Windows declares a zip file as dangerous

[Jochen Wiedmann <jo...@gmail.com>]

Hi,

I've got a zip file, which has been created by Ant's Zip task:

    <zip destfile="foo-dist.zip">
        <fileset dir="${dist.dir}" includes="myapp/**/*"/>
    </zip>

Now, when I transfer this file from my Windows 7 build host to the
test servers (Windows 7, or Windows 10) using basic Copy&Paste, and do
a right click on the file, I get a message

    "Opening these files might be harmful."

AFAICT, this is the same message, that I would get for opening a file,
which has been downloaded via browser.

Question: Can I suppress this somehow?

Thanks,

Jochen

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org

Re: Windows declares a zip file as dangerous

[Jochen Wiedmann <jo...@apache.org>]

On 2019/07/09 07:49:24, Stefan Bodewig <bo...@apache.org> wrote: 

> It most likely is not related to how the archive has been created and
> only related to how you have transferred the archive to the test servers
> - and what Windows knows about that process.

Thanks, Stefan, that sounds like a good hint. So far, I didn't bother to observe that, but I will do from now on.

Jochen


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org

Re: Windows declares a zip file as dangerous

[Stefan Bodewig <bo...@apache.org>]

On 2019-07-09, Jochen Wiedmann wrote:

> I've got a zip file, which has been created by Ant's Zip task:

>     <zip destfile="foo-dist.zip">
>         <fileset dir="${dist.dir}" includes="myapp/**/*"/>
>     </zip>

> Now, when I transfer this file from my Windows 7 build host to the
> test servers (Windows 7, or Windows 10) using basic Copy&Paste, and do
> a right click on the file, I get a message

>     "Opening these files might be harmful."

> AFAICT, this is the same message, that I would get for opening a file,
> which has been downloaded via browser.

It most likely is not related to how the archive has been created and
only related to how you have transferred the archive to the test servers
- and what Windows knows about that process.

When you transfer the file Windows (the Attachment Manager or something
named in a similar way IIRC) adds meta data to the archive marking it as
unsafe. Whether or not Windows does so depends on how much it trusts the
source of your archive. Anything that gets copied from the "trusted
zone" is usually fine, but it also depends on the installed policies.

You should be able to silence the warning individually by clicking
"unblock" in the archive's properties (reachable via the context menu in
windows explorer).

A broader solution is to add your build server to the trusted zone or
even add a policy that says something like "do not preserve the zone of
origin" - both will require windows admin rights on the test servers and
both actions should be weighed against security concerns, of course.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org

AW: Windows declares a zip file as dangerous

["Jan Matèrne (jhm)" <ap...@materne.de>]

It's more a Windows related question than an Ant one.
This message occurs with nearly every zip.

Solution seems to be registering your IPs as "secure".

https://superuser.com/questions/1231191/how-to-disable-zip-file-security-warning
https://superuser.com/questions/149056/disable-these-files-might-be-harmful-to-your-computer-warning


Jan

> -----Ursprüngliche Nachricht-----
> Von: Jochen Wiedmann [mailto:jochen.wiedmann@gmail.com]
> Gesendet: Dienstag, 9. Juli 2019 08:32
> An: dev@ant.apache.org
> Betreff: Windows declares a zip file as dangerous
> 
> Hi,
> 
> I've got a zip file, which has been created by Ant's Zip task:
> 
>     <zip destfile="foo-dist.zip">
>         <fileset dir="${dist.dir}" includes="myapp/**/*"/>
>     </zip>
> 
> Now, when I transfer this file from my Windows 7 build host to the test
> servers (Windows 7, or Windows 10) using basic Copy&Paste, and do a
> right click on the file, I get a message
> 
>     "Opening these files might be harmful."
> 
> AFAICT, this is the same message, that I would get for opening a file,
> which has been downloaded via browser.
> 
> Question: Can I suppress this somehow?
> 
> Thanks,
> 
> Jochen
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org For additional
> commands, e-mail: dev-help@ant.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org