Accessed Files and Registry Keys

Requests for new features, question how to do something etc...

Moderator: lpaatero

Post Reply
gwport
Posts: 68
Joined: Mon Apr 03, 2006 5:28 pm

Accessed Files and Registry Keys

Post by gwport » Tue Jan 27, 2009 2:07 pm

For Vista Ultimate 32b and GW2_2_21, so far I could log these accesses. Note that (CI)(OI) means "access also to containers or objects (i.e., folders or files, subkeys or keys' data) further below the tree". I do not mention such access that is obviously initiated by Windows or is specific to my PC.

Access by GOWrite.exe:

C:\
C:\Program Files
C:\Program Files\MyGowriteDir (CI)(OI)
C:\Program Files\MyJavaDir (CI)(OI)

HKLM\Software\GOWrite2\install
HKLM\SOFTWARE\GOWrite2\install\language
HKLM\Software\GOWrite2\startup\gowrite
HKLM\Software\GOWrite2\startup\java
HKLM\Software\JavaSoft\Java Runtime Environment
HKLM\SOFTWARE\JavaSoft\Java Runtime Environment\CurrentVersion
HKLM\SOFTWARE\JavaSoft\Java Runtime Environment\1.6
HKLM\SOFTWARE\JavaSoft\Java Runtime Environment\1.6\JavaHome


Access by javaw.exe:

C:\
C:\Program Files\MyCGobanDir (CI)(OI)
C:\Program Files\MyGowriteDir (CI)(OI)
C:\Program Files\MyJavaDir (CI)(OI)
C:\Users
C:\Users\MyUserName
C:\Users\MyUserName\gowrite.cfg
C:\Users\MyUserName\.gowrite
C:\Users\MyUserName\.gowrite\gowrite22.cfg
C:\Users\MyUserName\AppData\Local\Temp\hsperfdata_MyUserName (CI)(OI)

HKLM\Hardware\DeviceMap\VIDEO (CI)(OI)
HKLM\System\CurrentControlSet\ENUM (CI)(OI)
HKLM\SYSTEM\CurrentControlSet\Services (CI)(OI)

**********************************************************

Questions:

1) Why are higher level folders like C:\ or C:\Program Files also accessed? Can this not be avoided? I wonder whether this fact alone might suffice to prevent a Low integrity level setting for Gowrite because obviously I cannot set these folders to Low (or I would have to run all my applications Low, what would not make sense).

2) Does javaw's access of C:\Program Files\MyCGobanDir mean that both Gowrite and CGoban have to be run Low - or neither? I want to run both Low anyway. But I wonder how to ease testing. Will it be possible to set only Gowrite Low or can't this work because of a Medium integrity level CGoban?

3) Will a Low Java directory and Low Java registry keys cause conflicts with a Medium OpenOfficeOrg?

4) I think that, under Vista,

C:\Users\MyUserName\gowrite.cfg
C:\Users\MyUserName\.gowrite
C:\Users\MyUserName\.gowrite\gowrite22.cfg

are at the wrong location.

I'd rather guess that the right location should be either

C:\Users\MyUserName\AppData\Local\MyGowriteDir

or

C:\Users\MyUserName\AppData\Roaming\MyGowriteDir

where

MyGowriteDir is the same as under C:\Program Files\.

Wouldn't you agree? I saw some other old softwares with the same mistake, but they become fewer and fewer.

5) Why \.gowrite with a dot?

6) What is the purpose of javaw accessing

C:\Users\MyUserName\AppData\Local\Temp\hsperfdata_MyUserName (CI)(OI)
HKLM\Hardware\DeviceMap\VIDEO (CI)(OI)
HKLM\System\CurrentControlSet\ENUM (CI)(OI)
HKLM\SYSTEM\CurrentControlSet\Services (CI)(OI)
?

7) Are there further containers or objects that I might have overlooked?

8 ) Which should I set to Low if I want to run Gowrite as Low? All?
robert jasiek

lpaatero
Go liiton hallitus
Posts: 463
Joined: Fri May 21, 2004 12:20 pm
Location: Finland

Re: Accessed Files and Registry Keys

Post by lpaatero » Wed Feb 04, 2009 6:40 pm

Hi,

Again, I do not have access to vista, I cannot help you much.

For files / dirs accessed you probably need to ask from someone who is more familiar with vista java behaviour; It seems to be key problem here. As with gowrite.exe, accesses can be difficult to understand, not to speak about predict.

t.
Lauri

gwport
Posts: 68
Joined: Mon Apr 03, 2006 5:28 pm

Re: Accessed Files and Registry Keys

Post by gwport » Wed Feb 04, 2009 9:34 pm

OC, you cannot have every operating system at home... At least, I think, you should be able to answer questions 1, 4, 5, and 7 because you can know what GoWrite is supposed to access at all.

Some months later, when I will have time, I will make make further research into the topic to hopefully get GW and CGoban to Low integrity level finally. Windows 7 will continue that security concept.
robert jasiek

Post Reply