Solved

windows api, registry setting permissions

Posted on 2010-08-26
11
789 Views
Last Modified: 2012-05-10
I've been hounding google for ways to set permissions in the registry (xp based systems and above), and I have come across many solutions, many that are similar to the article here at EE (http://www.experts-exchange.com/Programming/Languages/CPP/Q_20485542.html).

However, this method does not seem to work for registry keys that have had all permissions removed, and set to a random owner (an owner other than administrators).
I have created a test key + subkey in my local registry and have tried the methods (and a combination of what I figured might work) but it really only works when my user has access explicitly granted in the permissions of that key.

Of course, my account on XP is administrator, so I dont see why there is a problem, but there is.

With my current setting (removed all users from the permissions list, made Guest the owner), GrantAccess fails, and so does TakeOwnership.

And yes, I've tried the microsoft article (which I've found so many references to, which the only one i have saved) - http://web.archive.org/web/20021021215311/http://msdn.microsoft.com/library/en-us/security/security/taking_object_ownership.asp

which also seems to fail in the manner mentioned above.


Would love to have some code snipit (no error checking if you write it yourself - lots of them have std::cout << bla bla or printf's, and if fails bail from further attempting the function)


Oh, one last part of the challenge; I'm trying to code this using good ol C and WinAPI calls (just like both of the urls displayed) and am compiling with MINGW (and will compile it with MINGWx64 after I get the 32bit code working).


My ultimate goal is to take ownership of the key, give it permissions for the current (administrative) user to access all, and to give it permissions from it's containing key.
From what I have discovered, there is no easy way to inherit permissions nor a quick dirty way to pass permissions to all child objects.
0
Comment
Question by:vanillasprinkles
  • 7
  • 4
11 Comments
 
LVL 40

Expert Comment

by:RQuadling
Comment Utility
http://technet.microsoft.com/en-us/library/cc786173(WS.10).aspx says ...

"You can take ownership of a registry key if you are logged on as an administrator or if you have been specifically assigned the permission to take ownership of the registry key by the current owner.".

Can you try manually?

Who is the current owner?

Can you log in as them?


1 - Picking a key (HKLM) at random.
2 - Right click and choose Permissions.
3 - See the Security tab with all the users.
4 - Do you see Administrators as a group?
5 - If not, can you add the local administrator's group and grant full control?
6 - Press the Advanced button.
7 - Select the Owner tab.
8 - Who is the current owner?
9 - What owners can you change the owner to?

I'm not sure if changing the owner on all subcontainers and objects is a good idea. Apps MAY check the owner to see if they have been buggered around with.
0
 
LVL 40

Accepted Solution

by:
RQuadling earned 500 total points
Comment Utility
http://support.microsoft.com/default.aspx?scid=kb;en-us;111546 says ...

To take ownership of a registry key it is necessary to have a handle to the key. A handle to the key can be obtained by opening the key with a registry API (application programming interface) such as RegOpenKeyEx(). If the user does not have access to the registry key, the open operation will fail and this will in turn prevent ownership being taken (because a handle to the key is required to change the key's security).

The solution to this problem is to first enable the TakeOwnership privilege and then to open the registry key with WRITE_OWNER access as shown below:

RegOpenKeyEx(HKEY_CLASSES_ROOT,"Testkey",0,WRITE_OWNER,&hKey);

                        
This function call will provide a handle to the registry, which can be used in the following call to take ownership:

RegSetKeySecurity(hKey,OWNER_SECURITY_INFORMATION, &SecurityDescriptor);

                        
Please note that you will need to initialize the security descriptor being passed to RegSetKeySecurity() and set the owner field to the new owner SID.

Taking ownership of a registry key is not a common operation. It is typically an operation that an administrator would use as a last resort to gain access to a registry key.
0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
Thanks for the reply and help - this has been very challenging;

Yes, I can set the owner and permissions manually; i'm using my Administrator (included with the unaltered user class in Administrators)
I've literally setup a test key:  HKEY_CURRENT_USER\Test\agaon
where "agaon", a nice smashage of fingers to my keyboard, is my key that i removed all permissions, and changed the owner to Guest, giving me no read access to any part of it.
Via regedit, i'm able to gain ownership to any user/group i want, and then add in permissions.. just don't have the concept down via C yet.

I have referenced the EE link above, and copied that and made it a header file, making the functions take parameters, but was unable to make it work; and i've referenced the EE link and made the MS code work for the registry, but it still fails via removing all permissions and setting the owner to guest as I have done.


I'm currently starting a test app/project to try to make this work, trying to integrate both page's codes the best i can..
so far i have coded:
allocated an SID for 'everyone' 'administrators' and 'current user' (current user using the code from the EE page)
Set read access for Everyone, and full control for both Administrators and CurUser
"set the owner in the object's security descriptor" (from the MS page)

then just now realized both pages reference a 'TakeOwnership' function, which I am fine with, but am wondering which model i should truly follow before i call RegOpenKeyEx( .... WRITE_OWNER .. )


I will continue with what i have before I post it, in case i have anything way out of order (which is what i think is going on but not quite too sure)

i'm also quite uncertain what this SetPrivilege command does, seeing as it's not an api call - i've found somebody's code that is supposed to get the job done, but not quite certain on it as i still dont have mine working as i want.

0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
ok, i'm stumped once again, is where i was last night even

current code tries to set "Everyone" as owner, [ and when setting Everyone as owner in the reg key, and removing all users from permissions list, it doesnt error on clicking the restricted key  - via regedit ]

here's my lousy attempt at this code, dunno where i'm going wrong at this
regPermission.cpp
setPriv.h
0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
just attempted another re-write from the MS page's Takeownership function.
(and found the non-cached page in one of my browser tabs: http://msdn.microsoft.com/en-us/library/aa379620(VS.85).aspx)

something must have went wrong as i see the difference between what i thought i copied in last night and what works this morning is enormous; lots of the same code in a different order...


0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 3

Author Closing Comment

by:vanillasprinkles
Comment Utility
code went well after finding the current MS example page on the subject and starting my code over from scratch.
0
 
LVL 40

Expert Comment

by:RQuadling
Comment Utility
Glad you got it sorted.

Could you post your code so others can learn from you?
0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
added in some header comments; the code works on both x86_32 and x86_64, although compiling in x64 i get many warnings (string operations are obsolete or some BS cuz i declare them as non-constants); windows - ruining the dynamics of programming


setPriv.h
0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
damni, i hit enter and it submitted it, take two:


setPriv.h
msTakeOwn.h
0
 
LVL 3

Author Comment

by:vanillasprinkles
Comment Utility
found 1 typeo:
replace: ea[2].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
with: ea[2].Trustee.TrusteeType = TRUSTEE_IS_USER;

funny it worked as group.. posted corrected file



can an admin clean up these posts?
=> merge and remove unnecessary threads of the last 2 and this i just created?
[an edit button would be nice too as i practice my typo's on a regular basis]
setPriv.h
msTakeOwn.h
0
 
LVL 40

Expert Comment

by:RQuadling
Comment Utility
Thanks for that. I am sure others will find it useful.

Well done on getting the solution.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A short article about problems I had with the new location API and permissions in Marshmallow
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
Video by: Grant
The goal of this video is to provide viewers with basic examples to understand and use for-loops in the C programming language.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now