You are here

Home » Forums » Development Forums » Portable App Development

Registry and the Admin

9 posts / 0 new
Log in or register to post comments
Last post
March 24, 2008 - 11:08am
#1
digitxp
digitxp's picture
Offline
Last seen: 13 years 2 months ago
Joined: 2007-11-03 18:33
Registry and the Admin

I was trying to portableize a program that made registry entries in HKLM and HKCU. I was thinking about duplicating the registry section in the launcher to handle both. But it gets a little too complicated. Anyone know how to use NSIS to drop rights for a program? Anyone?
And while I'm at it, does anyone know how system::call works?????

Top
March 24, 2008 - 11:22am
wraithdu
Offline
Last seen: 11 years 5 months ago
Developer
Joined: 2007-06-27 20:22
Try this maybe, works on

Try this maybe, works on 2000, XP, Vista (but why really?) -

http://nsis.sourceforge.net/UAC_plug-in

And I know how to use the System plugin a bit. What do you need to do?

Top
March 24, 2008 - 6:29pm
(Reply to #2)
digitxp
digitxp's picture
Offline
Last seen: 13 years 2 months ago
Joined: 2007-11-03 18:33
I need to run

as a limited user so I don't have to rewrite code.
Oh, the UAC plug-in only works in Vista because the stupid feature comes out in Vista.

Insert original signature here with Greasemonkey Script.

Top
March 24, 2008 - 7:37pm
(Reply to #3)
wraithdu
Offline
Last seen: 11 years 5 months ago
Developer
Joined: 2007-06-27 20:22
The page says the plugin

The page says the plugin works in Win 2000+, and can be used to run a script at user level instead of admin. Read all the way to the bottom, the name is a little misleading...

Top
March 25, 2008 - 8:15am
(Reply to #4)
digitxp
digitxp's picture
Offline
Last seen: 13 years 2 months ago
Joined: 2007-11-03 18:33
Oooh,

thanks Blum
*Edit*Darn, there's no execwait function with it :(.

Insert original signature here with Greasemonkey Script.

Top
March 25, 2008 - 12:29pm
(Reply to #5)
wraithdu
Offline
Last seen: 11 years 5 months ago
Developer
Joined: 2007-06-27 20:22
You could do a two launcher

You could do a two launcher system, with the UAC plugin enabled launcher executing the other one...but this gets messy.

And to be honest, I'm not sure how things will work in XP (or Vista with UAC turned off)...I have a feeling both launchers will have admin rights if launched under an admin account.

It'll probably just be easier for you to deal with both sets of keys manually Sad

Top
March 25, 2008 - 12:53pm
(Reply to #6)
rab040ma
Offline
Last seen: 5 months 3 days ago
Joined: 2007-08-27 13:35
Look up DropMyRights or

Look up DropMyRights or psexec.exe to see examples of programs that can drop the security tokens representing Admin privileges.

I've been using them on XP (for testing as well as general security) and find it works just fine. If an app is running with limited privilege, and it launches an app, that app will inherit the limited privileges (usually). There are times when something comes up that is hard to figure out (like saving an editor configuration file to the "C:\Program Files" location of the editor fails with an odd error) so it probably isn't a great idea to drop privileges without letting the user know, or if the program can spawn a shell or other programs that behave differently when not admin.

MC

Top
April 1, 2008 - 12:48pm
(Reply to #7)
Tim Clark
Tim Clark's picture
Offline
Last seen: 13 years 7 months ago
Joined: 2006-06-18 13:55
DMR

DMR could be used for some quick testing purposes but a "true" test needs to be run often as a "true" limited user.

Tim

Things have got to get better, they can't get worse, or can they?

Top
April 1, 2008 - 12:13pm
wraithdu
Offline
Last seen: 11 years 5 months ago
Developer
Joined: 2007-06-27 20:22
A little late, but what

A little late, but what about this plugin?

http://nsis.sourceforge.net/SAFER_plug-in

It uses the SAFER API to create a process with limited rights...

Top
Log in or register to post comments