evilrix
asked on
Is it possible to obtain REGSAM value from a HKEY
When opening or creating a key in the Windows Registry using the WIN32 C API it is possible to specify the REGSAM as one of the arguments. This details the access rights to the key, but can also be used to set the "view", be it 32 bit or 64 bit. This is achieved by passing either KEY_WOW64_64KEY or KEY_WOW64_32KEY.
My question is this: given just a HKEY, is it possible to identify the original REGSAM value that was used to open that key? The program I am writing needs to be able to make this distinction and whilst I could "cache" the original REGSAM, it would be smarter and cleaner if there was a way (using WIN32 C API) to get these details.
My question is this: given just a HKEY, is it possible to identify the original REGSAM value that was used to open that key? The program I am writing needs to be able to make this distinction and whilst I could "cache" the original REGSAM, it would be smarter and cleaner if there was a way (using WIN32 C API) to get these details.
ASKER
Sara, I'm really sorry. I've sort of moved past this issue (after not finding a solution) and I've just not had the time to take a look at your suggestion as it's no longer relevant to me. I probably should have closed this question if I'm being honest.
Anyway, if you're able to test this and confirm it works, I'm more than happy to take your word for it and mark it as the solution. Unfortunately, I just don't have the time right now.
Anyway, if you're able to test this and confirm it works, I'm more than happy to take your word for it and mark it as the solution. Unfortunately, I just don't have the time right now.
Rix, no bother at all. I just was looking for a C or C++ question which wasn't fully answered and since I remembered (vaguely) that I already tried to get an answer to your question some decades ago (probably with little success), I made a new attempt.
I will see whether I find time to make the test and will report on success.
Sara
I will see whether I find time to make the test and will report on success.
Sara
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Open in new window
the valid keywords for the root are "CLASSES_ROOT", "CURRENT_USER", "MACHINE", and "USERS".
on success the pSacl might point to an access list that contains the access rights for the given key.
Sara