tags:

views:

104

answers:

1
Q: 

Registry - Create Key - Security

I'm considering creating a key under HKEY_LOCAL_MACHINE. I've read the MDSN and kind of understand what to do but am concerned about the Registry Security business. I want any user on the system to be able to access the key. Do I need to specify something in the LPSECURITY_ATTRIBUTES parameter of the RegCreateKeyEx call? If so what? Under the description of that parameter, there is a link to SECURITY_ATTRIBUTES where it says "This is not the same as granting access to everyone by assigning a NULL discretionary access control list (DACL)." But I can't find out exactly what that means. Can anyone help?

A: 

Do you want any user to be able to read the key, or to write it? By default any user will be able to read the key without any additional effort on your part. If you want to specify additional security attributes such as write access then you will need to specify the security attributes.

I found an article here entitled Creating a DACL. Use the code in there, or some variant, and then do something like this:

 SECURITY_ATTRIBUTES  sa;

 sa.nLength = sizeof(SECURITY_ATTRIBUTES);
 sa.bInheritHandle = FALSE;  

 // Call function to set the DACL. The DACL
 // is set in the SECURITY_ATTRIBUTES 
 // lpSecurityDescriptor member.
 if (!CreateMyDACL(&sa))
 {
     // Error encountered; generate message and exit.
     printf("Failed CreateMyDACL\n");
     exit(1);
 }

 RegCreateKeyEx(HKEY_LOCAL_MACHINE, subKey, 0, NULL, 0, KEY_ALL_ACCESS, &sa, &hKey, NULL);
1800 INFORMATION  2009-08-04 19:13:16
Ok, that's helpful. Could someone supply code to establish a world write when creating the key? Or point me at some similar example in the MDSN? I'm also curious as to what happens when a user removes some installed software; do any keys that software created get left behind as orphans?
Mike D  2009-08-05 00:40:00
Some more detail is supplied
1800 INFORMATION  2009-08-05 07:53:13
Generally creation and deletion of registry keys and configuration is left up to the installation and removal routines in the software. It does not happen automatically.
1800 INFORMATION  2009-08-05 07:54:03

related questions

Shut-down script on Windows to delete a registry key?
Looking for C# registry class
VB6 error : Error accessing the system registry
How to get runonce to run, without having to have an adminstrator login.
Adding a guideline to the editor in Visual Studio
How do you clear your MRU list in Visual Studio?
Windows wallpaper: not just BMPs?
Folder with Extension
read/write to Windows Registry using Java
Is there a Windows Registry "dictionary" that explains the whole (or most of) the Windows Registry?
Registry key that contains the folder for the local user's Programs folder on Vista
Save registry values in WinCE using a C# app
What registry access can you get without Administrator privleges?
Does having a registry full of old stuff slow down Windows?
How to print css applied background images with the winforms webbrowser control
Cannot create an environment variable in the registry
programmatically merge .reg file into win32 registry
How to read a value from the Windows registry
(IIS/Win2000Pro) Granting Registry read rights to IIS user?
Windows: List and Launch applications associated with an extension
Best Way To Determine If .NET 3.5 Is Installed
How to register COM from VS Setup project?
Registry vs. INI file for storing user configurable application settings
Is this a good way to determine OS Architecture?
Visual Studio Setup Project - Per User Registry Settings