Hacker News new | ask | show | jobs
by ThePowerOfFuet 2268 days ago
This isn't the point, it's the fact that the installer is being abused to install an app without even giving the user the option to proceed or not. Nothing should be installed as part of the preflight.

Par for the course with Zoom, so it seems.
1 comments
zndr 2268 days ago
I don't think it installs it I think it just calls the resource from the package.

NVM I decided to inspect the package with `pkgutil`

Here's the offending code

```################################### function install_app_to_path(){ #path=$1 InstallPath="$1/.zoomus_"$(date)"" mkdir -p "$InstallPath" mkdir -p "$InstallPath/Frameworks" if [[ $? != 0 ]] ; then rm -rf "$InstallPath" return 1 fi

    if [[ -d "$1/zoom.us.app" ]] ; then
        rm -f "$1/zoom.us.app/Contents/Info.plist"
        mv "$1/zoom.us.app/Contents" "$InstallPath/trash"
    fi

    if [[ $? != 0 ]] ; then
        rm -rf "$InstallPath"
        return 4
    fi

    rm -rf "$1/zoom.us.app"
    if [[ $? != 0 ]] ; then
        rm -rf "$InstallPath"
        return 4
    fi

    mdfind 'kMDItemCFBundleIdentifier == "us.zoom.xos"'> .zoom.us.applist.txt

    echo "["$(date)"]un7z zm.7z =================================" >>"$LOG_PATH"
    if [[ -f res.7z ]] ; then
        ./7zr x -mmt ./res.7z -o"$InstallPath/Frameworks"&
    fi

    if [[ -f resReitna.7z ]] ; then
        ./7zr x -mmt ./resReitna.7z -o"$InstallPath/Frameworks"&
    fi

    if [[ -f bundles.7z ]] ; then
        ./7zr x -mmt ./bundles.7z -o"$InstallPath/Frameworks"&
    fi

    un7zresult=$(./7zr x -mmt ./zm.7z -o"$InstallPath" 2>>"$LOG_PATH")
    ret=$?
    echo "["$(date)"]check un7z return:$ret, $un7zresult">>"$LOG_PATH"
    wait
    echo "["$(date)"]un7z all finished">>"$LOG_PATH"
    if [[ $ret != 0 ]] ; then
        rm -rf "$InstallPath"
        return 3
    fi

    mv "$InstallPath/Frameworks/"* "$InstallPath/zoom.us.app/Contents/Frameworks">>"$LOG_PATH"
    mv "$InstallPath/zoom.us.app" "$1" >>"$LOG_PATH"
    if [[ $? != 0 ]] ; then
        rm -rf "$InstallPath"
        return 1
    fi

    if [[ "$APP_PATH" == "$GLOBAL_APP_PATH" ]] ; then
        chmod -R 775 "$APP_PATH"
        chown -R :admin "$APP_PATH"
    fi

    echo "["$(date)"]mv $InstallPath/zoom.us.app into $1">>"$LOG_PATH"

    rm -rf "$InstallPath"&
    return 0
}```
link
saagarjha 2268 days ago
This is just horrendous.
link
zndr 2268 days ago
ugly? Most definitely, offensive? Not really.
link
saagarjha 2268 days ago
Among other things, it offends me that this runs in a preinstall script.
link