Registry Provider Security Considerations
Caution should be taken when implementing any solution that takes advantage of the Registry Provider. The standard disclaimer applies: Serious problems might occur if you modify the registry incorrectly. Improper use of this provider could result in denial of service, extended service downtime, information disclosure, or loss of data. Here are a few guidelines that developers and operations staff should consider the following:
All parameters should be validated against known good values stored in a secure location.
No input parameters should be based directly on user input.
Provider Procedures should not be directly called as trusted requests from an end user interface such as a Control Panel.
Firewall rules should be configured such that the MPF Engine servers can only establish RPC connections to a list of known valid servers (as specified in the machine attribute of the registry provider procedures)
Remote registry access should only be configured/allowed on those servers that absolutely require it.
Note
About HMC use of the Registry Provider: HMC use of the registry provider particularly for write operations is purposefully restricted to keys under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning.
For more information about input sources and effective data validation for MPS, see Input Validation and Protection against Injection Attacks.