[Spice-devel] [PATCH] vdagent-win: Assure you set a new HKEY_CURRENT_USER changing user.

[Christophe Fergeau]

On Thu, Apr 23, 2015 at 09:09:05AM -0400, Frediano Ziglio wrote:
> During impersonation one thing that Windows does is to try to create HKEY_CURRENT_USER. This is done automatically for you by Windows when it launch a process.
> HKEY_CURRENT_KEY is a predefined key value.
> Anyway when you impersonate a user HKEY_CURRENT_USER is pointed to HKEY_USERS\<sid-string-of-user> (think as a symbolic link). If HEKY_CURRENT_USER is already opened (which usually is the case) Windows do not change the registry key and you will still find old values.
> Probably you should close the key even before RevertToSelf. Surely IMHO before ImpersonateLoggedOnUser.

What I'm uncomfortable with is to close something I don't think we own.
I would not free() memory I don't own, nor close() a file descriptor I
don't own. Are things different with these registry key handles, and is
it allowed and typical to close HKEY_CURRENT_USER?

Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20150423/125b14b8/attachment.sig>