tags:

views:

30

answers:

3
Q: 

Registry Entries for all users in Python

I wrote an application that stores several things in the registry. When I first started, I added them to HKEY_LOCAL_MACHINE, but kept getting permission errors writing to the. So, it was suggested that I use HKEY_CURRENT_USER, that worked until I realized that I am not able to access them from another account. How can I write to the registry but allow all accounts to access read and write to it?

I used the Python module _winreg.

A: 

You'll either need admin permissions to write to HKLM, or settle for non-global reg keys. Behavior is going to vary somewhat between different versions of windows.

Paul McMillan  2010-10-24 19:55:42
A: 

If you want to write to the registry so that all users can read it, you will need to run your program with administrator privileges.

You might be happier storing your information in a file instead, which will be easier to manage.

Ned Batchelder  2010-10-24 19:56:53
I would have if I thought about that, but the application is already written. 4 months of development and coding, went to test it on a second account and it couldn't read the data it needed!
Zachary Brown  2010-10-24 20:03:25
You may find that changing the settings storage is not as large a change as you think. Sounds like a good opportunity for a clean abstraction, then you can change the underlying implementation with little fuss.
Ned Batchelder  2010-10-24 20:09:44
The data that is stored in the registry is file modification times. These are used as a security precaution to make sure files aren't modified by anything but my software. Would it be possible to create and Admin profile and run the application under that profile? This way, the app has admin privileges, but doesn't require and admin password to e entered. The application would create the profile with a password, then just ranas that profile.
Zachary Brown  2010-10-24 20:18:49
+1  A: 

HKEY_LOCAL_MACHINE/Software/YourSoftware, needs Admin permissions and is for install-time data, or HKEY_CURRENT_USER/Software/YourSoftware, which is for data pertinent to this environment only (this user, this profile etc.)

EDIT: An alternative would be storing a config file and setting the right permissions at install time.

2nd EDIT: I've read in another comment that you want to be sure only your application modified some file, so you store the modification times. Workarounds:

  • encrypt the file-not-to-be-modified, best is with a user-generated key
  • make a service, install with a special user under which it runs, and make the permissions so, that only this service can access the file

My gut feeling says your requirement to modify a file only by your app, but under any account is very wrong but the more or less correct solutions have to impose additional complexity. Your decision: review your requirements and possibly your design, or add a layer of complexity and possibly cruft.

3rd EDIT: Split your app, have an admin application, which can with admin rights write to HKLM and set the settings. Normal user rights should suffice to read HKLM

knitti  2010-10-24 20:00:06
How do I get Admin permission for my program?
Zachary Brown  2010-10-24 20:03:46
How do you get it installed?
knitti  2010-10-24 20:15:39
My installation wizard downloads the files and extracts them to the appropriate place. I need the application to have admin privileges each time it launches.
Zachary Brown  2010-10-24 20:19:53
Then it can by definition only be used by admin users. Why do you need it?
knitti  2010-10-24 20:21:54
Why do I need admin rights? I need them because my application has to be able to access the registry entries in HKLM from every acount on the system. Currently it can't, thus it crashes.
Zachary Brown  2010-10-24 20:23:55
What are you trying to do? An "application" (not admin tool) should never need to be dependend on another account.
knitti  2010-10-24 20:25:39
The program is a parental control program for the web. It uses several registry entries to control settings, policies and stuff like that. Currently, those settings are under HKCU, but they are not accessible from another account, as the other account wasn't the user the settings were entered under. If they were put in HKLM, then I could access them from any account, but that requires admin rights.
Zachary Brown  2010-10-24 20:30:14
The 2nd Edit is what I would need! How would this be done?
Zachary Brown  2010-10-24 20:37:22
encryption or service which manages the access to the resource.
knitti  2010-10-24 20:38:56
But, what if the application just creates and account of it's own at installation, then runs everything under that account name?
Zachary Brown  2010-10-24 20:59:29
If you think about creating an admin account: bad idea. If not, I don't know if it would work, you would have to try (don't know whether `HKCU` of the other user would be there).
knitti  2010-10-24 21:01:40
I tried it. Didn't create an admin, but don't need an admin. I created a user for the application, but didn't add it to a group. All the entires stored in HKCU of the new account can be accessed by running the application as that user! Now, I still need some small admin right though, I need the application to launch at startup for all users. How would this be done?
Zachary Brown  2010-10-24 21:46:12
But, if the Installer is ran from an Admin account, then I wouldn't to request admin rights, I would have them, wouldn't I?
Zachary Brown  2010-10-24 22:00:33

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)