From 216d24fc20873421680d2173b3688dea2609cd0d Mon Sep 17 00:00:00 2001 From: Steve Lee Date: Fri, 11 Jan 2019 10:28:57 -0800 Subject: [PATCH 1/2] handle case where applocker test script fails to delete --- .../security/wldpNativeMethods.cs | 24 +++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/System.Management.Automation/security/wldpNativeMethods.cs b/src/System.Management.Automation/security/wldpNativeMethods.cs index 35d37d88eed..88fc36513aa 100644 --- a/src/System.Management.Automation/security/wldpNativeMethods.cs +++ b/src/System.Management.Automation/security/wldpNativeMethods.cs @@ -277,9 +277,29 @@ private static SystemEnforcementMode GetAppLockerPolicy(string path, SafeHandle } finally { - if (IO.File.Exists(testPathScript)) { IO.File.Delete(testPathScript); } + if (IO.File.Exists(testPathScript)) + { + try + { + IO.File.Delete(testPathScript); + } + catch + { + // Leave the file if we can't delete + } + } - if (IO.File.Exists(testPathModule)) { IO.File.Delete(testPathModule); } + if (IO.File.Exists(testPathModule)) + { + try + { + IO.File.Delete(testPathModule); + } + catch + { + // Leave the module if we can't delete + } + } } s_cachedSaferSystemPolicy = result; From 081e432e552d84e1df68d6f83dc46685aae4fedc Mon Sep 17 00:00:00 2001 From: Steve Lee Date: Mon, 14 Jan 2019 16:46:39 -0800 Subject: [PATCH 2/2] address Andrew and Ilya's feedback --- .../security/wldpNativeMethods.cs | 27 +++---------------- .../utils/PathUtils.cs | 18 +++++++++++++ 2 files changed, 22 insertions(+), 23 deletions(-) diff --git a/src/System.Management.Automation/security/wldpNativeMethods.cs b/src/System.Management.Automation/security/wldpNativeMethods.cs index 88fc36513aa..b1f3060c880 100644 --- a/src/System.Management.Automation/security/wldpNativeMethods.cs +++ b/src/System.Management.Automation/security/wldpNativeMethods.cs @@ -277,29 +277,10 @@ private static SystemEnforcementMode GetAppLockerPolicy(string path, SafeHandle } finally { - if (IO.File.Exists(testPathScript)) - { - try - { - IO.File.Delete(testPathScript); - } - catch - { - // Leave the file if we can't delete - } - } - - if (IO.File.Exists(testPathModule)) - { - try - { - IO.File.Delete(testPathModule); - } - catch - { - // Leave the module if we can't delete - } - } + // Ok to leave the test scripts in the temp folder if they happen to be in use + // so that PowerShell will still startup. + PathUtils.TryDeleteFile(testPathScript); + PathUtils.TryDeleteFile(testPathModule); } s_cachedSaferSystemPolicy = result; diff --git a/src/System.Management.Automation/utils/PathUtils.cs b/src/System.Management.Automation/utils/PathUtils.cs index 71d84109b0f..6c398af7494 100644 --- a/src/System.Management.Automation/utils/PathUtils.cs +++ b/src/System.Management.Automation/utils/PathUtils.cs @@ -429,5 +429,23 @@ internal static DirectoryInfo CreateTemporaryDirectory() Directory.CreateDirectory(moduleDirectory.FullName); return new DirectoryInfo(moduleDirectory.FullName); } + + internal static bool TryDeleteFile(string filepath) + { + if (IO.File.Exists(filepath)) + { + try + { + IO.File.Delete(filepath); + return true; + } + catch (IOException) + { + // file is in use on Windows + } + } + + return false; + } } }