Is it possible to obtain REGSAM value from a HKEY

evilrix
evilrix used Ask the Experts™
on
When opening or creating a key in the Windows Registry using the WIN32 C API it is possible to specify the REGSAM as one of the arguments. This details the access rights to the key, but can also be used to set the "view", be it 32 bit or 64 bit. This is achieved by passing either KEY_WOW64_64KEY or KEY_WOW64_32KEY.

My question is this: given just a HKEY, is it possible to identify the original REGSAM value that was used to open that key? The program I am writing needs to be able to make this distinction and whilst I could "cache" the original REGSAM, it would be smarter and cleaner if there was a way (using WIN32 C API) to get these details.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2016

Commented:
if i read the docs rightly you should be able to retrieve the needed info by

PACL pSacl = NULL;
PSECURITY_DESCRIPTOR pSec_desc = NULL;
dwRes = GetNamedSecurityInfo(
       "MACHINE\\SOFTWARE\\ABCD",
       SE_REGISTRY_KEY,
       DACL_SECURITY_INFORMATION,
       NULL,
       NULL,
       NULL,
       &pSacl,
       &pSec_desc);

Open in new window


the valid keywords for the root are "CLASSES_ROOT", "CURRENT_USER", "MACHINE", and "USERS".

on success the pSacl might point to an access list that contains the access rights for the given key.

Sara
evilrixSenior Software Engineer (Avast)

Author

Commented:
Sara, I'm really sorry. I've sort of moved past this issue (after not finding a solution) and I've just not had the time to take a look at your suggestion as it's no longer relevant to me. I probably should have closed this question if I'm being honest.

Anyway, if you're able to test this and confirm it works, I'm more than happy to take your word for it and mark it as the solution. Unfortunately, I just don't have the time right now.
Top Expert 2016

Commented:
Rix, no bother at all. I just was looking for a C or C++ question which wasn't fully answered and since I remembered (vaguely) that I already tried to get an answer to your question some decades ago (probably with little success), I made a new attempt.

I will see whether I find time to make the test and will report on success.

Sara

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial