PRB: RAW Socket Access Denied to Non-Admin Windows NT 4.0 and Windows 2000 Users

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows registry
For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.


A Socket or WSASocket call that specifies the SOCK_RAW socket type fails with the following Winsock error message (10013 WSAEACCES) if the user is a non-administrator who is logged onto a Windows NT 4.0 or Windows 2000 system:

"An attempt was made to access a socket in a way forbidden by its access permissions."


This behavior is by design.

More Information

In Windows 2000, there is no way to disable this security check. Access to Raw Sockets is granted on a per-transport basis. For the address family AF_INET, only administrators have the access necessary to create Raw Sockets.


To work around this problem in Windows NT 4.0, you can disable the security check on RAW sockets by creating the following registry variable and setting its value to DWORD 1:

After you change the registry, you need to restart your computer.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

Id. de artículo: 195445 - Última revisión: 11 jul. 2005 - Revisión: 1