winget command incorrectly resets permissions on the %TEMP%\winget folder #3322
Labels
Issue-Bug
It either shouldn't be doing this or needs an investigation.
Milestone
Brief description of your issue
Every time winget is downloading an installer package into %TEMP%\winget, it resets security descriptors on that folder to only include currently logged-on user and the SYSTEM account, and it disables inheritance of permissions from %TEMP%.
The issue is impacting non-admin users who need to elevate to a different account which has administrator permissions in order to install/upgrade software.
winget should just create the %TEMP%\winget directory with inherited permissions, assuming that they have been set properly on %TEMP% or above, and don't manipulate them.
Steps to reproduce
Expected behavior
winget doesn't modify the security of %TEMP%\winget folder, which would allow for seamless upgrade of packages requiring elevation to a different admin account.
Actual behavior
The admin user cannot access the %TEMP%\winget folder of the non-admin account because of the permission problem. Therefore software requiring elevation to install cannot access the installer file and fails to install.
Environment
The text was updated successfully, but these errors were encountered: