pdfsam

pdfsam copied to clipboard

There are multiple DLL files under the userprofile that is not signed. When using a applocker policy it is normal to block unsigned dll files under nonprotected paths. prism_sw.dll and prism_d3d.dll is located under C:\Users%username%.openjfx\cache.. and is not signed.

Also when using Software restriction policies and adding these as hash exceptions, it causes issues with other software. It is probably windows bug, but makes apps incompatible nevertheless, and unsigned executables/scripts/dlls should not be placed in user writable locations anyway. Can these be moved to %programfiles% or somewhere else, or signed?

Those DLLs are from JavaFX, the UI framework used in PDFsam, and they are extracted and cached there by JavaFX. I don't know if we can maybe extract them, sign them and repackage but it seems a cumbersome solution. Using the solution proposed here https://github.com/torakiki/pdfsam/issues/535#issuecomment-1425671122 you can set the directory where those DLLs are stored, will this solve the issue with applocker/restrictions policies?

Changed installation from assigned application to script. To move cache requires installing software on one PC, running it once to create cache contents, which then have to be copied to share for deployment together with modified cfg file (added line java-options=-Djavafx.cachedir=$APPDIR\cache ) Then added startup powershell script that checks for cache contents and copies config/cache if necessary. Would still be nice, if cache/config file creation could be added to installer. pdfsam_postinstall.txt