FiveTech Software tech support forums

www.FiveTechSoft.com
https://forums.fivetechsupport.com/

Problems to read the windows registry with a Guest access

https://forums.fivetechsupport.com/viewtopic.php?f=3&t=2366

Page 1 of 1

Problems to read the windows registry with a Guest access

PostPosted: Fri Mar 24, 2006 8:53 am
by Marco Turco
Hi,
I want to read some hardware values from the windows registry using the tsysinfo class.

There are no problems when I access to the system as "Administrator" but it read nothing when I access as "Guest".

The strange is that as "Guest" I can read those informations without problems.

Any ideas ?

I made a self-contained sample that show the problem at www.softwarexp.co.uk/beta/sample.prg

Try to execute this app with an "Administrator" account and then on a "Guest" account. You will see that with the "Guest" account it return nothing.

Thanks in advance.

Regards,

Marco Turco

PostPosted: Fri Mar 24, 2006 11:19 am
by modicr
Hello!

TSysInfo is using TReg32 and there is a problem in
New() method:
Code: Select all  Expand view
   #ifdef __CLIPPER__
      ::nError = RegOpenKeyEx( nKey, cRegKey,, KEY_ALL_ACCESS, @nHandle )
   #else
      ::nError = RegOpenKeyExA( nKey, cRegKey,, KEY_ALL_ACCESS, @nHandle )
   #endif


As you can see, KEY_ALL_ACCESS is used, but you don't have such rights
when running guest or limited user. This class should be enhanced
to support KEY_READ:
http://www.deez.info/sengelha/blog/2006 ... a-changes/
Here is how to perform some common development tasks while working in a least-privileged environment:

    Need to read from a HKEY_LOCAL_MACHINE key in the registry? Use RegOpenKeyEx() (not RegOpenKey()) and request KEY_READ (not KEY_ALL_ACCESS) privileges.
    Need to save per-user data which will roam with the user (i.e. may be replicated to the network)? Get the path to the Application Data\ folder by either retrieving the value of the environment variable %APPDATA% or calling SHGetFolderPath() with the parameter CSIDL_APPDATA. The recommended directory in which to store files appears to be %APPDATA%\<Vendor>\<Product>\, e.g. %APPDATA%\Microsoft\Office\.
    Need to save per-user data which will not roam with the user (e.g. a web browser cache)? Call SHGetFolderPath() with the parameter CSIDL_LOCAL_APPDATA.
    Need to save per-machine data (e.g. machine-wide game high scores)? Use %ALLUSERSPROFILE% or SHGetFolderPath() with the parameter CSIDL_COMMON_APPDATA.
    Need a place to store a temporary file? Use %TEMP% or GetTempPath(). GetTempFileName() may also be useful.


Same useful links regarding LUA (and UAC):
Fixing "LUA bugs"
Security Tools for Windows applications
http://nonadmin.editme.com/KnownProblems
http://homepage.mac.com/corrp/windows/LUA/homesite.html

Regards, Roman

PostPosted: Fri Mar 24, 2006 11:38 am
by Antonio Linares
Roman,

Thanks for the info. This may seem the right code to use in source\classes\reg32.prg:
Code: Select all  Expand view
#define ERROR_SUCCESS 0

   ...

   #ifdef __CLIPPER__
      ::nError = RegOpenKeyEx( nKey, cRegKey,, KEY_ALL_ACCESS, @nHandle )
      if ::nError != ERROR_SUCCESS
         ::nError = RegOpenKeyEx( nKey, cRegKey,, KEY_READ, @nHandle )
      endif   
   #else
      ::nError = RegOpenKeyExA( nKey, cRegKey,, KEY_ALL_ACCESS, @nHandle )
      if ::nError != ERROR_SUCCESS
         ::nError = RegOpenKeyExA( nKey, cRegKey,, KEY_READ, @nHandle )
      endif   
   #endif

PostPosted: Fri Mar 24, 2006 12:50 pm
by Marco Turco
I confirm. It runs now !!

Thanks Roman and Antonio.

Best Regards,

Marco
All times are UTC
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/