tags:

views:

177

answers:

2
Q: 

RegSaveKeyEx Requires Elevation?

I have code that uses Win API function RegSaveKeyEx to save registry entries to a file. However, RegSaveKeyEx returns ERROR_PRIVILEGE_NOT_HELD when run on Win Vista or Win 7. The code enables security privilege SE_BACKUP_NAME using code Microsoft provides in example function SetPrivilege.

Everything works fine on Win XP (admin user) or if I disable UAC on Win Vista or Win 7. Is it not possible to use RegSaveKeyEx on Vista without elevating the process?

+1  A: 

Standard users do not have SE_BACKUP_NAME privilege, so no, RegSaveKeyEx will not work on Vista without elevation.

Backup is one of the very "dangerous" privileges - it enables you to basically read anything on disk regardless of ACL's.

Michael  2009-07-06 18:47:54
A: 

You could give permission the specific user (or group) by going to the following ...

Control Panel->
  Administrative Tools->
    Local Security Policy->
      Local Policies->
        User Rights Assignment-> Back up files and directories (SE_BACKUP_NAME)

... and adding the user (or group) you want. Or you could add the users to Backup Operators.

But, you should be cautious here. See great comment below by Michael.

JP Alioto  2009-07-06 18:52:13
I'd be very cautious granting users backup privilege - it allows them to bypass ACL's for all file read operations. This would mean an unprivileged user would be able to read anything on disk - even cached password data.
Michael  2009-07-06 19:01:21

related questions

Shut-down script on Windows to delete a registry key?
Looking for C# registry class
VB6 error : Error accessing the system registry
How to get runonce to run, without having to have an adminstrator login.
Adding a guideline to the editor in Visual Studio
How do you clear your MRU list in Visual Studio?
Windows wallpaper: not just BMPs?
Folder with Extension
read/write to Windows Registry using Java
Is there a Windows Registry "dictionary" that explains the whole (or most of) the Windows Registry?
Registry key that contains the folder for the local user's Programs folder on Vista
Save registry values in WinCE using a C# app
What registry access can you get without Administrator privleges?
Does having a registry full of old stuff slow down Windows?
How to print css applied background images with the winforms webbrowser control
Cannot create an environment variable in the registry
programmatically merge .reg file into win32 registry
How to read a value from the Windows registry
(IIS/Win2000Pro) Granting Registry read rights to IIS user?
Windows: List and Launch applications associated with an extension
Best Way To Determine If .NET 3.5 Is Installed
How to register COM from VS Setup project?
Registry vs. INI file for storing user configurable application settings
Is this a good way to determine OS Architecture?
Visual Studio Setup Project - Per User Registry Settings