Nullsoft Scriptable Install System

from Wikipedia, the free encyclopedia
Nullsoft Scriptable Install System

Nullsoft Scriptable Install System icon.png
NSIS main menu and launcher
Script-controlled installation system for software on Windows systems
Basic data

developer Zero soft
Publishing year July 31, 2000
Current  version 3.05
(December 15, 2019)
operating system Windows , POSIX
programming language C ++ , C , Nullsoft Scriptable Install System , PHP
category Software engineering
License zlib / libpng license
German speaking Yes
nsis.sf.net

Nullsoft Scriptable Install System ( NSIS for short ) is software for creating installation programs for the Microsoft Windows operating system . It was originally developed by the company Nullsoft , who developed the installer and the like. a. used Winamp for their media player . Today NSIS is free software and is under the zlib / libpng license . The source of NSIS and the downloads are SourceForge offered where NSIS in January 2006. Project of the month was named.

The NSIS itself only has a command line - compiler and a graphical user interface for them, something which in compiling helps and facilitates some settings. However, several free IDEs are available for NSIS. The currently most extensive is probably EclipseNSIS, a plug-in for the cross-platform, also free Eclipse IDE .

When NSIS is used in software products, it is not possible to obtain a “Designed for Windows Vista” certification from Microsoft because NSIS is unable to generate the required Windows installer files.

Features (selection)

  • Very small overhead of around 34 KB
  • Compatible with all common Windows operating systems (Windows 95, 98, 2000, 2003, 2008, ME, NT, XP, Vista, 7, 8, 10)
  • Three different compression algorithms ( zlib , bzip2 and LZMA ), optionally with solid compression
  • 49 languages, including languages ​​that are written from right to left
  • Plug-in system for almost any expansion of the already extensive functions (e.g. there are plug-ins for array operations, extended mathematical functions or the control of Windows services and processes)
  • Compilation of the installer under Windows or a POSIX compatible system such as Linux or FreeBSD (currently only support for x86 platforms)
  • In addition to a "classic design", there is also a modern design that is very similar to proprietary installers.

Almost unlimited functions can be implemented in self-written installers via the script language and the plug-in interface. This includes the administration of system services, web-based installations, dynamic updates, repair and rollback functions.

functionality

An installer is based on a script, each line is an instruction. The script file is the command line - compiler "makensis.exe" to an executable file compiled (compressed) to all files and the installation program (script commands) contains can be and thus very easy spreading. MakeNSISW is available as a graphic surface for makensis.

 ; Beispiel-Skript
 Name "MeinBeispiel"
 OutFile "installer.exe"
 SetCompressor lzma
 InstallDir "$PROGRAMFILES\beispiel"
 InstallDirRegKey HKLM "SOFTWARE\beispiel" "installdir"
 LoadLanguageFile "${NSISDIR}\Contrib\Language files\German.nlf"
 Page directory
 Page instfiles
 Section
   SetOutPath $INSTDIR
   File "meinbeispiel.exe"
   WriteRegStr HKLM "SOFTWARE\beispiel" "installdir" "$INSTDIR"
   CreateShortCut "$DESKTOP\beispiel.lnk" "$OUTDIR\meinbeispiel.exe"
 SectionEnd
Specify target directory
Installation completed

The result of the script above is shown on the right. By using extensions such as the “Modern UI” (German: “modern user interface ”) or special plug-ins, visually appealing installation wizards can also be created.

Thanks to strong compression - algorithms and low overhead are possible very small installer, which NSIS is ideal for the distribution of programs via the Internet.

safety

Installers created with NSIS have security vulnerabilities if an outdated version is used. In versions 2.47, 2.50 and 2.51, possible security holes have been closed.

See also

Other installer programs:

Web links

Individual evidence

  1. ^ NSIS version history .
  2. a b c d www.openhub.net .
  3. FullDisclosure: Executable installers are vulnerable ^ WEVIL (case 2): NSIS allows remote code execution with escalation of privilege
  4. FullDisclosure: Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE
  5. FullDisclosure: Executable installers are vulnerable ^ WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta)
  6. FullDisclosure: Executable installers are vulnerable ^ WEVIL (case 11): Nmap <7.01 and Nmap-WinPcap <4.13
  7. Gpg4win: Security Advisory Gpg4win 2015-11-25
  8. Intel: Intel Security - Security Bulletin: Security patch for several McAfee installers and uninstallers
  9. Appendix F: Changelog and Release Notes
  10. Appendix F: Changelog and Release Notes
  11. Appendix F: Changelog and Release Notes