在Windows标题中,有
//
// Registry Specific Access Rights.
//
#define KEY_QUERY_VALUE (0x0001)
#define KEY_SET_VALUE (0x0002)
#define KEY_CREATE_SUB_KEY (0x0004)
#define KEY_ENUMERATE_SUB_KEYS (0x0008)
#define KEY_NOTIFY (0x0010)
#define KEY_CREATE_LINK (0x0020)
#define KEY_WOW64_32KEY (0x0200)
#define KEY_WOW64_64KEY (0x0100)
#define KEY_WOW64_RES (0x0300)
These are all well documented in the MSDN article, Registry Key Security and Access Rights, except
KEY_WOW64_RES. What does this mean? It appears to turn on contradictory flags.
KEY_WOW64_RES是两者的组合KEY_WOW64_32KEY和KEY_WOW64_64KEY.它可用于屏蔽WOW64位,例如当您需要更改现有的权限掩码但希望保留WOW64位时.
例如,您可以AND使用掩码KEY_WOW64_RES来检索其现有的WOW64位,KEY_WOW64_RES从新掩码中屏蔽掉,然后OR将原始WOW64位映射到新掩码中,例如:
REGSAM Rights = ...;
REGSAM Wow64Rights = rights & KEY_WOW64_RES;
Rights = (NewRights & ~KEY_WOW64_RES) | Wow64Rights;
我知道一个库KEY_WOW64_RES在尝试打开注册表项以进行只读访问时使用,每次失败时使用限制较少的权限:
// Preserve KEY_WOW64_XXX flags for later use
WOWFlags = FAccess & KEY_WOW64_RES;
Result = RegOpenKeyEx(..., KEY_READ | WOWFlags, ...);
if (Result == 0)
{
...
}
else
{
Result = RegOpenKeyEx(..., STANDARD_RIGHTS_READ | KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | WOWFlags, ...);
if (Result == 0)
{
...
}
else
{
Result = RegOpenKeyEx(..., KEY_QUERY_VALUE | WOWFlags, ...);
if (Result == 0)
{
...
}
}
}