Geek Answers Handbook

HKLM registry flaw

My application updates some registry fields related to licensing in HKLM. This is to access information for all users in the system. This forces us to run our application as an administrator. Is there another place in the registry where I can store information accessible to all users?

+4
source share
4 answers

No no. If you need to make changes that will affect / be visible to all users, you will have to deal with UAC or raise the application at startup. This is part of the UAC design. If, however, you were supposed to write to a file, you could give all users access to this file without UAC interference.

If, however, you are only reading the registry, you can do this without raising your security rights. Therefore, if you write the registry once and then just read it later, you can only do this when you increase your privileges once.

Here's an article on how to play well with UAC:

http://msdn.microsoft.com/en-us/magazine/cc163486.aspx

+2
source

The HKLM registry and the% ALLUSERSPROFILE% folder are accessible to all users, but are intended to be written during installation (as an administrator).

The HKCU registry and the% APPDATA% folder are accessible to the current user and are intended for writing at any time.

Why do you change licensing information (shared by all users) during startup, and not just during installation?

+3
source

You can place an XML document (for example) on the file system in a shared folder, and not in the registry.

eg. System.Environment.SpecialFolder.CommonDocuments or CommonApplicationData .

+3
source

I would make your installer recreate registry entries (it usually works as an administrator) and open its permissions using GetSecurityInfo and SetSecurityInfo. Then your application can write for them without any special transitions.

+1
source

More articles:


All Articles