[Solved] Re: Windows registry PermissionError
Mike Dewhirst
miked at dewhirst.com.au
Fri May 13 03:00:00 EDT 2022
On 13/05/2022 4:37 pm, Eryk Sun wrote:
> On 5/13/22, Mike Dewhirst<miked at dewhirst.com.au> wrote:
>> On 13/05/2022 4:14 pm, Eryk Sun wrote:
>>> Since self.connect() is always called, you should document that the
>>> initial hkey parameter has to be one of the following predefined key
>>> handles:
>>>
>>> HKEY_LOCAL_MACHINE
>>> HKEY_USERS
>> I'm targeting HKEY_CURRENT_USER so I assume HK_USERS includes that.
> Using HKEY_CURRENT_USER with RegConnectRegistryW() to access a remote
> registry isn't well defined and not documented as supported. If it
> works at all, the API probably just opens a subkey of the remote
> HKEY_USERS based on the string SID (security identifier string) of the
> current user. That may fail as not found since user SIDs are unique to
> machines, unless it's on a domain.
>
> Bear in mind that the remote registry service is running on the remote
> machine as SYSTEM (S-1-5-18) in the non-interactive services session.
> If it literally accessed its "current user", then it would open
> "HKEY_USERS\S-1-5-18".
In that case, I'll remove 'computer' as a parameter and lock it in as
None. I'll document why and if I ever need to access a remote registry
I'll do some research along the lines you suggest.
My case demands execution of this code via login script for end-user
configuration after the IT department has done a bulk installation
rollout. One of key items is ComputerName which is in HKLM and needs to
be in HKCU for whichever user logs in. The application looks in HKCU for
a unique Device Reference and ComputerName suffices and is attractive
because it is also the asset number of the machine.
--
Signed email is an absolute defence against phishing. This email has
been signed with my private key. If you import my public key you can
automatically decrypt my signature and be sure it came from me. Just
ask and I'll send it to you. Your email software can handle signing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://mail.python.org/pipermail/python-list/attachments/20220513/fd646d57/attachment.sig>
More information about the Python-list
mailing list