From 56634dce7b0dddde8b4a3681c1bf7db3d3f123c6 Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Fri, 16 Jan 2009 07:40:55 -0800 Subject: [PATCH] crypt32: Only open the read-only root store for the local machine location. --- dlls/crypt32/store.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/dlls/crypt32/store.c b/dlls/crypt32/store.c index 3b42893d3dd..602bd40caa8 100644 --- a/dlls/crypt32/store.c +++ b/dlls/crypt32/store.c @@ -348,7 +348,14 @@ static PWINECRYPT_CERTSTORE CRYPT_SysRegOpenStoreW(HCRYPTPROV hCryptProv, SetLastError(E_INVALIDARG); return NULL; } - if (!lstrcmpiW(storeName, rootW)) + /* FIXME: In Windows, the root store (even the current user location) is + * protected: adding to it or removing from it present a user interface, + * and the keys are owned by the system process, not the current user. + * Wine's registry doesn't implement access controls, so a similar + * mechanism isn't possible yet. + */ + if ((dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK) == + CERT_SYSTEM_STORE_LOCAL_MACHINE && !lstrcmpiW(storeName, rootW)) return CRYPT_RootOpenStore(hCryptProv, dwFlags); switch (dwFlags & CERT_SYSTEM_STORE_LOCATION_MASK)