c++ - 编辑/删除受保护的注册表项值

Question

我的问题：是否可以在使用自定义安全描述符创建注册表项时编辑它的值？我是否需要使用 SECURITY_ATTRIBUTES 结构调用RegSetKeyValueEx ？如果没有，那么我需要删除密钥然后重新创建它。

我正在尝试编辑（或删除然后重写）注册表项值，但它不起作用。一些重要信息是我使用自定义安全描述符创建了注册表项。自定义安全描述符仅设置了 KEY_READ注册表项安全和访问权限。

但由于其 ACL 安全描述符，我什至无法删除该密钥。这是一个问题，因为当我卸载时，我什至无法删除注册表项。我使用自定义安全描述符创建注册表项的原因是用户不能意外或故意更改它。密钥告诉我我的应用程序之前是否运行过。

有谁知道我如何编辑/删除这种类型的注册表项？

我的代码（尝试编辑我的密钥并首先显示我是如何创建密钥的）：

// Code to change key value
LONG lResult = RegOpenKeyEx(HKEY_CURRENT_USER, _T("Software/MyApplication"), 0, KEY_READ, &hKey);
LONG setValueRes = RegSetValueEx(hKey, _T("FirstRunSignafier"), 0, REG_DWORD, (LPBYTE) &firstRunSignafierValue, 
                                 (DWORD) sizeof(firstRunSignafierValue));
// Error Value of setValueRes is 5. lResult succeeds


// Code that creates the registry key
int  recordFirstApplicationRun()
{
    tstring REG_FIRST_RUN_SIGNIFIER = _T("Software\\MyApplication");
    HKEY hKey;
    LONG lResult;
    int   res                     = 1;
    DWORD dwValue, dwType, dwSize = sizeof(dwValue);
    DWORD firstRunSignafierValue  = 1;
    DWORD keyAlreadyExists; // Two potential values: REG_CREATED_NEW_KEY or REG_OPENED_EXISTING_KEY
    PSID pEveryoneSID             = NULL;
    PACL pACL                     = NULL;
    PSECURITY_DESCRIPTOR pSD      = NULL;
    SECURITY_ATTRIBUTES secAttr;

    createSecurityAttributes(&secAttr, pEveryoneSID, pACL, pSD);
    LONG createRes = RegCreateKeyEx(HKEY_CURRENT_USER, &REG_FIRST_RUN_SIGNIFIER[0], 0, NULL, REG_OPTION_NON_VOLATILE, 
                                    KEY_WRITE|KEY_WRITE, &secAttr, &hKey, &keyAlreadyExists);
    if (createRes != ERROR_SUCCESS) {
        //_tprintf(_T("Failed to create key: Last Error: %x, Return Val: %x\n"), GetLastError(), createRes);
        CPP_Utilities::outputLastError("Failed to create key");
        res = -1;
        goto Cleanup;
    }

    //CPP_Utilities::outputLastErrorEx( (keyAlreadyExists == REG_CREATED_NEW_KEY) ? _T("Created new registry key"):_T("Registry key already exists") );
    _tprintf( (keyAlreadyExists == REG_CREATED_NEW_KEY) ? _T("Created new registry key\n"):_T("Registry key already exists\n") );

    // To Write a DWORD to the registry
    LONG setValueRes = RegSetValueEx(hKey, _T("FirstRunSignafier"), 0, REG_DWORD, (LPBYTE) &firstRunSignafierValue, 
                                     (DWORD) sizeof(firstRunSignafierValue));
    if (setValueRes != ERROR_SUCCESS) {
        _tprintf(_T("B: %X\n"), setValueRes);
        CPP_Utilities::outputLastError("Failed to set registry value");
        res = -2;
        goto Cleanup;
    }

    Cleanup:
        if (pEveryoneSID) 
            FreeSid(pEveryoneSID);
        if (pACL) 
            LocalFree(pACL);
        if (pSD) 
            LocalFree(pSD);
        if (hKey)
            RegCloseKey(hKey);

    return res;
}

int createSecurityAttributes(SECURITY_ATTRIBUTES* secAttr, PSID pEveryoneSID, PACL pACL, PSECURITY_DESCRIPTOR pSD)
{
    // Pre: Memory release for parameters MUST be handled by caller

    EXPLICIT_ACCESS ea;
    DWORD dwRes;
    /*PSID*/ pEveryoneSID                   = NULL;
    /*PACL*/ pACL                           = NULL;
    /*PSECURITY_DESCRIPTOR*/ pSD            = NULL;
    SID_IDENTIFIER_AUTHORITY SIDAuthWorld   = SECURITY_WORLD_SID_AUTHORITY;

    // Create a well-known SID for the Everyone group.
    if(!AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pEveryoneSID)) {
        _tprintf(_T("AllocateAndInitializeSid Error %u\n"), GetLastError());
        CPP_Utilities::outputLastError("AllocateAndInitializeSid Error");
        return -1;
    }

    // Initialize an EXPLICIT_ACCESS structure for an ACE. The ACE will allow Everyone read access to the key.
    ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
    ea.grfAccessPermissions = KEY_READ;
    ea.grfAccessMode        = SET_ACCESS;
    ea.grfInheritance       = NO_INHERITANCE;
    ea.Trustee.TrusteeForm  = TRUSTEE_IS_SID;
    ea.Trustee.TrusteeType  = TRUSTEE_IS_WELL_KNOWN_GROUP;
    ea.Trustee.ptstrName    = (LPTSTR) pEveryoneSID;

    // Create a new ACL that contains the new ACEs.
    dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
    if (ERROR_SUCCESS != dwRes) {
        _tprintf(_T("SetEntriesInAcl Error %u\n"), GetLastError());
        CPP_Utilities::outputLastError("SetEntriesInAcl Error");
        return -2;
    }

    // Initialize a security descriptor.  
    pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); 
    if (NULL == pSD) { 
        _tprintf(_T("LocalAlloc Error %u\n"), GetLastError());
        CPP_Utilities::outputLastError("LocalAlloc Error");
        return -3; 
    } 

    if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) {  
        _tprintf(_T("InitializeSecurityDescriptor Error %u\n"), GetLastError());
        CPP_Utilities::outputLastError("InitializeSecurityDescriptor Error");
        return -4;
    } 

    // Add the ACL to the security descriptor. 
    if (!SetSecurityDescriptorDacl(pSD, TRUE, pACL, FALSE)) {  
        _tprintf(_T("SetSecurityDescriptorDacl Error %u\n"), GetLastError());
        CPP_Utilities::outputLastError("SetSecurityDescriptorDacl Error");
        return -5;
    } 

    // Initialize a security attributes structure.
    secAttr->nLength                = sizeof (SECURITY_ATTRIBUTES);
    secAttr->lpSecurityDescriptor   = pSD;
    secAttr->bInheritHandle         = FALSE;

    return 1;
}

Answer 1

您需要更改权限，以便用户具有KEY_SET_VALUE访问权限。执行此操作的最简单方法是让您的卸载程序删除安装程序添加的 ACL。

您只需要卸载程序来反转安装程序执行的步骤。您的安装程序去了：

1. 创建密钥。
2. 将 ACL 添加到密钥。

因此，您的卸载程序需要：

1. 从密钥中删除 ACL。
2. 删除密钥。