TechQA.

Wix RegistryKey Permission

4.8k views Asked by At

I am attempting to install a registry key that should only be accessible by certain users. Every other part of the installer works (it installs a service and registers a component). Here is the fragment.

<Component Id="cmpXXX" Guid="{YYY}">
    <RegistryKey Root="HKLM" Key="Software\ZZZ" Action="createAndRemoveOnUninstall">
        <RegistryKey Key="Machine" Action="createAndRemoveOnUninstall">
            <Permission User="Administrators" GenericAll="yes" />
            <RegistryValue Type="string" Name="ID" Value="SecretID" />
            <RegistryValue Type="string" Name="Key" Value="SecretKey" />
        </RegistryKey>
    </RegistryKey>
</Component>

When the installer is complete, all users can read the key (instead of just administrators). My command line to install is this:

msiexec /i installer.msi /l*v installlog.txt

The log says nothing about permissions. When I open the database in Orca, the LockPermissions table shows the permission row and it looks fine.

What am I doing wrong?

security permissions wix registry wix3
Original Q&A
2

There are 2 answers

0
Martin On BEST ANSWER

It seemed to start working after I added the permission entry to each RegistryValue.

<Component Id="cmpXXX" Guid="{YYY}">
    <RegistryKey Root="HKLM" Key="Software\ZZZ" Action="createAndRemoveOnUninstall">
        <RegistryKey Key="Machine" Action="createAndRemoveOnUninstall">
            <Permission User="Administrators" GenericAll="yes" />
            <RegistryValue Type="string" Name="ID" Value="SecretID">
                <Permission User="Administrators" GenericAll="yes" />
            </RegistryValue>
            <RegistryValue Type="string" Name="Key" Value="SecretKey">
                <Permission User="Administrators" GenericAll="yes" />
            </RegistryValue>
        </RegistryKey>
    </RegistryKey>
</Component>

But it has the side effect of locking down the entire Software\ZZZ key. Less than ideal, but I can work around that.

0
Rod Widdowson On

If you create values in multiple components, or you create intermediate keys (Software\XXX and Software\XXX\YYY) make sure that all the and have a child element.

Related Questions in SECURITY

Related Questions in PERMISSIONS

Related Questions in WIX

Related Questions in REGISTRY

Related Questions in WIX3

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions