Wikipedia

Nullsoft Scriptable Install System: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Frau Holle (talk | contribs)
450 edits
External links: rm link that is now in a reference
Tag: Reverted
WikiCleanerBot (talk | contribs)
Bots
1,007,735 edits
m v2.05b - Bot T20 CW#61 - Fix errors for CW project (Reference before punctuation - Link equal to linktext)
Tags: WPCleaner Reverted
Line 5:
{{Short description|Software for creating installation programs}}
 
'''Nullsoft Scriptable Install System''' (NSIS) is a [[Software|software]] for creating [[Installation (computer programs)|installation programs]] for the [[Microsoft Windows|Windows]] operating system. It was originally developed by [[Nullsoft]], who used the installer for their media player [[Winamp]], among others. Today, NSIS is [[free software]] and is licensed under the [[zlib License|zlib/libpng License]].
The source code of NSIS and the downloads are offered through [[SourceForge]], where NSIS was awarded ''Project of the Month'' in January 2006. The installer is a popular open-source alternative to commercial installers like [[InstallShield]].{{sfn | Dey | 2021 | p=339}}
 
NSIS itself consists only of a [[Command-line interface|command-line]] compiler and a [[Graphical user interface|graphical user interface]] for the compiler, which aids in compiling and simplifies some settings. The installer includes [[LZMA]] compression, [[Plug-in (computing)|plug-in]] support, multilingual features.{{sfn | Dey | 2021 | p=339}}
Several other [[#third-party front-ends]] for NSIS are available.
 
Line 26:
== Functionality ==
An installer is based on a script, where each line is an instruction.
The script file is compiled into an [[Executable file|executable file]] containing all files (compressed) and the installation program (script commands) by the command-line compiler "makensis.exe", which can then be easily distributed. MakeNSISW is available as a graphical interface for makensis.
 
<syntaxhighlight lang="nsis">
Line 53:
== Security ==
Installers created with NSIS have security vulnerabilities when an outdated version is used.<ref>FullDisclosure: [http://seclists.org/fulldisclosure/2015/Dec/32 Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege]</ref><ref>FullDisclosure: [http://seclists.org/fulldisclosure/2015/Oct/109 Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE]</ref><ref>FullDisclosure: [http://seclists.org/fulldisclosure/2015/Dec/74 Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta)]</ref><ref>FullDisclosure: [http://seclists.org/fulldisclosure/2015/Dec/75 Executable installers are vulnerable^WEVIL (case 11): Nmap <7.01 and Nmap-WinPcap <4.13]</ref><ref>Gpg4win: [https://www.gpg4win.org/news-20151125.html Security Advisory Gpg4win 2015-11-25]</ref><ref>Intel: [https://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS102462 Intel Security – Security Bulletin: Security patch for several McAfee installers and uninstallers]</ref>
Possible security vulnerabilities were closed in versions 2.47,<ref>[http://nsis.sourceforge.net/Docs/AppendixF.html#v2.47 Appendix F: Changelog and Release Notes]</ref>, 2.50,<ref>[http://nsis.sourceforge.net/Docs/AppendixF.html#v2.50 Appendix F: Changelog and Release Notes]</ref>, and 2.51.<ref>[http://nsis.sourceforge.net/Docs/AppendixF.html#v2.51 Appendix F: Changelog and Release Notes]</ref>.
 
==Third-party front-ends==
Retrieved from "https://en.wikipedia.org/wiki/Nullsoft_Scriptable_Install_System"