Skip to content

[winreg] support options and opened disposition in CreateKeyEx and OpenKey[Ex]  #95461

New issue
New issue
Open
Open
[winreg] support options and opened disposition in CreateKeyEx and OpenKey[Ex] #95461
Labels
3.13bugs and security fixesOS-windowstype-featureA feature request or enhancement
@eryksun

Description

@eryksun
eryksun
opened on Jul 30, 2022

winreg.CreateKeyEx() should support the dwOptions and lpdwDisposition parameters of RegCreateKeyExW(), and winreg.OpenKey[Ex]() should support the ulOptions parameter of RegOpenKeyExW(). Also, the REG_LINK data type should be handled as a null-terminated Unicode string instead of as binary data.

The lpdwDisposition parameter can be supported indirectly by a new create_only parameter. If create_only is true and the opened disposition is REG_OPENED_EXISTING_KEY, close the handle and raise FileExistsError.

The dwOptions and ulOptions parameters can be supported as a new options parameter. Currently ulOptions is supported as a parameter named reserved, but RegOpenKeyExW() has been documented to support it since 2015. Unofficially, RegOpenKeyExW() first implemented support for REG_OPTION_OPEN_LINK in NT 4.0 (1996). The misnamed reserved parameter has to be retained for compatibility, but options should override it.

For example:

CreateKeyEx(key, sub_key, reserved=0, access=KEY_WRITE, options=0, create_only=False)
OpenKeyEx(key, sub_key, reserved=0, access=KEY_READ, options=0)

RegCreateKeyExW() supports the following options:

  • REG_OPTION_VOLATILE: create a dynamic key in memory that's never persisted to a hive file. This is useful for keys that should always be newly created for each session (e.g. "HKCU\Volatile Environment") or for test cases that shouldn't permanently modify a hive.
  • REG_OPTION_CREATE_LINK: create a key symbolic link. The NT target path has to be set as a REG_LINK value named "SymbolicLinkValue". The registry API supports creating and modifying symbolic links, but deleting a symbolic link requires NTAPI NtDeleteKey(KeyHandle).
  • REG_OPTION_OPEN_LINK: open a symbolic link to modify its target path or to delete it via NtDeleteKey().
  • REG_OPTION_BACKUP_RESTORE: use backup semantics. If "SeBackupPrivilege" is enabled for the thread or process, then the open is granted read access and system security (SACL) access. If "SeRestorePrivilege" is enabled, then the open is granted write access, delete access, security access, and system security access. All access is granted if both privileges are enabled. If neither privilege is enabled, the call fails with access denied.
  • REG_OPTION_DONT_VIRTUALIZE: disable open, read, and write virtualization for non-admin, interactive logons in legacy 32-bit processes. This isn't relevant to a 32-bit "python[w].exe" process or any 32-bit application that has a "requestedExecutionLevel" in its manifest.

RegOpenKeyExW() supports the following options:

  • REG_OPTION_OPEN_LINK
  • REG_OPTION_BACKUP_RESTORE
  • REG_OPTION_DONT_VIRTUALIZE

Linked PRs

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.13bugs and security fixesOS-windowstype-featureA feature request or enhancement

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions