private static void CheckReadOnlyHivesAccess(KeyDisposition disposition,
KeySecurity samDesired)
{
if (disposition != KeyDisposition.DIFF_HIVE)
{
Debug.Assert(samDesired.IsOnlyForRead());
if (!samDesired.IsOnlyForRead())
{
throw new AccessDeniedException();
}
}
}
private bool TryOpenOrCreateDiffKey(KeyIdentity existingBase, KeyIdentity identity,
KeySecurity samDesired, out IKeyImpl openedImpl)
{
if (TryOpen(existingBase, KeyDisposition.DIFF_HIVE, identity, samDesired, out openedImpl))
{
return(true);
}
// If some modification operation is requested and offreg key
// does not exist, but it is in one of readonly hives - creating it
if (samDesired.IsOnlyForRead() ||
!KeyExistsInROHives(identity))
{
return(false);
}
try
{
openedImpl = Create(identity,
null, (int)Win32Api.RegOption.REG_OPTION_NON_VOLATILE, IntPtr.Zero,
IntPtr.Zero);
return(true);
}
catch (FileNotFoundException)
{
return(false);
}
}
internal void ApplyReadOperation(string subKeyName, KeySecurity samDesired,
KeyImplOperation operation)
{
Debug.Assert(samDesired.IsOnlyForRead());
if (!samDesired.IsOnlyForRead())
{
throw new AccessDeniedException();
}
foreach (KeyDisposition disposition in HIVES_ORDER)
{
if (TryApplyOperation(disposition, subKeyName, samDesired, operation))
{
return;
}
}
throw new FileNotFoundException();
}
// Opens virtual key not for regular operation, but just
// when RegOpen*/RegCreate* is called, so access checking is not so strict
// as for operation
// TODO: don't check security access mode on open,
// make just a reg function call check it
internal VirtualKey OpenKeyPreliminarily(KeyIdentity existingBase, KeyIdentity identity, KeySecurity samDesired)
{
foreach (KeyDisposition disposition in VirtualKey.HIVES_ORDER)
{
try
{
VirtualKey key;
if (TryOpenKey(existingBase, disposition, identity, samDesired, out key))
{
return(key);
}
// Key not found
if (!samDesired.IsOnlyForRead())
{
// Key not present in reghive and write access requested
// we can't give it in hives other than DIFF_HIVE
throw new FileNotFoundException();
}
}
catch (AccessDeniedException)
{
if (!identity.IsSystemKey() || disposition == KeyDisposition.WINDOWS_REG)
{
// Access denied in reghive (may happen if key is system key)
// but if not a system key
throw;
}
}
if (identity.IsSystemKey() && !samDesired.IsOnlyForRead())
{
// Relaxing access (some apps request write access and do not use it
// we want to make them work
samDesired.RelaxToReadAccess();
}
}
throw new FileNotFoundException();
}
private static bool CheckSystemKeyAccess(KeyDisposition disposition,
KeyIdentity identity, KeySecurity samDesired)
{
// This way we redirect system registry locations into windows registry
// and make it fail for write operations
if (disposition != KeyDisposition.WINDOWS_REG &&
identity.IsSystemKey())
{
if (samDesired.IsOnlyForRead())
{
// So that it retries to read from system registry
return(false);
}
// So that user gets appropriate error code
throw new AccessDeniedException();
}
return(true);
}
