Windows Vista Forums
Vista Forums Home Join Vista Forums Windows 7 Forum Vista Tutorials Tags
Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks.

Go Back   Vista Forums > Vista Newsgroups > Vista security

Vista - What can a normal user (e.g. administrator) can read and modify inthe Registry?

Reply
 
Old 10-09-2006   #1 (permalink)
MueMeister


 
 

What can a normal user (e.g. administrator) can read and modify inthe Registry?

Hi All,

does anybody know, has a link or whitepaper containing information
about the rights to read and modify the registry in windows vista?

I want to know the rules in case of my application running in normal and
administrative mode.

thanks a lot.
Mue

My System SpecsSystem Spec
Old 10-10-2006   #2 (permalink)
Jimmy Brush


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

> And why is that Jimmy?
> Why;even if I screw it up; is an area "off limits"?
> Jeff


I'm assuming you're talking about the keys denied to administrators? It's
not to stop administrators from accessing them, it is to stop programs from
accessing them (even programs running with admin privileges). The programs
need to use the approprate programming interfaces to access the data, not
access it directly. This was done because many programs were breaking the
rules by accessing the data directly.

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

My System SpecsSystem Spec
Old 10-10-2006   #3 (permalink)
Jimmy Brush


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

Hello,

Basically, a normal user has access rights to HKEY_CURRENT_USER. Everything
else is read-only.

Administrators have access to most other registry keys. The ones that
Administrators cannot access are usually controlled by other API's.

--
- JB

Windows Vista Support FAQ
http://www.jimmah.com/vista/

My System SpecsSystem Spec
Old 10-10-2006   #4 (permalink)
Jeff


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

And why is that Jimmy?
Why;even if I screw it up; is an area "off limits"?
Jeff

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:7FB8BFB6-7B73-4C71-BFB0-4C7ABA3B4D36@microsoft.com...
> Hello,
>
> Basically, a normal user has access rights to HKEY_CURRENT_USER.
> Everything else is read-only.
>
> Administrators have access to most other registry keys. The ones that
> Administrators cannot access are usually controlled by other API's.
>
> --
> - JB
>
> Windows Vista Support FAQ
> http://www.jimmah.com/vista/


My System SpecsSystem Spec
Old 10-10-2006   #5 (permalink)
Kerry Brown


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

Jimmy Brush wrote:
>> And why is that Jimmy?
>> Why;even if I screw it up; is an area "off limits"?
>> Jeff

>
> I'm assuming you're talking about the keys denied to administrators?
> It's not to stop administrators from accessing them, it is to stop
> programs from accessing them (even programs running with admin
> privileges). The programs need to use the approprate programming
> interfaces to access the data, not access it directly. This was done
> because many programs were breaking the rules by accessing the data
> directly.


A good example is malware (and other programs in the name of copy
protection) creating keys with bad data in them. Once the key exists they
can't be read or altered through the API's and often cause problems with
other programs that try to modify the registry legally.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca


My System SpecsSystem Spec
Old 10-10-2006   #6 (permalink)
Jeff


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

Ok,
But basically; reg keys still off limit?

Jeff

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:F221C234-60D5-4E22-9791-138B89CE4A27@microsoft.com...
>> And why is that Jimmy?
>> Why;even if I screw it up; is an area "off limits"?
>> Jeff

>
> I'm assuming you're talking about the keys denied to administrators? It's
> not to stop administrators from accessing them, it is to stop programs
> from accessing them (even programs running with admin privileges). The
> programs need to use the approprate programming interfaces to access the
> data, not access it directly. This was done because many programs were
> breaking the rules by accessing the data directly.
>
> --
> - JB
>
> Windows Vista Support Faq
> http://www.jimmah.com/vista/


My System SpecsSystem Spec
Old 10-11-2006   #7 (permalink)
Jimmy Brush


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

"Jeff" <S.Cerevesiae@sbcglobal.net> wrote in message
news:epJFrdM7GHA.4996@TK2MSFTNGP04.phx.gbl...
> Ok,
> But basically; reg keys still off limit?


Only a very few locations are secured from administrators; this includes
sensitive system configuration and performance-related data that can be
accessed by administrators through other means (user accounts control panel,
performance monitor, etc).

Any program running with admin privileges can access all but those
super-secure locations.

A normal program can only write settings that don't affect the state of the
entire computer and only affect the currently logged in user
(HKEY_CURRENT_USER).


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

My System SpecsSystem Spec
Old 11-13-2006   #8 (permalink)
MueMeister


 
 

Re: What can a normal user (e.g. administrator) can read and modifyin the Registry?

Jimmy, thanks for your answer.

Jimmy Brush wrote:
> Hello,
>
> Basically, a normal user has access rights to HKEY_CURRENT_USER.
> Everything else is read-only.
>
> Administrators have access to most other registry keys. The ones that
> Administrators cannot access are usually controlled by other API's.
>

My System SpecsSystem Spec
Old 11-13-2006   #9 (permalink)
Jimmy Brush


 
 

Re: What can a normal user (e.g. administrator) can read and modify in the Registry?

You're welcome


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/
My System SpecsSystem Spec
Reply

Thread Tools


Similar Threads
Thread Forum
Can't add or modify user accounts... General Discussion
modify registry with a var VB Script
Startup Subst both normal and administrator Vista networking & sharing
Need administrator access to modify files I created myself Vista file management
Modify registry Vista performance & maintenance


Vista Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows Vista", the Start Orb, and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46