tags:

views:

23

answers:

2
+1  Q: 

Sharing data between users with the Windows 7 registry

I have a program that was written on XP. What I've found out is that it doesn't work properly on Win7 because HLKM is no longer writable by non-admins.

Essentially, when you register the program, the licensing information is supposed to go into the registry. That information is valid for everyone on the computer, not just the one user, so I don't want to put it in HKCU. But any copy of the program needs to be able to edit that registry (even if it's a non-admin running it), because there are certain situations when it's going to go get updated license information from my web server (for example, if the registry data is lost or damaged, or if your current license is expired and it needs to see if we've applied an extension).

It's not horrible if it goes out to the web server for every unique user who starts up the program, but it causes some annoying issues, so I'd rather it continue to work the way it did in XP. Is there a way to store data in the registry and still have it shared under Win7, or am I going to have to start looking at storing an INI file on the drive?

A: 

Could you get the installer to make your particular area of the registry to be writeable by everyone? The installer will need to be run with elevated privileges anyway, I'd expect - so this would seem an ideal approach.

Will A  2010-07-29 18:45:01
This should work, but I wouldn't call it an ideal approach. It leaves the licensing information under HKLM vulnerable to changes by unpriviledged users. Ideally, you'd like to protect the licensing infomation just as strongly as the installed EXE and DLLs in your app. The approach suggested by Kate Gregory will accomplish that goal.
Stephen C. Steel  2010-07-29 19:58:27
Actually this would work well for one of the issues I'm dealing with. How does one tell the installer to make part of HKLM be user-writable?
Escher  2010-07-29 20:24:02
+1  A: 

Here is how I would architect it: your setup runs elevated and sets up the key. Then if their licensing gets corrupted or whatnot, you enable a button or menu item that has text like "fix license" or "update license". You put a shield on that button or menu item. When they click it, you launch a separate exe using ShellExecute. That exe has a manifest that requires elevation. It can then write to the protected area of the registry. The rest of the app can have a manifest with asInvoker.

If you want it to be completely invisible, either the whole app must always run elevated (annoying) or sometimes the app will just launch another exe that asks for elevation without warning - in which case the smart users will say no. A little less invisibility is a good thing imo.

Kate Gregory  2010-07-29 19:42:41
This is the best option, as it uses the UAC mechanism to keep your licensing information under HKLM as secure as the actual installed executables from changes by unpriveledged users (or rogue programs).
Stephen C. Steel  2010-07-29 19:50:30

related questions

C# Issue creating method to delete a registry key
How to create a windows registry watcher?
How to get server-side registry access from COM object instanciated by php?
Windows RegKey - Default Browser Application Path
registry script - can you assign a decimal value without the dword keyword
Error retrieving registry value with Powershell
regedit dialog not opening
how can I decode the REG_BINARY value HKLM\Software\Microsoft\Ole\DefaultLaunchPermission to see which users have permission?
Checking if Registry Value exists Visual C++ 2005
SecurityException when using Registry.LocalMachine.OpenSubKey
Creating a (ClickOnce) setup for VSTO Outlook Add-in
Accessing Windows Registry
How do I specify binary data in a COM RGS file
File association - modify shell's edit verb on Vista
Create a new windows registry key using c++
Writing string (REG_SZ) values to the registry in C++
What is the most effecient way to get fill a ComboBox with all the registered file types (not just extenstions)
Registry values in a different language
How can I get the value of a registry key from within a batch script?
Disable "Adjust Date/Time" in Vista Home Edition
Is there an HKEY_Current_User equivilent of HKey_Class_Root\Record ?
Using the EstimatedSize value inside a program uninstall key to correctly display the program size in the Add/Remove Programs list.
Is it possible to register an asynchronous pluggable protocol user specific registry?
Best way to read/set IE options?
HowTo: Parse the UninstallString reg entry