Application-installation registry nightmares
From: David White (will@not.give.email)Date: 04/11/02
- Next message: Don Kelloway: "Re: Blocking internet access"
- Previous message: Bruce Chambers: "Re: Trojan defense soft"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David White" <will@not.give.email> Date: Thu, 11 Apr 2002 12:03:53 +1000
I need to write an installer to install an application on Windows NT, 2000
or XP. The application was originallly written for Win 95. It reads and
writes the registry quite a bit, but always within LOCAL_MACHINE. Under NT,
it cannot write to the registry without admin rights, so I need to do
something about it. There are two ways, one good, the other horrible:
1. Fix up the application to use CURRENT_USERS, where appropriate, instead
of LOCAL_MACHINE. The problem I'm having is: how does the installer set up
the registry so that all the default registry keys and values will be there
when any user runs the application for the first time? I've tried putting
everything under USERS\.DEFAULT. This works under Win 98, but under NT it
only works for users that are added after the software is installed. It
doesn't work for _existing_ users that log in and want to use the software.
It has to work for everyone, old or new, who might log in and want to use
the application.
2. Leave everything in LOCAL_MACHINE and get the installer to change the
registry permissions for the application's root key so that even the
lowliest user has read/write permission. Yes, it's horrible, but might be
needed as a quick fix until I can do it properly. I've tried to find out how
to do this in C++, but things are happening that I don't understand. After
InstallShield adds all the registry info, I've tried this (with all but the
bare minimum code removed):
SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE);
lRetCode = RegSetKeySecurity(
hKey,
(SECURITY_INFORMATION)DACL_SECURITY_INFORMATION,
&sd);
This replaces all of the key's existing permissions with Everyone. But the
root key's subkeys do not inherit the permissions. I have no idea, in C++,
how to get the subkeys to inherit permissions. Also, I'd rather _add_
Everyone, not replace the default permissions with it. To do that I tried
this:
DWORD size = 1; char data; // start by just finding out the size needed
lRetCode = RegGetKeySecurity(hKey, DACL_SECURITY_INFORMATION, &data,
&size);
But this returns error 5 (Access Denied), not ERROR_INSUFFICIENT_BUFFER. I
don't understand that. I'm logged in as Admin, I can change what I like in
REGEDT32.EXE, but if I run a program that tries to read the registry key, it
denies permission. Yet, it allows me to _change_ the key's permissions to
Everyone.
I've looked at a sample program (check_sd.cpp), but I can't see from that
where I'm going wrong.
Can someone offer assistance?
David
- Next message: Don Kelloway: "Re: Blocking internet access"
- Previous message: Bruce Chambers: "Re: Trojan defense soft"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
