services.exe: Reduce Registry access to KEY_READ or MAXIMUM_ALLOWED wherever possible
Rob Shearman
robertshearman at gmail.com
Sat Nov 28 16:07:21 CST 2009
2009/11/27 Paul Chitescu <paulc at voip.null.ro>:
> @@ -376,7 +376,7 @@
> InitializeCriticalSection(&(*db)->cs);
>
> err = RegCreateKeyExW(HKEY_LOCAL_MACHINE, SZ_SERVICES_KEY, 0, NULL,
> - REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL,
> + REG_OPTION_NON_VOLATILE, MAXIMUM_ALLOWED, NULL,
> &(*db)->root_key, NULL);
> if (err != ERROR_SUCCESS)
> HeapFree(GetProcessHeap(), 0, *db);
I'm not happy with this change because the code was written with the
assumption that data it will always have permission to write data back
to keys under root_key. The return value from save_service_config
isn't always checked and thus this could lead to silent data loss. In
any event, the use of MAXIMUM_ALLOWED should not be encouraged where
at all possible [1] and instead the code should try the most
permissions it needs and fall back to less as appropriate.
> @@ -417,7 +417,7 @@
> break;
>
> WINE_TRACE("Loading service %s\n", wine_dbgstr_w(szName));
> - err = RegOpenKeyExW(db->root_key, szName, 0, KEY_READ | KEY_WRITE, &hServiceKey);
> + err = RegOpenKeyExW(db->root_key, szName, 0, KEY_READ, &hServiceKey);
> if (err == ERROR_SUCCESS)
> {
> err = load_service_config(hServiceKey, entry);
This change is fine since hServiceKey is only every used with
operations that require KEY_READ at the most.
--
Rob Shearman
[1] http://blogs.msdn.com/larryosterman/archive/2004/09/14/229658.aspx
More information about the wine-devel
mailing list