Completely remove option to AddToPath when user selects AllUsers inst…

…allation
pseudoyim · Dec 2, 2022 · f7e73a4 · f7e73a4
1 parent 736b924
commit f7e73a4
Showing 1 changed file with 12 additions and 28 deletions.
diff --git a/constructor/nsis/OptionsDialog.nsh b/constructor/nsis/OptionsDialog.nsh
@@ -78,36 +78,20 @@ Function mui_AnaCustomOptions_Show
     ${NSD_OnClick} $mui_AnaCustomOptions.CreateShortcuts CreateShortcuts_OnClick
 
     ${If} "${SHOW_ADD_TO_PATH}" == "yes"
+        # AddToPath is only an option for JustMe installations; it is disabled for AllUsers
+        # installations. (Addresses CVE-2022-26526)
         ${If} $InstMode = ${JUST_ME}
-            StrCpy $1 "my"
-        ${Else}
-            StrCpy $1 "the system"
-        ${EndIf}
-        ${NSD_CreateCheckbox} 0 "$5u" 100% 11u "Add ${NAME} to $1 &PATH environment variable"
-        IntOp $5 $5 + 11
-        Pop $mui_AnaCustomOptions.AddToPath
-
-        # To address CVE-2022-26526.
-        # In AllUsers install mode, disable AddToPath as an option.
-        ${If} $InstMode = ${ALL_USERS}
-            StrCpy $Ana_AddToPath_State ${BST_UNCHECKED}
-            EnableWindow $mui_AnaCustomOptions.AddToPath 0
+            ${NSD_CreateCheckbox} 0 "$5u" 100% 11u "Add ${NAME} to my &PATH environment variable"
+            IntOp $5 $5 + 11
+            Pop $mui_AnaCustomOptions.AddToPath
+            ${NSD_SetState} $mui_AnaCustomOptions.AddToPath $Ana_AddToPath_State
+            ${NSD_OnClick} $mui_AnaCustomOptions.AddToPath AddToPath_OnClick
+            ${NSD_CreateLabel} 5% "$5u" 90% 20u \
+                "NOT recommended. This can lead to conflicts with other applications. Instead, use \
+                the Commmand Prompt and Powershell menus added to the Windows Start Menu."
+            IntOp $5 $5 + 20
+            Pop $Ana_AddToPath_Label
         ${EndIf}
-
-        ${NSD_SetState} $mui_AnaCustomOptions.AddToPath $Ana_AddToPath_State
-        ${NSD_OnClick} $mui_AnaCustomOptions.AddToPath AddToPath_OnClick
-        ${NSD_CreateLabel} 5% "$5u" 90% 20u \
-            "NOT recommended. This can lead to conflicts with other applications. Instead, use \
-            the Commmand Prompt and Powershell menus added to the Windows Start Menu."
-        IntOp $5 $5 + 20
-        Pop $Ana_AddToPath_Label
-
-        # To address CVE-2022-26526.
-        # In AllUsers install mode, disable AddToPath label as well.
-        ${If} $InstMode = ${ALL_USERS}
-            EnableWindow $Ana_AddToPath_Label 0
-        ${EndIf}
-
     ${EndIf}
 
     ${If} "${SHOW_REGISTER_PYTHON}" == "yes"