[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 620
  • Last Modified:

KEY_ENUMERATE_SUB_KEYS

Using VB6 and Registry APIs:

Some Registry APIs use an access mask (parameter) that specifies the desired access rights to the key, like KEY_ENUMERATE_SUB_KEYS, meaning "Permission to enumerate subkeys", for instance.

But permission for who? For everybody?
If such a permission is not given when my app creates a key, what does this really mean?
0
campinas
Asked:
campinas
1 Solution
 
sokolovskyCommented:
When you call the RegOpenKeyEx function, the system checks the requested access rights against the key's security descriptor. If the user does not have the correct access to the registry key, the open operation fails. If an administrator needs access to the key, the solution is to enable the SE_TAKE_OWNERSHIP_NAME privilege and open the registry key with WRITE_OWNER access.

Example:
To test if the current user has deletion rights on all the keys to be deleted, you must traverse, enumerate, and open all subkeys with DELETE privilege requested:    
RegOpenKeyEx(hStartKey,pKeyName, 0, KEY_ENUMERATE_SUB_KEYS | DELETE, &hKey ))

0
 
campinasAuthor Commented:
Thank you so much!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now