In this is the post I thought about writting about Isolation of registry since there were some major enhancements that went in Offline Plugin Version 6.0. In this post I will talk upon working of registry inside isolation, I do not want to spend time on talking basic of registry and how registry works. I would like to concentrate on how registry works inside isolation or SANDBOX.
A Isolation System is a mechanism for logical separation of running program. The Isolation System typically provides a set of controlled resources for program running inside isolation to run in, such as Registry Entries, Files, the ability to inspect the Operating system are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.
If you want me to explain Isolation or Sandboxing in a simple English, “The Sandboxing/Isolation is a technique of fooling the installer or the application saying that all your registry, Filesystem, COM access are going to local machine, but internally It will be redirected to a location that the app will never know.”
The Fundamental objective of Sandbox is to make the Installers think that all the entries that it is creating, modifying and deleting is going into physical Machine, but in reality all the entries created by Installer is being Isolated or redirected into a different location.
Now, we can achieve Registry isolation by different means, One Method is to save all the entries into a File by opening a simple stream in serialized fashion, and reconstruct the same during Client Side, Second Method is Redirect all the entries inside registry to a predefined location, which mimics the registry on the local machine and export the keys and import it on the client side.
Our Sandboxing System fallows the second method, During profiling All the registry entries are captured on the profiler machine, so we have all the registry entries of the Application that was run during profiling.
There is already a blog about Registry Inside Isolation by Joe Nord. I am building upon this.
In earlier version of streaming client / Offline Plugin below version 6.0, the registry was stored in tab format, by name Installroot.tab. Please donot get confused with the windows 0x90 format files, this is different. and earlier version of Offline Plugin required you to DeCompress the .cab file format for corrosponding target [ which is Corrosponding OS] and then you could see installroot.tab, but now in version 6.0 since we moved to directory format, one can just browse through the directories or search for installroot.tab/ installroot.bat.
Now we additionally store in a different format which i will explain below.,
And this file is saved using two formats
1. Hive Format (This is windows Hive Format.)
2. Tab Format (Note. this is not windows tab format.)
All these formats are stored using the packager location, under particular target.
during Streaming an app, first we try to load the Registry using Hive Format and if the Hive fails to download, which is a typical case in slow networks, we try to load using tab format.
During Profiling If user wants to Modify the registry Entries, One can achieve this in many ways.
First Method is that, One can open a isolated command prompt and using reg.exe one can perform the registry operation.
Second Method is, An Another Simpler mechanism is that one can choose Advance Option and select Registry Editor.
as shown in the figure below
And later once user selects the key, the and select “Launch Windows Registry Editor”, it launches Registry Editor Inside Isolation.
So For explaining I added a key using regedit.exe as shown in the image below, and close the regedit.exe application.
Now, I will open the regedit.exe from outside isolation say from Start->Run->Regedit.exe from windows Menu, and Open HKEY_LOCAL_MACHINE\Software. and try to see the key that was created earlier inside isolation “This_Is_A_Test_Key”, Where did the entry go, I swear I didnot delete the key before taking the printScreen of this View .
Well, This is the Job of our Isolation Space, which isolates the data.
Now we will do a simple Find on the key “This_Is_A_Test_Key” and select HKEY_LOCAL_MACHINE, Haa.. I found the key this time. see the image below.
The Sandbox creates a similar registry Skeleton inside isolation HKEY_LOCAL_MACHINE to HKEY_USER and implements the same rule that is implemented outside isolation such as Registry Reflection and Registry Redirection, Symbolic Links and so on. The Key after HKEY_LOCAL_MACHINE\Software\Citrix\AIE will be a GUID which will be unique for every instance it runs.
3. There is another advance option where, user manually go and edit the registry, which requires some insight into how rules works inside isolation what are the layers and so on.
In my next session i will talk about the Registry Rules, one of the core component inside Isolation Space.
Happy Streaming . . .
Kiran Kumar S
App Streaming Team