0
Does someone know what is (or was) the point to have the HKCU/.DEFAULT alias for HKCU/S-1-5-18 (SYSTEM) in the Windows registry? Is it a legacy thing?
0
Does someone know what is (or was) the point to have the HKCU/.DEFAULT alias for HKCU/S-1-5-18 (SYSTEM) in the Windows registry? Is it a legacy thing?
3
This comes from Windows 9x series, which didn't have SIDs or the 'SYSTEM' account, because it didn't have any local security enforcement in the first place. All processes always had full privileges.
However, Windows 9x did have the ability to load different user profiles (per-user settings) and used the HKEY_USERS registry tree in a similar way.
By default, the "per-user settings" feature was disabled and HKCU was mapped to HKU\.Default, which was the only subtree that existed under HKU. (The login screen, if enabled at all, only asked for network credentials.)
And if you had per-user settings enabled, the system still booted with HKCU mapped to HKU\.Default at first (and you could simply click "Cancel" at the login screen and continue using the default profile instead of a user-specific one).