wineserver: Added support for read/only Registry, similar to unprivileged users
Paul Chitescu
paulc at voip.null.ro
Wed Nov 25 10:36:46 CST 2009
Changelog:
wineserver: Added support for read/only Registry, similar to unprivileged
users
Rationale:
This is a first step towards implementing shared wine prefixes with most
users being unprivileged and a single Administrator (power user, etc.) capable
of installing programs.
How it works:
For selected Registry files (system.reg and userdef.reg) the code will
attempt to initially load them by opening the file in read/write mode.
If opening R/W succeeds the current behavior is unchanged, the keys are
created write accessible to the user.
If opening R/W fails the operation is retried in R/O mode. If that succeeds
the current key is flagged KEY_READONLY causing the entire loaded branch to
inherit this flag.
The create_key handler refuses to allow non-volatile keys to be created in a
R/O parent key.
The open_key handler checks the access rights if the requested key is flagged
R/O. If MAXIMUM_ALLOWED access is specified (Windows regedit.exe does so) the
access is silently downgraded to KEY_READ. Else if any of the write or delete
flags are set (KEY_DENIED) the request is refused with access denied.
This is pretty much what a Guest or unprivileged user gets when accessing the
Registry on a Windows system (except we don't implement object ownership).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wineserver_registry_ro.patch
Type: text/x-patch
Size: 4775 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20091125/7ca252dd/attachment-0001.bin>
More information about the wine-patches
mailing list