security on registry keys

Giganews Newsgroups
Subject: security on registry keys
Posted by:  fp (mc8647__nnoossppaa…@mclink.it)
Date: Thu, 03 Jan 2008

I have got a problem that is driving me crazy.

On my HP laptop with XP Pro, as administrator I install PDFCreator and
VMWare server console. I then logout and reconnect as a simple user,
group "Users" and I 'm not able to use these programs.

If I do the same thing with PDFCreator on a freshly installed (and
completely patched) XP Pro, I can switch to other users and use the
programs with no problems. (I could not try vmware console)

Using sysinternal tools I see that both programs fail to read some
registry keys.

So I went with regedit and found that:
- on the HP laptop only administrator and system have "Special
privileges", not inherited
- on selfinstalled pc, authorization is given to Users (readonly),
PowerUsers (special), Adminisrator system admin creator owner (full
control), all inherited by CLASSES_ROOT

If I manually give read only access to users, program starts ok.

I askep HP support if they set some policies but they say no. I also
checked myself if some policies were set but I could not find anything.

I BELIEVE that some system wide setting masks some bits in the ACL
and/or auth fields in RegCreateKeyEx and similar functions, but could
not find any clear info on this subject.... it's like umask in unix
directories... a friend told me about an "inheritance" property...

Both systems use XP pro italian version, so it's also a problem to look
for informations because I don't know the english wordings..

Francesco

Replies