Solved

Modifying Registry Security

Posted on 1997-08-07
7
294 Views
Last Modified: 2012-06-21
I am writing an app in vc 5.0 which will update a NT 4.0 registry key. The registry key has Administrator as the owner, SYSTEM has FULL CONTROL and everyone has READ access.  
I looked at RegSetSecurityKey but could not figure out how to get ownership privilege to update the key. This application will be run by Administrator. Please elaborate your answer.
0
Comment
Question by:mnyeu
  • 4
  • 3
7 Comments
 

Author Comment

by:mnyeu
ID: 1166965
Edited text of question
0
 

Author Comment

by:mnyeu
ID: 1166966
Adjusted points to 200
0
 

Expert Comment

by:craven080297
ID: 1166967
Hello,
first you have to be conscious that you need at least a "sight" on the registry key, in order to get its handle, using, as usual the RegOpenKeyEx(YOUR_ROOT, "Key Name", 0, WRITE_OWNER, &hKey) command. This will return handle in hKey.
You then have to call RegSetSecurityKey(hKey, OWNER_SECURITY_INFORMATION, &Descript). Descript is a PSECURITY_DESCRIPTOR object, initialized via InitializeSecurityDescriptor() and SetSecurityDescriptorOwner().
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:mnyeu
ID: 1166968
Well, I have tried that before.  The problem was I could not open the key with WRITE_OWNER options although I have administrative privilege. That is core of the problem. It is a reg key to which SYSTEM has FULL CONTROL and EVERYONE have READ access. The question is how to open it with WRITE_OWNER option? If you can
anwser this question, you get the points.
0
 

Expert Comment

by:craven080297
ID: 1166969
Wel, I have a few ideas, such as SetSecurityDescriptorDacl() and ~Owner(), after having called AdjustTokenPrivileges() using SE_PRIVILEGE_ENABLED and so on, halas I do not manage to get denied access on any element of my own registry :-S
If you see what I mean just try it, it should allow you to get WRITE_OWNER even if not allowed. It seems AdjustTokenPrivileges() should do the job...
0
 

Accepted Solution

by:
craven080297 earned 200 total points
ID: 1166970
Er, let me add this: correct syntax for AdjustTokenPrivileges() sould be:
AdjustTokenPrivileges(tokHandle, FALSE, &tokPriv, sizeof( tokPriv ), NULL, NULL );
Getting topPriv value:
LookupPrivilegeValue( NULL, "SeTakeOwnershipPrivilege", &ownValue); then filling in TOKEN_PRIVILEGES struct called topPriv.
0
 

Author Comment

by:mnyeu
ID: 1166971
I have found out that even if you can open a registry with WRITE_OWNER privilege, you can not modify it.  You need to have KEY_WRITE access, and I could not find out how.  However, I have promised to give you full point for WRITE_OWNER privilege. So you have it. Thanks anyway.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AVI wait icons for CAnimateCtrl in Visual Studio 2008 MFC 1 151
c++ reading data from file into two dimensional array 3 117
Issues with C++ Class 19 101
No module found pypyodbc, 3 32
In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
  Included as part of the C++ Standard Template Library (STL) is a collection of generic containers. Each of these containers serves a different purpose and has different pros and cons. It is often difficult to decide which container to use and …
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question