Name: rmT116609 Date: 10/31/2002


FULL PRODUCT VERSION :
java version "1.4.1"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1-b21)
Java HotSpot(TM) Client VM (build 1.4.1-b21, mixed mode)

FULL OPERATING SYSTEM VERSION :
Microsoft Windows 2000 [Version 5.00.2195] Service Pack 1

A DESCRIPTION OF THE PROBLEM :
Preferences nodes below the system and user root cannot be read by Windows restricted users.

It is possible to read registry keys at the system and user root itself (Software\JavaSoft\Prefs), but not to access any keys below the root, because the Preferences.node() function always throws an exception, even when the node
already exists.

It should be possible for a restricted user to have read access to any Java Preference nodes stored for the system or the user, but not to change them. Windows allows read access to the registry for restricted users, but not write
access.

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Compile source code provided.
2. Run program as a Windows standard user: it creates a node "test" in the Windows Registry and prints "value".
3. Run program as a Windows restricted user: error.



EXPECTED VERSUS ACTUAL BEHAVIOR :
I expected step 3 to print "value" as step 2, but I got an error.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
28-Oct-2002 16:32:51 java.util.prefs.WindowsPreferences openKey
WARNING: Could not open windows registry node Software\JavaSoft\Prefs at root 0x
80000002. Windows RegOpenKey(...) returned error code 5.
Exception in thread "main" java.lang.SecurityException: Could not open windows r
egistry node Software\JavaSoft\Prefs at root 0x80000002: Access denied
        at java.util.prefs.WindowsPreferences.openKey(Unknown Source)
        at java.util.prefs.WindowsPreferences.openKey(Unknown Source)
        at java.util.prefs.WindowsPreferences.<init>(Unknown Source)
        at java.util.prefs.WindowsPreferences.childSpi(Unknown Source)
        at java.util.prefs.AbstractPreferences.node(Unknown Source)
        at java.util.prefs.AbstractPreferences.node(Unknown Source)
        at Test.main(Test.java:7)

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import java.util.prefs.*;

public class Test
{
public static void main( String[] args )
{
Preferences prefs = Preferences.systemRoot().node( "test" );
System.out.println( prefs.get( "key", "value" ) );
}
}
---------- END SOURCE ----------
(Review ID: 166333)
======================================================================

Name: rmT116609 Date: 10/31/2002


 DESCRIPTION OF THE PROBLEM :
When a user runs a java program that access the system preferences by using the following code:

    private static final Preferences systemPrefs;
    static {
        systemPrefs = Preferences.systemRoot().node
("/my/system/pref");
    }
a SecurityException is thrown from java.util.prefs.WindowsPreferences. Running the same code with administrator's privilage is fine.

If accessing to system preferences is only limited to user with high previlages, it seriously deminishes the purpose of providing the API. I notice this problem has been reported in Java Discussion Forums
(http://forum.java.sun.com/thread.jsp? forum=31&thread=261679) with a 10 duke dollar reward. But I think a work around to the problem, if it exists, will be
contorted.

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Run code with "user" previlage in windows 2000:

import java.util.prefs.Preferences;
public class Test {
    private static final Preferences systemPrefs;
    static {
        systemPrefs = Preferences.systemRoot().node
("/my/system/pref");
    }
    public static void main (String [] args) {}
}

You will get a java.lang.SecurityException.

2. Run same code with administrator's privilage, everything
is fine.
3.

EXPECTED VERSUS ACTUAL BEHAVIOR :
Expected result: code runs fine by users in both
the "users" user group and the "administrators" user group.

Actual result: code runs only by users in
the "administrators" user group. code throws
SecurityException when run by a user in the "users" user
group.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
E:\java\my>whoami
test

