Re: HKEY_CURRENT_USER access in driver by Tim
Tim
Thu Oct 23 11:41:33 CDT 2003
That's pretty clever... I'll give it a try.
Thanks,
Tim
>-----Original Message-----
>The only way to access HKCU in a driver is in the
context of a user-mode
>thread (this makes sense... a driver can't otherwise
know which user is
>"current" since multiple users are always present on the
system in the
>form of the "SYSTEM" user if nothing else).
>
>So, in order to do this, have a user mode program send
an IOCTL (or
>equivalent) to your driver, and in the driver's dispatch
routine,
>respond to this IOCTL by using RtlQueryRegistryValues,
passing in
>RTL_REGISTRY_USER as the "RelativeTo" parameter.
>
>At least, that's the only way *I've* been able to find
to do it.
>
>Technically, I suppose, you could try to figure out the
current users
>SID, and open \Registry\User\<SID>. We tried this and it
was a morass...
>there are lots of issues with remote vs. domain profiles
that make this
>hard to do reliably, especially if network connectivity
changes while
>the user is logged in... It was much less trouble to
have a user-mode
>helper app send an IOCTL, especially since we already
had one... That
>seems to work reliably.
>
>tim wrote:
>
>> How do I access HKEY_CURRENT_USER witin my driver? I
use
>> a couple values in the registry to communicate between
my
>> driver and a DLL. I was using, a subkey I created
>> under, "HKEY_LOCAL_MACHINE" but then discovered that
with
>> default "user rights" a "power user" is unable to
write
>> to that key so I've decided to change to the other.
>> However, as simple as I thought this would be, I've
>> discovered that I'm not sure how to access that key
>> using "ZwCreateKey(...)" as I was doing with the ohter
>> key.
>>
>> Can someone give me some ideas or better yet a sample
>> code snip?
>>
>> Thanks,
>> Tim
>
>--
>.../ray\..
>
>.
>