Local System Service modifying HKEY_LOCAL_MACHINE?

[gregory_may]

I came accross this article that tells me that a Local/System service has a
hard time modifying any regestry keys in HKCU. Does anyone know if a
Local/System service can easily modify regestry keys in HKEY_LOCAL_MACHINE?

Thanks!


http://www.windowsitlibrary.com/Content/314/1.html:
Note: Any service that runs using the service account of LocalSystem has its
own "user profile" complete with its own HKCU - which is actually
HKU\.Default. As a result, if you try to use AT (or any other service
running in LocalSystem) to make a change to, for example, the currently
logged on user's HKCU subtree, you won't get the results you expect. Namely,
any changes to HKCU are made to LocalSystem's user profile, rather than to
the currently logged-on user on the target system.

 

[Eran Sandler]

Local System account is an all mighty powerful account that can do almost
anything.

It can change HKLM without a problem. But this article says that the HKCU of
a service running under the Local System account has its own user profile,
meaning, running things that needs to change the currently logged on user
settings will not work, since the code running in this context will change
the settings of the HKCU of the Local system account.

I hope it helps to clarify things.

 

[gregory_may]

Thanks Eran:

Sounds like I am in good shape.

g.

Local System account is an all mighty powerful account that can do almost
anything.

It can change HKLM without a problem. But this article says that the HKCU of
a service running under the Local System account has its own user profile,
meaning, running things that needs to change the currently logged on user
settings will not work, since the code running in this context will change
the settings of the HKCU of the Local system account.

I hope it helps to clarify things.

--
Eran Sandler esandler at netvision.net.il


has