The installation of software , the process in which new programs or new versions of programs on an existing computer copied and thereby possibly configured. This process is usually implemented by installation programs. In addition, this process is especially under the operating system Windows and Setup (English for construction or configuration ) called. Based on this, the installation is also referred to as "putting on".
Successful installation is a prerequisite for the functioning of many computer programs. The more complex the program is, that is to say, among other things, the more individual files (or even file changes) in the more different locations a program consists of, the greater the risk that an error will occur during installation. If the installation fails even partially, the program often cannot be used. Therefore, especially with extensive programs, the development of a reliable installation process is an essential part of software development - also in terms of effort.
The term deinstallation describes the reverse process, i.e. the removal of software.
With the advent of the Internet and faster network connections, new techniques for distributing, installing, and updating programs have emerged.
- For Windows: Hotfixes and Service Packs : Only certain parts of the product are updated. Requires an existing installation. Update packages based on Windows Installer technology and updates for Windows itself can usually also be integrated into the installation files, which is known as slipstreaming .
- Incremental installation: Periodically or when the user calls it up, the program uses a central source (for example a list stored on the Internet) to check whether the installed version is up-to-date. If the version is out of date and can be updated, the program usually asks the user and then downloads the files that need to be updated.
- Automatic update / replication : Each time the program is started, it is checked whether the installed version is up-to-date. If updates are available, they may be downloaded and installed automatically without asking the user. This procedure only works if you have reliable and fast network connections.
- Server installation: The program is no longer installed on the user's computer (“client”), but is stored centrally on a server. When the program is started from the client (link), it is loaded into the client's main memory via the network.
- Server application: The application is no longer installed on the user's computer (“client”), but instead is installed and executed on the server. Examples are Windows Terminal Services , web applications (better HTTP applications), report generators and backup office products.
- Unattended installation or silent installation : The installation takes place without user intervention. The required settings are specified beforehand in a script and saved or transferred as parameters. This makes it possible to automate processes that are often repeated.
- Virus , agent , spyware , dialer ...: the manufacturers of unwanted programs also make use of the possibilities described above. Often this software comes as part of, for example, shareware. Once on the system, such programs download additional components from the Internet. It is only necessary to get an entry point - afterwards any number of additional components of the malware can be installed (step by step) without the user even noticing. This method is so successful that manufacturers of reputable products are starting to use these techniques, for example for inventory software or virus scanners. First, a minimal “agent” is installed, which then uses replication. However, the initial distribution is started by a responsible person at the customer and not, as with viruses, against the will of the user.
In recent years ever more powerful standards and techniques have been developed to simplify and standardize the installation process. For example, the following basic methods can be used for a program installation:
- The program is installed anywhere with a simple copy process. This method is simple and intuitive and the preferred one for example on macOS . One risk is that, for example, old versions of the same program can go unnoticed in other places. If other files are required besides the program file, this method is not suitable.
- As before, but the program automatically installs missing files in the designated locations the first time it is started.
- The program is not supplied as such, only an installation program is supplied with which the actual program is then installed.
- The program is delivered as a package. This is generally an archive, i.e. a file that contains all the necessary files and (de) installation routines. Executing the archive starts an installation program that is part of the operating system. Under Mac OS X, these are files of the type .pkg or .mpkg , which are opened using the system's own installation program. Under Debian and other Linux distributions, programs are downloaded as .deb archives with the Advanced Packaging Tool (APT for short) from a central server and then installed.
So-called bootstrapping is necessary if the installation is to be carried out by a package manager or installer already installed on the system or integrated into the operating system. In this case it can happen that it has to be updated to a new version before the actual installation . For this purpose, a small program (usually called Setup.exe) is started, which carries out the upgrade for the installer or package manager and then starts the actual installation. This program is called a bootstrapper.
Before the actual installation (copying, registering), many installation programs check whether the new application to be installed is suitable for the system at all. The hardware equipment is checked, the version of the operating system and the other already installed program components. As part of the test, it is determined which files, libraries, components (see below) and configuration data are required.
Furthermore, the "integrity" of the installation files should be checked, that is, it should be ensured that the files or the archive are not damaged (for example using a checksum).
Modern programs often consist of a large number of different files:
- Main application
- Data files , for example database, XML documents, templates
- Online help
- Configuration files
Generally these are copied to a (new) directory on the computer. Sometimes, however, some of the files also have to be copied into general directories or directories of the operating system.
Furthermore, it is usually useful or even necessary to remove old versions of the program beforehand - this is called deinstallation .
Libraries and Components
Libraries and components are software modules used by several programs. They may have to be installed during installation. Older versions that were previously installed by other applications or the operating system are often replaced. They must be registered with the system, i.e. made known in a manner defined by the system. This is a critical point, especially with Windows programs.
Registration with the operating system
A main difference between simply copying an application and an installation is whether the operating system can make calls or registrations. In contrast to libraries and components , this point is used to make the application known to the operating system. This applies in particular to operating systems with graphical interfaces. Simply placing an icon on the desktop or enabling a start with a key combination is such a registration. In most cases, the registry is also used to display, uninstall, change or update the installed applications in a user-friendly way (via operating system controls).
Under Windows this is possible via the control panel, from Windows 8 this point was called "Programs and Features", from Windows 10 "Apps and Features", in Windows 7 this point was called "Software". In Windows-specific installation programs such as MSI and experts, this area is also known as ARP , as the original English name was "Add / Remove Programs".
Sometimes the installation program also carries out an initial configuration of the installed program. To do this, it checks the system or asks the user about the necessary settings, for example the type and speed of the network connection. A distinction must be made between user-specific and computer-specific settings: The former only affect the currently logged on user, while the latter affect all users of the system.
Completion of the installation
Particularly when libraries have been replaced, the system may have to be restarted completely or in part (e.g. the printer service) in order for the changes to take effect. The cause is usually that the affected files, services and logs are already in use at the time of installation and therefore cannot be updated immediately. If this situation occurs, the following solutions are possible:
- If the file to be updated can be replaced without the change taking effect, it is sufficient to restart the service (e.g. the graphical user interface or the print service) or the system so that the new file is used the next time it is started.
- If the file cannot or must not be exchanged during operation, the operating system stores a list with the remaining actions and executes them the next time the system is restarted. At this point the libraries are not yet in use and can be exchanged. This is often the case, especially with hardware drivers that form the interface between the operating system and hardware.
An installation program, also known colloquially as an installer , is a program that carries out an installation. There are three forms:
- Programs such as the Windows Installer install the software contained in a separate installation package.
- Software intended for download is often distributed in the form of an installer that contains both the installation program and the distributed software (see self-extracting archive )
- In the case of software on CD-ROM / DVD-ROM , the installation program and software are usually separate.
A currently very popular format for Windows is the MSI installation package, which is installed by the Windows Installer . Company-made tools to make installers for Windows include: B. InstallShield , SetupBuilder , Wise , ScriptLogic (previously MaSaI Solutions ), InstallAware , the multiplatform tool InstallBuilder from BitRock (free for open source programs) and OnDemand . Most of these tools can generate both MSI packages and regular standalone installers in the form of an executable file. For eComStation there is the program WarpIn for the same purpose.
Many programs can also be installed without the installation program by simply copying the files. The prerequisite for this is that neither registry entries have to be created nor more extensive changes have to be made to the system. In addition, links or entries in the start menu must be created manually.
- RPM , a general package management system for Linux that is used by SuSE Linux , Red Hat and Mandriva Linux , among others
- Ports , package management from BSD , Gentoo Linux uses a similar system called Portage, which on so-called ebuilds based
- Advanced Packaging Tool (APT), the package management of Debian and Ubuntu
- Windows Installer , an installation system from Microsoft whose installation files are based on MSI databases. The installer collects the actions to be carried out and changes to the system in tables and provides advanced functions such as adapting installations, patch management for new versions and a rollback in the event of a failed installation.
- Installer (Mac OS X) “Installer”: Standard Mac OS X installation program, part of the operating system.
- InstallShield , one of the most widely used installers for Windows systems
- InstallForge , free installation system with simple operation for Windows
- Inno Setup , free installation system for Windows
- Nullsoft Scriptable Install System , a free , widely used Windows tool for creating installation programs, which has a simple but powerful script language and itself requires little effort.
- InstallerFramework , a library for setups based on the .Net Framework.
- WarpIn for OS / 2 and eComStation
- With the Package Launcher , software packages in Windows systems with any installation source type (MSIs, MSPs, MSUs, App-V, Legacy Setups, Scripts) can be created automatically and transferred to the software distribution infrastructure for software distribution.
Uninstall and update capability
Even the installation of a program has to provide for deinstallation and update capability, to put it simply, that it can be deinstalled again (easily and reliably), that other applications or the system stability are not negatively influenced by deinstallation. Depending on the operating system, the repairability of the application must also be guaranteed, for example with Windows.
An installation must be stable, that is, it must be reliable and feasible without errors or difficulties.
With current operating systems ( Linux , Windows , macOS ), administrative permissions are often required to install software . A normal user is not authorized to carry out installations because of the high risk.
Executable installation programs that were created (for example) with Inno Setup , Nullsoft Scriptable Install System , WiX Toolset etc., as well as self-extracting archives that were created (for example) by 7-Zip , IExpress , WinRAR , WinZip etc. are in particular if they are executed in directories that can be written by normal users, such as the Downloads or Temp folder, they are prone to DLL hijacking .
Powerful installation tools also allow one or more installations to be undone (so-called transaction-based rollback ). Sometimes it is also possible to reset a system to the status at a specific point in time. This is important on productive servers if several jointly installed patches have caused the machine to malfunction.
- General: Errors can occur because assumptions made by the developer of the installation process are incorrect. If possible, the developer should not have to make any assumptions.
- damaged files
- missing files
- insufficient permissions / rights
- Undefined system status after aborting the installation
- dirty uninstall
- Installation deletes or manipulates files that are also important for other applications
- Windows DLL conflict
Questions to be clarified
- Are the installation files to be protected against unauthorized access?
- Is the installation initiated by an administrator or by the user himself?
- How should program updates be distributed? (automatically / only by the system administrator / by the user)
- Can the administrator adjust the installation routine afterwards?
- How is the installation logged locally and / or centrally?
- How can the installation status of an application be checked across the network?
- Which rights / authorizations are necessary to carry out the installation?
- Is there a need for signed installation files, for example to check the authenticity of the files (avoiding “fake” applications, for example to smuggle in viruses)?
- It should be simple (XCOPY Deployment = copy the program to the computer and it runs)
- It is not intended to have any side effects on other programs
- Updates and bug fixes should be easy to install and as automatically as possible.
- Package launcher
- Carpet Bombing and Directory Poisoning
- ACROS Security Blog: Downloads Folder: A Binary Planting Minefield
- DLL Hijacking Against Installers In Browser Download Folders for Phish and Profit
- Defense in depth - the Microsoft way (part 10)
- Defense in depth - the Microsoft way (part 11): privilege escalation for dummies
- Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers
- Almost no resp. only some mitigation (s) for "DLL hijacking" via load-time dependencies
- SCANNOW DLL Hijacking Vulnerability and SearchOrder deprecation