E:\java\my>java Test
Oct 31, 2002 6:13:07 AM java.util.prefs.WindowsPreferences openKey
WARNING: Could not open windows registry node Software\JavaSoft\Prefs at root
0x80000002. Windows RegOpenKey(...) returned error code 5.
Exception in thread "main" java.lang.ExceptionInInitializerError
Caused by: java.lang.SecurityException: Could not open windows registry node
Software\JavaSoft\Prefs at root 0x80000002: Access denied
        at java.util.prefs.WindowsPreferences.openKey
(WindowsPreferences.java:477)
        at java.util.prefs.WindowsPreferences.openKey
(WindowsPreferences.java:449)
        at java.util.prefs.WindowsPreferences.<init>
(WindowsPreferences.java:372)
        at java.util.prefs.WindowsPreferences.childSpi
(WindowsPreferences.java:789)
        at java.util.prefs.AbstractPreferences.node
(AbstractPreferences.java:816)
        at java.util.prefs.AbstractPreferences.node
(AbstractPreferences.java:800)
        at Test.<clinit>(Test.java:5)

E:\java\my>whoami
Administrator

E:\java\my>java Test

E:\java\my>

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import java.util.prefs.Preferences;
public class Test {
    private static final Preferences systemPrefs;
    static {
        systemPrefs = Preferences.systemRoot().node("/my/system/pref");
    }
    public static void main (String [] args) {}
}
---------- END SOURCE ----------
(Review ID: 166468)
======================================================================

Name: rmT116609 Date: 11/01/2002


 DESCRIPTION OF THE PROBLEM :
Accessing an existing system preference by a user who is *not* in the administrator group results in a SecurityException. Using nodeExists: if the node does not exist in the system preferences
(HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Prefs) it returns false and everyone is happy. If the node does exist in the system preferences and the user is not in the administrator group, then Windows RegOpenKey returns an error and a SecurityException is thrown.

This is new to Java 1.4 as Preferences didn't exist before it.

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. As a user in the Administrators group create a system
preference (test/pref key=not value=working).
2. As a user *not* in the Administrator group
    Preferences prefs = Preferences.systemRoot();
    if ( prefs.nodeExists( "test/pref" ) ) {
        System.out.println( "test/pref node exists" );
    }
3. relax and enjoy the SecurityException


EXPECTED VERSUS ACTUAL BEHAVIOR :
Expected:
test/pref node exists

Reality:
Nov 1, 2002 8:41:48 AM java.util.prefs.WindowsPreferences
openKey
WARNING: Could not open windows registry node
Software\JavaSoft\Prefs at root 0x80000002. Windows
RegOpenKey(...) returned error code 5.
java.lang.SecurityException: Could not open windows registry
node Software\JavaSoft\Prefs at root 0x80000002: Access denied

ERROR MESSAGES/STACK TRACES THAT OCCUR :
Nov 1, 2002 8:41:48 AM java.util.prefs.WindowsPreferences openKey
WARNING: Could not open windows registry node Software\JavaSoft\Prefs at root 0x
80000002. Windows RegOpenKey(...) returned error code 5.
java.lang.SecurityException: Could not open windows registry node Software\JavaS
oft\Prefs at root 0x80000002: Access denied
        at java.util.prefs.WindowsPreferences.openKey(WindowsPreferences.java:477)
        at java.util.prefs.WindowsPreferences.openKey(WindowsPreferences.java:449)
        at java.util.prefs.WindowsPreferences.<init>(WindowsPreferences.java:372)
        at java.util.prefs.WindowsPreferences.childSpi(WindowsPreferences.java:789)
        at java.util.prefs.AbstractPreferences.node(AbstractPreferences.java:816)
        at java.util.prefs.AbstractPreferences.node(AbstractPreferences.java:796)
        at PrefsTest.main(PrefsTest.java:31)

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
As Administrator:
import java.util.prefs.Preferences;
public class AdminAddPref {
    public static void main( String[] args ) {
        Preferences prefs = Preferences.systemRoot();
        prefs = prefs.node( "test/pref" );
        prefs.put( "not", "working" );
    }
}

As a non-administrator user:
import java.util.prefs.Preferences;
import java.util.prefs.BackingStoreException;
public class UserCheckPref {
    public static void main( String[] args ) throws BackingStoreException {
        Preferences prefs = Preferences.systemRoot();
        if ( prefs.nodeExists( "test/pref" ) ) {
            System.out.println( "Yes, it's there" );
        } else {
            System.out.println( "No, it's not" );
        }
    }
}
---------- END SOURCE ----------

CUSTOMER WORKAROUND :
Add all users to the Administrators group.

(Review ID: 166548)
======================================================================