Discussion:
RegOpenKeyEx failure
(too old to reply)
Polaris
2009-11-22 07:58:10 UTC
Permalink
Hi Experts:



I'm writing a console app which accesses and changes some values under
Windows registry: HKLM\System\CurrentControlSet\Enum and I'm the admin on
the machine (XP).



I have done the following steps but failed at step #4 with access denied
error.



1. Get the process handle with PROCESS_ALL_ACCESS; success.

2. Get the token handle with TOKEN_ALL_ACCESS; success.

3. Adjust token privilege to SE_TAKE_OWNERSHIP_NAME; success.

4. open the reg key "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum" using
RegOpenKeyEx with KEY_ALL_ACCESS (tried also WRITE_ONWER); but failed with
return code 5 (Access Denied).



If I manually change the permission for "EVERYONE" with full permissions
using RegEdit.exe, it worked fine. But this is not what I want. I like the
app to be able to programmatically do that through certain steps (hopefully
similar steps to what I have tried above).



Any pointer on the possible cause is appreciated.



Thanks in Advance.



Polaris
David Wilkinson
2009-11-22 12:34:04 UTC
Permalink
Post by Polaris
I'm writing a console app which accesses and changes some values under
Windows registry: HKLM\System\CurrentControlSet\Enum and I'm the admin on
the machine (XP).
I have done the following steps but failed at step #4 with access denied
error.
1. Get the process handle with PROCESS_ALL_ACCESS; success.
2. Get the token handle with TOKEN_ALL_ACCESS; success.
3. Adjust token privilege to SE_TAKE_OWNERSHIP_NAME; success.
4. open the reg key "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum" using
RegOpenKeyEx with KEY_ALL_ACCESS (tried also WRITE_ONWER); but failed with
return code 5 (Access Denied).
If I manually change the permission for "EVERYONE" with full permissions
using RegEdit.exe, it worked fine. But this is not what I want. I like the
app to be able to programmatically do that through certain steps (hopefully
similar steps to what I have tried above).
Any pointer on the possible cause is appreciated.
HKLM is not accessible to a non-elevated process under Vista or Windows 7.

If your application had no manifest, then writing would to HKLM would be
virtualized, so I assume that your application has the standard "AsInvoker"
manifest (as it should).

Really, your application should not be writing to HKLM. If you need occasional
access to HKLM is perform some specific task, you could instruct the user to
start the application as Administrator.
--
David Wilkinson
Visual C++ MVP
Alexander Grigoriev
2009-11-22 16:54:39 UTC
Permalink
The OP is running XP, as Administrator. Enum key can only be written by
LOCAL_SYSTEM account. Even though in XP one can take ownership, that would
be a kludge. Even worse, in Vista SP2/Windows 7, Enum key ownership cannot
even be taken by an admin (it's already owned by Administrators). This key
has a special token (owner permissions), which sets maximum owner
permissions. Traditionally, in Windows an object owner could open it with
any access requested, even if ACL specified lower permissions. This new
token changed that.
Post by David Wilkinson
Post by Polaris
I'm writing a console app which accesses and changes some values under
Windows registry: HKLM\System\CurrentControlSet\Enum and I'm the admin on
the machine (XP).
Really, your application should not be writing to HKLM. If you need
occasional access to HKLM is perform some specific task, you could
instruct the user to start the application as Administrator.
--
David Wilkinson
Visual C++ MVP
David Wilkinson
2009-11-23 14:34:20 UTC
Permalink
Post by Alexander Grigoriev
The OP is running XP, as Administrator. Enum key can only be written by
LOCAL_SYSTEM account. Even though in XP one can take ownership, that would
be a kludge. Even worse, in Vista SP2/Windows 7, Enum key ownership cannot
even be taken by an admin (it's already owned by Administrators). This key
has a special token (owner permissions), which sets maximum owner
permissions. Traditionally, in Windows an object owner could open it with
any access requested, even if ACL specified lower permissions. This new
token changed that.
Oops, yes. I missed the XP (and the particular reference to the Enum registry
key). In short, I did not read the question carefully...

I would still maintain, though, that an application has no business messing with
anything in HKLM. This was possible in XP because most users run as
administrator, but in Vista/Win7 it is not possible without elevation.
--
David Wilkinson
Visual C++ MVP
Pavel A.
2009-11-22 20:30:10 UTC
Permalink
MS has warned ever so often, not to fool with the enum key, because it holds
PnP database.
Eventually, their patience ended.

--pa
Post by Polaris
I'm writing a console app which accesses and changes some values under
Windows registry: HKLM\System\CurrentControlSet\Enum and I'm the admin on
the machine (XP).
I have done the following steps but failed at step #4 with access denied
error.
1. Get the process handle with PROCESS_ALL_ACCESS; success.
2. Get the token handle with TOKEN_ALL_ACCESS; success.
3. Adjust token privilege to SE_TAKE_OWNERSHIP_NAME; success.
4. open the reg key "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum"
using RegOpenKeyEx with KEY_ALL_ACCESS (tried also WRITE_ONWER); but
failed with return code 5 (Access Denied).
If I manually change the permission for "EVERYONE" with full permissions
using RegEdit.exe, it worked fine. But this is not what I want. I like the
app to be able to programmatically do that through certain steps
(hopefully similar steps to what I have tried above).
Any pointer on the possible cause is appreciated.
Thanks in Advance.
Polaris
Loading...