Jump to content











Photo
- - - - -

tricky ENUM key


  • Please log in to reply
9 replies to this topic

#1 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 16 May 2010 - 02:48 PM

For a quick test of WimBoot with NaughtyPE, i have copied a complete previously already build NaughtyPE project to another computer. Everything works fine except that on the other computer neighter WB nor i can access the ENUM key. :(

I already tryed to change the permissions before i copy, to allow all, but to no avail.

If i build now a NaughtyPE on the other computer ENUM works fine on that computer, but not on the first one.

Does anyone know, what causes ENUM key to act up while no other keys do that?

btw. I'm loged in as admin on both machines. And if i want to view the permissions, the error message says something like, you do not have the rights to view the permissions but you can change them. :lol:
Which is just a lie as windows does not let me change the permissions.

:lol:

#2 cdob

cdob

    Gold Member

  • Expert
  • 1437 posts

Posted 16 May 2010 - 03:18 PM

A admin dosn't have full permisssions.
But a admin may grant permissions himself.

Take ownership of ENUM keys first.
Change permisssions next.

#3 Sha0

Sha0

    WinVBlock Dev

  • Developer
  • 1682 posts
  • Location:reboot.pro Forums
  • Interests:Booting
  •  
    Canada

Posted 16 May 2010 - 05:41 PM

Or you can run as the SYSTEM account and should have permissions. You could either use the at command or you could use Microsoft's SysInternals' PsExec.exe to start a regedit.exe window as SYSTEM. See the at trick here.

#4 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 16 May 2010 - 08:49 PM

Thanks for the help you two, but i would really like to understand and maybe fix the occurrence of this problem.
How can some keys have this problems an others don't? They are all created by WB. Shouldn't that mean, that they are all created with the same permissions?

:lol:

#5 cdob

cdob

    Gold Member

  • Expert
  • 1437 posts

Posted 16 May 2010 - 09:23 PM

How can some keys have this problems an others don't? They are all created by WB. Shouldn't that mean, that they are all created with the same permissions?

Do you have some ENUM examples?
How do you add ENUM keys?
Do you add .reg files? Do you process .script files?

Did you used temp files from a previous build?

How does WB create ENUM keys?
Does WB use a windows api?
Does windows api set permission defaults to a local account?
Which permissions does exist at ENUM key?

@Sha0
At XP machines I prefer sc.exe to launch application at system account
%SystemRoot%\system32\sc.exe delete SystemCmd >nul

%SystemRoot%\system32\sc.exe create SystemCmd binpath= "%SystemRoot%\system32\cmd.exe /c pushd %~dps0 & start Builder.exe" type= own type= interact >nul

%SystemRoot%\system32\sc.exe start  SystemCmd >nul

%SystemRoot%\system32\sc.exe delete SystemCmd >nul


#6 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 16 May 2010 - 10:57 PM

Do you have some ENUM examples?
How do you add ENUM keys?
Do you add .reg files? Do you process .script files?

All registry entries are added by scripts.

Did you used temp files from a previous build?

I used the temp-, the workplace-, and the target files from a previous build on a different machine.

How does WB create ENUM keys?

Just like any other, i would assume.

Does WB use a windows api?

I guess so.

Does windows api set permission defaults to a local account?

I assume as much, but if that's the problem, then it should be impossible to edit any hive on another machine and use it during boot on the original machine again. Shouldn't it?

Which permissions does exist at ENUM key?

I didn't check. I have come across a far bigger problem, which caused me to bin the whole update and if i don't do the update, i won't waste time on fixing potential bugs.


:lol:

#7 cdob

cdob

    Gold Member

  • Expert
  • 1437 posts

Posted 17 May 2010 - 06:07 PM

then it should be impossible to edit any hive on another machine and use it during boot on the original machine again. Shouldn't it?

ControlSet001 get permission to group admin and user system, owner group admin.

ENUM is a special branch: default windows set special permissions
At WB permissions goes to current local user and user system, owner current local user.

At another machine a user with admin permission may open ControlSet001, but ENUM is protected.
A booted PE with system permission can open ENUM.

#8 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 17 May 2010 - 06:42 PM

So if i would set the permissions on the build machine for all keys to admin, instead of local user, i would have no problems on the other machine, if i understand you right?


:lol:

#9 cdob

cdob

    Gold Member

  • Expert
  • 1437 posts

Posted 17 May 2010 - 08:03 PM

Yes, adjust ENUM permissions to get access at all machines.
Or ask a WB developer to adjust WB.

No tested: copy permissions from ControlSet001 to ENUM.

Sunincal can do this:
Compare, slightly different conditions:
http://www.911cd.net...&...st&p=159987
http://www.911cd.net...showtopic=23424

#10 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 17 May 2010 - 08:37 PM

Or ask a WB developer to adjust WB.

That's a very good idea. Will do that.
Thanks.

:lol:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users