Vista - What can a normal user (e.g. administrator) can read and modify inthe Registry?

permalink · 10-09-2006

Hi All,

does anybody know, has a link or whitepaper containing information
about the rights to read and modify the registry in windows vista?

I want to know the rules in case of my application running in normal and
administrative mode.

thanks a lot.
Mue

permalink · 10-10-2006

> And why is that Jimmy?
> Why;even if I screw it up; is an area "off limits"?
> Jeff

I'm assuming you're talking about the keys denied to administrators? It's
not to stop administrators from accessing them, it is to stop programs from
accessing them (even programs running with admin privileges). The programs
need to use the approprate programming interfaces to access the data, not
access it directly. This was done because many programs were breaking the
rules by accessing the data directly.

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

permalink · 10-10-2006

Hello,

Basically, a normal user has access rights to HKEY_CURRENT_USER. Everything
else is read-only.

Administrators have access to most other registry keys. The ones that
Administrators cannot access are usually controlled by other API's.

--
- JB

Windows Vista Support FAQ
http://www.jimmah.com/vista/

permalink · 10-10-2006

And why is that Jimmy?
Why;even if I screw it up; is an area "off limits"?
Jeff

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:7FB8BFB6-7B73-4C71-BFB0-4C7ABA3B4D36@microsoft.com...
> Hello,
>
> Basically, a normal user has access rights to HKEY_CURRENT_USER.
> Everything else is read-only.
>
> Administrators have access to most other registry keys. The ones that
> Administrators cannot access are usually controlled by other API's.
>
> --
> - JB
>
> Windows Vista Support FAQ
> http://www.jimmah.com/vista/

permalink · 10-10-2006

Jimmy Brush wrote:
>> And why is that Jimmy?
>> Why;even if I screw it up; is an area "off limits"?
>> Jeff
>
> I'm assuming you're talking about the keys denied to administrators?
> It's not to stop administrators from accessing them, it is to stop
> programs from accessing them (even programs running with admin
> privileges). The programs need to use the approprate programming
> interfaces to access the data, not access it directly. This was done
> because many programs were breaking the rules by accessing the data
> directly.

A good example is malware (and other programs in the name of copy
protection) creating keys with bad data in them. Once the key exists they
can't be read or altered through the API's and often cause problems with
other programs that try to modify the registry legally.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca

permalink · 10-10-2006

Ok,
But basically; reg keys still off limit?

Jeff

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:F221C234-60D5-4E22-9791-138B89CE4A27@microsoft.com...
>> And why is that Jimmy?
>> Why;even if I screw it up; is an area "off limits"?
>> Jeff
>
> I'm assuming you're talking about the keys denied to administrators? It's
> not to stop administrators from accessing them, it is to stop programs
> from accessing them (even programs running with admin privileges). The
> programs need to use the approprate programming interfaces to access the
> data, not access it directly. This was done because many programs were
> breaking the rules by accessing the data directly.
>
> --
> - JB
>
> Windows Vista Support Faq
> http://www.jimmah.com/vista/

permalink · 10-11-2006

"Jeff" <S.Cerevesiae@sbcglobal.net> wrote in message
news:epJFrdM7GHA.4996@TK2MSFTNGP04.phx.gbl...
> Ok,
> But basically; reg keys still off limit?

Only a very few locations are secured from administrators; this includes
sensitive system configuration and performance-related data that can be
accessed by administrators through other means (user accounts control panel,
performance monitor, etc).

Any program running with admin privileges can access all but those
super-secure locations.

A normal program can only write settings that don't affect the state of the
entire computer and only affect the currently logged in user
(HKEY_CURRENT_USER).

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

permalink · 11-13-2006

Jimmy, thanks for your answer.

Jimmy Brush wrote:
> Hello,
>
> Basically, a normal user has access rights to HKEY_CURRENT_USER.
> Everything else is read-only.
>
> Administrators have access to most other registry keys. The ones that
> Administrators cannot access are usually controlled by other API's.
>

permalink · 11-13-2006

You're welcome

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

10-09-2006	#1 (permalink)
MueMeister n/a posts	What can a normal user (e.g. administrator) can read and modify inthe Registry? Hi All, does anybody know, has a link or whitepaper containing information about the rights to read and modify the registry in windows vista? I want to know the rules in case of my application running in normal and administrative mode. thanks a lot. Mue
My System Specs

10-10-2006	#2 (permalink)
Jimmy Brush n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? > And why is that Jimmy? > Why;even if I screw it up; is an area "off limits"? > Jeff I'm assuming you're talking about the keys denied to administrators? It's not to stop administrators from accessing them, it is to stop programs from accessing them (even programs running with admin privileges). The programs need to use the approprate programming interfaces to access the data, not access it directly. This was done because many programs were breaking the rules by accessing the data directly. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/
My System Specs

10-10-2006	#3 (permalink)
Jimmy Brush n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? Hello, Basically, a normal user has access rights to HKEY_CURRENT_USER. Everything else is read-only. Administrators have access to most other registry keys. The ones that Administrators cannot access are usually controlled by other API's. -- - JB Windows Vista Support FAQ http://www.jimmah.com/vista/
My System Specs

10-10-2006	#4 (permalink)
Jeff n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? And why is that Jimmy? Why;even if I screw it up; is an area "off limits"? Jeff "Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message news:7FB8BFB6-7B73-4C71-BFB0-4C7ABA3B4D36@microsoft.com... > Hello, > > Basically, a normal user has access rights to HKEY_CURRENT_USER. > Everything else is read-only. > > Administrators have access to most other registry keys. The ones that > Administrators cannot access are usually controlled by other API's. > > -- > - JB > > Windows Vista Support FAQ > http://www.jimmah.com/vista/
My System Specs

10-10-2006	#5 (permalink)
Kerry Brown n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? Jimmy Brush wrote: >> And why is that Jimmy? >> Why;even if I screw it up; is an area "off limits"? >> Jeff > > I'm assuming you're talking about the keys denied to administrators? > It's not to stop administrators from accessing them, it is to stop > programs from accessing them (even programs running with admin > privileges). The programs need to use the approprate programming > interfaces to access the data, not access it directly. This was done > because many programs were breaking the rules by accessing the data > directly. A good example is malware (and other programs in the name of copy protection) creating keys with bad data in them. Once the key exists they can't be read or altered through the API's and often cause problems with other programs that try to modify the registry legally. -- Kerry MS-MVP Windows - Shell/User http://www.vistahelp.ca
My System Specs

10-10-2006	#6 (permalink)
Jeff n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? Ok, But basically; reg keys still off limit? Jeff "Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message news:F221C234-60D5-4E22-9791-138B89CE4A27@microsoft.com... >> And why is that Jimmy? >> Why;even if I screw it up; is an area "off limits"? >> Jeff > > I'm assuming you're talking about the keys denied to administrators? It's > not to stop administrators from accessing them, it is to stop programs > from accessing them (even programs running with admin privileges). The > programs need to use the approprate programming interfaces to access the > data, not access it directly. This was done because many programs were > breaking the rules by accessing the data directly. > > -- > - JB > > Windows Vista Support Faq > http://www.jimmah.com/vista/
My System Specs

10-11-2006	#7 (permalink)
Jimmy Brush n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? "Jeff" <S.Cerevesiae@sbcglobal.net> wrote in message news:epJFrdM7GHA.4996@TK2MSFTNGP04.phx.gbl... > Ok, > But basically; reg keys still off limit? Only a very few locations are secured from administrators; this includes sensitive system configuration and performance-related data that can be accessed by administrators through other means (user accounts control panel, performance monitor, etc). Any program running with admin privileges can access all but those super-secure locations. A normal program can only write settings that don't affect the state of the entire computer and only affect the currently logged in user (HKEY_CURRENT_USER). -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/
My System Specs

11-13-2006	#8 (permalink)
MueMeister n/a posts	Re: What can a normal user (e.g. administrator) can read and modifyin the Registry? Jimmy, thanks for your answer. Jimmy Brush wrote: > Hello, > > Basically, a normal user has access rights to HKEY_CURRENT_USER. > Everything else is read-only. > > Administrators have access to most other registry keys. The ones that > Administrators cannot access are usually controlled by other API's. >
My System Specs

11-13-2006	#9 (permalink)
Jimmy Brush n/a posts	Re: What can a normal user (e.g. administrator) can read and modify in the Registry? You're welcome -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/
My System Specs

Similar Threads
Thread	Forum
Can't add or modify user accounts...	General Discussion
modify registry with a var	VB Script
Startup Subst both normal and administrator	Vista networking & sharing
Need administrator access to modify files I created myself	Vista file management
Modify registry	Vista performance & maintenance