[Spice-devel] [PATCH] vdagent-win: Assure you set a new HKEY_CURRENT_USER changing user.
Frediano Ziglio
fziglio at redhat.com
Thu Apr 23 06:09:05 PDT 2015
>
> Hey,
>
> On Thu, Apr 23, 2015 at 08:22:51AM -0400, Frediano Ziglio wrote:
> > HKEY_CURRENT_USER is cached as first profile is loaded. Closing the key
> > before setting the token allow the system to set a new HKEY_CURRENT_USER.
> > Some informations are readed from this key (like Desktop folder using
> > shell APIs).
> >
> > Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> > ---
> > vdagent/as_user.cpp | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/vdagent/as_user.cpp b/vdagent/as_user.cpp
> > index c8016da..96ecc24 100644
> > --- a/vdagent/as_user.cpp
> > +++ b/vdagent/as_user.cpp
> > @@ -46,6 +46,8 @@ bool AsUser::begin()
> > }
> > }
> >
> > + RegCloseKey(HKEY_CURRENT_USER);
> > +
>
> Not sure about that one as we don't seem to be opening that key
> ourselves.
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa378612%28v=vs.85%29.aspx
> mentions RevertToSelf(), maybe this is something that needs to be called
> in order to cause HKEY_CURRENT_USER to be reread?
>
> Christophe
>
During impersonation one thing that Windows does is to try to create HKEY_CURRENT_USER. This is done automatically for you by Windows when it launch a process.
HKEY_CURRENT_KEY is a predefined key value.
Anyway when you impersonate a user HKEY_CURRENT_USER is pointed to HKEY_USERS\<sid-string-of-user> (think as a symbolic link). If HEKY_CURRENT_USER is already opened (which usually is the case) Windows do not change the registry key and you will still find old values.
Probably you should close the key even before RevertToSelf. Surely IMHO before ImpersonateLoggedOnUser.
Frediano
More information about the Spice-devel
mailing list