cdickerson
asked on
Registry Security
What security issues are involved with writing to the registry in an app (on NT4)? My RegCreateKey call fails when a user without administrative rights runs my app. I'm sure I need to do something with a security descriptor object, but I'd appreciate if someone could point me in the right direction.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The above code adds an 'access allowed ACE' for a certain group to the security descriptor of a registry, causing this group to be able to access the key.
I assumed that your 'runtime-created' keys were created by a process running under the 'admin' account, thus setting the default 'admin' access rights on these keys...
I assumed that your 'runtime-created' keys were created by a process running under the 'admin' account, thus setting the default 'admin' access rights on these keys...
ASKER
Ok, perhaps I'm going about this wrong. With each run of the application, I create a key (in case it wasn't there), and write to it.
Should I instead create that key with the install program (running under admin), and at *that* time grant the current user permission to write to it (which is what your code is doing)??
Should I instead create that key with the install program (running under admin), and at *that* time grant the current user permission to write to it (which is what your code is doing)??
>>and at *that* time grant the current user permission to
>>write to it
That's the idea - however, you could change the access rights later, also, but the program changing the rights must have access to these keys (i.e. run under the admin account also)
An alternative would be to use 'RegCreateKeyEx()' supplying an appropriate 'SECURITY_ATTRIBUTES' struct, e.g.
SECURITY_ATTRIBUTES sa;
PSID psidWorldSid; // a SID representing "everyone"
SID_IDENTIFIER_AUTHORITY siaWorldSidAuthority = SECURITY_WORLD_SID_AUTHORI TY;
psidWorldSid = (PSID) LocalAlloc(LPTR, GetSidLengthRequired(1));
InitializeSid(psidWorldSid , &siaWorldSidAuthority, 1);
*(GetSidSubAuthority(psidW orldSid, 0)) = SECURITY_WORLD_RID;
SECURITY_DESCRIPTOR sd;
if ( !InitializeSecurit yDescripto r ( &s d, SECU RITY_DESCR IPTOR_REVI SION)
)
{
// error
}
// here I set the _group_ to 'world', but you could also use
// 'owner'...
if ( !SetSecurityDescri ptorGroup ( &sd, psidWorldSid, TRUE)
)
{
// error
}
sa.nLength = sizeof ( SECURITY_ATTRIBUTES );
sa.lpSecurityDescriptor = & sd;
sa.bInheritHandle = FALSE;
>>write to it
That's the idea - however, you could change the access rights later, also, but the program changing the rights must have access to these keys (i.e. run under the admin account also)
An alternative would be to use 'RegCreateKeyEx()' supplying an appropriate 'SECURITY_ATTRIBUTES' struct, e.g.
SECURITY_ATTRIBUTES sa;
PSID psidWorldSid; // a SID representing "everyone"
SID_IDENTIFIER_AUTHORITY siaWorldSidAuthority = SECURITY_WORLD_SID_AUTHORI
psidWorldSid = (PSID) LocalAlloc(LPTR, GetSidLengthRequired(1));
InitializeSid(psidWorldSid
*(GetSidSubAuthority(psidW
SECURITY_DESCRIPTOR
if ( !InitializeSecurit
)
{
// error
}
// here I set the _group_ to 'world', but you could also use
// 'owner'...
if ( !SetSecurityDescri
)
{
// error
}
sa.nLength = sizeof ( SECURITY_ATTRIBUTES );
sa.lpSecurityDescriptor = & sd;
sa.bInheritHandle = FALSE;
ASKER
Thanks a lot.
ASKER
Also, I'm not sure I understand what you mean by "When these keys were created by an admin, only members of the admin group are allowed to access them". The key is created at run-time.
Thanks for your response.