#350 PasswordSafe v3.29

v1.0_(example)
accepted
Rony Shapiro
3
2012-10-08
2012-10-04
Raffi Mesdjian
No

I am currently runing v3.29 on Windows 7 64bit. After installing the software everything works with the help file. We would like to make this application available to a wider audience. I performed a green installation and copied the files to a central location on a network file server.

Users are able to use the application. However when they select the help file they see the "Navigation to the webpage was canceled". If they manually double click the pwsafe.chm from the network share it works fine.

I want to avoid having each user to install the application individually.

Thanks,

Raffi

Discussion

  • Rony Shapiro
    Rony Shapiro
    2012-10-05

    • status: open --> accepted
    • assigned_to: Rony Shapiro
     
  • Rony Shapiro
    Rony Shapiro
    2012-10-05

    PasswordSafe looks for the help file (pwsafe.chm) in the same directory as the executable, regardless of the installation type.
    Perhaps there's a problem with this when the executable's on a network share. Could you map it to a drive letter and let me know if this helps?

     
  • Raffi Mesdjian
    Raffi Mesdjian
    2012-10-05

    Hi Rony,
    I tried the drive mapping and that didn't work also. Any other thoughts?

    Thanks,

    Raffi

     
  • Raffi Mesdjian
    Raffi Mesdjian
    2012-10-08

    Hi Rony,
    I tried this fix and it did it. I need to do some more research to see what other risks this may present to our organization.

    http://www.mgtek.com/helpproducer/manual/html/msprbChmOnUNC.html

    Note: In our environment (Win 7 64-bit) we had to make this registry entry in the 32bit section also to make it work.

    Thanks,

    Raffi

     
    Last edit: Raffi Mesdjian 2012-10-08
  • Rony Shapiro
    Rony Shapiro
    2012-10-08

    Argh! I totally forgot about this.
    Point is that the .chm format is considered to be broken beyond repair in terms of security, hence the restriction implemented by Microsoft.
    If you only share pwsafe.chm, you're not introducing any security risks (and you can always build the chm from sources to be sure). If you allow users to add arbitrary .chm files to the share, all bets are off.

    Thanks for reminding me about this - I'll try to document it in the next release.