from 6.4.1 to 6.5.0 Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 6.4.1 to 6.5.0. - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](super-linter/super-linter@4758be6...56576d4) --- updated-dependencies: - dependency-name: super-linter/super-linter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Matthew Tanner <[email protected]> Signed-off-by: StepSecurity Bot <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chris Dent <[email protected]> Co-authored-by: Ikko Eltociear Ashimine <[email protected]> Co-authored-by: James Truher [MSFT] <[email protected]> Co-authored-by: Steven Bucher <[email protected]> Co-authored-by: PowerShell Team Bot <[email protected]> Co-authored-by: Dongbo Wang <[email protected]> Co-authored-by: CarloToso <[email protected]> Co-authored-by: MartinGC94 <[email protected]> Co-authored-by: Jordan Borean <[email protected]> Co-authored-by: Greg Dennis <[email protected]> Co-authored-by: Patrick Meinecke <[email protected]> Co-authored-by: Anam Navied <[email protected]> Co-authored-by: alerickson <[email protected]> Co-authored-by: Dom Slee <[email protected]> Co-authored-by: Steve Lee <[email protected]> Co-authored-by: Aditya Patwardhan <[email protected]> Co-authored-by: Jason Helmick <[email protected]> Co-authored-by: Jason.Helmick <[email protected]> Co-authored-by: xtqqczze <[email protected]> Co-authored-by: Friedrich von Never <[email protected]> Co-authored-by: guangwu <[email protected]> Co-authored-by: Roshan Ganesh <[email protected]> Co-authored-by: Justin Grote <[email protected]> Co-authored-by: Ryan Yates <[email protected]> Co-authored-by: StepSecurity Bot <[email protected]> Co-authored-by: Travis Plunk <[email protected]> Co-authored-by: Steve Lee (POWERSHELL HE/HIM) (from Dev Box) <[email protected]> Co-authored-by: David Kontyko <[email protected]> Co-authored-by: Tess Gauthier <[email protected]> Co-authored-by: Dave <[email protected]>
adityapatwardhan
pushed a commit
that referenced
this pull request
Jun 11, 2024
adityapatwardhan
added a commit
that referenced
this pull request
Jun 11, 2024
5 tasks
chrisdent-de
pushed a commit
to chrisdent-de/PowerShell
that referenced
this pull request
Sep 12, 2024
21 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR Summary
When using Start-Process -Credential in a non-administrator context with a different user's credentials the code currently throws an exception when attempting to get the new process' handle. This change treats this error as a warning only if -PassThru was specified as it only affects certain members on the returned object like ExitCode but others like WaitForExit() still work fine.
Fixes: #21073
PR Context
The code to retrieve the
Handleproperty was added by #20749 which tries to set the internal state of theProcessobject. This works in most cases but can fail if the user is not running as admin and the credentials specified was for another user. This PR turns the exception it raises about being unable to retrieve the handle to now become a warning as some things can still be used with the returned Process object.This isn't a change in the status quo as going back to .NET Framework the returned Process object in the above scenario still could not do things like get the
ExitCodedue to permissions problems. This just ensures that an error/exception is not raised and code that worked in the back will still continue to do so.The ultimately fix here is to start the process through the .NET
System.Diagnostics.Processclass instead of using PInvoke withCreateProcess*but until they add an API to create a suspended process or build theProcessobject from aSafeHandlePowerShell cannot do so for all scenarios it deals withProcessStartInfo.CreationFlags(for Windows only) dotnet/runtime#71515The PR should be considered for a backport to 7.4.x as that was when the change was also introduced.
PR Checklist
.h,.cpp,.cs,.ps1and.psm1files have the correct copyright headerWIP:or[ WIP ]to the beginning of the title (theWIPbot will keep its status check atPendingwhile the prefix is present) and remove the prefix when the PR is ready.(which runs in a different PS Host).