Grafana Agent for Windows has some irritating .exe newbie compilation properties missing.
It’s missing Exe properties on the file.
Normal proper compilation of executables for Windows should contain properties like:
- File Description
- Product name
- Product version
- Fileversion
- Date Modified
When you compile files as excutables you also normally sign your .exe with a Code Signing Certificate from a known Public CA.
Running unsigned code(exe) as services in windows is considered bad security.
Why?
-
Inventory and deployment solutions need product data when you need to replace deployments with a newer version.
-
When as a deployment administrator I wan’t to upgrade the agent it’s difficult to target the correct Windows hosts with the new version.
-
Antivirus and high security servers will sometimes block unsigned code by default with out having whitelisted the app beforehand.
-
Running new build of the Grafana Agent will be blocked on all servers until MS-defender has at least 1000 reported “OKs” from their uplevel cloud antivirus protection solutions.
As an administrator who have to update 400-800 servers with the Agent it’s nice to know what versions of the services that’s deployed in our company.
Please fix this in upcoming versions.
VidarT