Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Win32API's RegCreateKeyEx with NT Security
Message
From
10/04/2000 09:15:32
Ed Rauh
Trumbull, Connecticut, United States
 
 
To
10/04/2000 08:58:22
Ben Sugden
Huddersfield, United Kingdom
General information
Forum:
Visual FoxPro
Category:
Windows API functions
Title:
Re: Win32API's RegCreateKeyEx with NT Security
Miscellaneous
Thread ID:
00356821
Message ID:
00357489
Views:
15
>Hi Ed,
>
>Thanks for your continued assistance.
>
>If the machine is rebooted and a different user logs in the new user cannot read that key (through Regedit or my class). If the original user logs in again they can read the key and anything under it.
>
>If the Original user logs into a different machine, the key does not appear on that machine as you suggest may be the case.
>
>It looks to me as if the key created under HKEY_LOCAL_MACHINE has been created specific to one user and one user only.
>
>I am looking at building a my own SECURITY_DESCRIPTOR through fox and working around that way. Do you have any advice on my situation, have you yourself come across difficulties with fox's registry manipulation under Windows NT? What are Roaming Registry Keys?
>

Roaming hives are segments of a registry that attach during the process of login and authentication based on the userid - it's an explicit decision made by the network administrator that permits all or part of a registry to follow a user. Typically, it's just a segment of HKEY_USERS, but it can be rooted off HKEY_LOCAL_MACHINE as well.

I'd seriously look at your code and make certain that the key is off of HKEY_LOCAL_MACHINE, and not HKEY_CURRENT_USER, which would exhibit precisely the behavior you've described without getting into a very bizarre scenario.

If your thought is correct, then logging into the system with any Admin id rather than the original user would reveal the key and subkeys, since an account with local admin privileges would have full registry access. Your best bet at that point would be to inestigate security issues; I'd be more inclined to bet you wrote to the wrong hive to start with.

The issues have nothing to do with VFP - the underlying work is done by calling the API, and the base API calls work pretty consistently. I use my own registry functions simply because I developed them on my own - the registry FFC class in VFP 6 is fine (except that it only works with a limited set of registry datatypes, but most people don't care about not having easy access to BLOB structures in the registry IAC) as are the various registry classes downloadable from here on UT.

>Many thanks for the assitance you have provided.
>
>Ben
EMail: EdR@edrauh.com
"See, the sun is going down..."
"No, the horizon is moving up!"
- Firesign Theater

NT and Win2K FAQ .. cWashington WSH/ADSI/WMI site
MS WSH site ........... WSH FAQ Site
Wrox Press .............. Win32 Scripting Journal
eSolutions Services, LLC

The Surgeon General has determined that prolonged exposure to the Windows Script Host may be addictive to laboratory mice and codemonkeys
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform