September 2006


Over in the RC forums (http://www.roth.net/forums/) someone posted about having problems with Crypt::SSLeay on a Windows server. Of course I was curious so I started digging and uncovered an interesting blog entry from Brian Kelly over at SQLServerCentral.com. He explains why ActiveState does not offer the standard encryption extensions either by default or in their online repositories. It is worth a quick read:

http://blogs.sqlservercentral.com/blogs/brian_kelley/archive/2005/12/16/376.aspx

My tech editor recently pointed out something that I found quite astonishing about the Win32::TieRegistry. If you are not familiar with this extension, it is quite useful: by tie-ing a hash to the Windows registry it is quite simple and easy to access registry hives, keys, values and data–as easy as using a simple Perl hash.

This extension is a Godsend for everyone who has have never programmed to the Win32 registry APIs or used Perl’s Win32::Registry (which pretty much mirrors the Win32 registry APIs). The registry APIs are not the most intuitive, even though they are logical (once you bother to learn them).

But what amazed me was that Win32::TieRegistry makes some pretty vast assumptions about permissions. As he explained to me, when you load the extension in your script it attempts to open the registry with read and write privileges. This is fine if you are running a script as an administrator or only accessing keys that you have been granted such permissions. But if you are not an elevated user then attempts to only read keys, values and data will fail — without tripping a fault or some kind of noticeable error.