Registry Permissions

From IronPython Cookbook

If you want to create a key or set values in HKEY_LOCAL_MACHINE then on Vista x64 you need admin rights.

It is possible to set the permissions on the key so that it can be accessed by any authenticated user without administrative privileges. Doing this itself requires admin rights of course:

from Microsoft.Win32 import Registry
from System.Security.AccessControl import RegistryAccessRule, RegistryRights, AccessControlType
from System.Security.Principal import SecurityIdentifier, WellKnownSidType
REG_KEY_PATH = "SOFTWARE\\SomeKey\\SomeSubKey"
key = Registry.LocalMachine.CreateSubKey(REG_KEY_PATH)
ra = RegistryAccessRule(SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, None),
                                      RegistryRights.FullControl, AccessControlType.Allow)
rs = key.GetAccessControl()

For more details, including the WOW6432Node (and how to share keys between 64bit and 32bit applications) and the wonders of the VirtualStore registry hive, see this blog entry.

Back to Contents.