Previous Topic: RunAsPlg

Next Topic: WinServicePlg

Reference GuideRegistry EntriesThe CA Access Control RegistryInstrumentationPlugInsStopPlg

StopPlg

CA Access Control maintains Stack Overflow Protection (STOP) plug-in settings it uses under the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Instrumentation\PlugIns\StopPlg

The Instrumentation\PlugIns\StopPlg registry key contains the following registry entries:

Altitude

Defines the order of plug-in loading.

Limits: 1-1000 (values below and above the limits are reserved for internal purposes)

Type: REG_DWORD

Default: 5

ApplyOnDLL

Defines the DLL names (modules) to which the current plug-in applies.

Type: REG_MULTI_SZ

Default: Kernel32.dll

ApplyOnProcess

Defines the processes to which the current plug-in applies.

You can provide the name of the service, the filename, or the full pathname. For example, "services.exe", "\system32\services.exe", "c:\windows\system32\services.exe".

Type: REG_MULTI_SZ

Note: If this registry entry has only one value, REG_SZ is also a valid type.

By default, this token is not set (plug-in applies to any process).

ExcludeProcess

Defines the processes to which the plug-in does not apply.

Note: This entry is valid only if ApplyOnProcess is not set.

Type: REG_MULTI_SZ

Default (Windows 2008): slsvc.exe

Default (all other Windows versions): Blank (token is not set)

OperationMode

Specifies whether to load the plug-in (1) into memory.

Type: REG_DWORD

Default: 0

PluginName

Defines the name of the dynamic link library (DLL) for the plug-in.

Type: REG_SZ

Default: ACInstallDir\bin\StopPlg.dll

STOPClientTraceEnabled

Specifies whether the STOP client module has trace logging enabled.

Type: REG_DWORD

Default: 0 (disabled)

STOPClientTraceModulePath

Defines the full pathname of the STOP client module trace logging module.

Type: REG_SZ

Default: ACInstallDir\bin\STOPClientTrace.dll

STOPSEHHandlingModeDisabled

Specifies whether STOP extensive checks for SEH based exploits are enabled.

Type: REG_DWORD

Default: 1 (disabled)

TraceDbgEnable

Specifies whether to trace status flag for the cainstrm module, that is, enables tracing into DbgView or Kernel Debugger.

Type: RED_DWORD

Limits: 0, false; 1, true.

Default: 0

TraceFileIsCyclic

Specifies the type of the trace file.

Type: REG_DWORD

Limits: 0, trace file is not cyclic; 1, trace file is cyclic.

Default: 0

TraceFileSizeLimit

Defines the maximum size of the trace file in bytes. A value of 0 means no maximum size limit is imposed on the trace file.

Type: REG_DWORD

Default: 0

TraceFilteringMask

Defines the filtering mask for each plugin. The supported values for this registry value change depending on the status of the software component for which you define the registry value. Two values are predefined: 0, all information is filtered (display no information); 0x0ffffffff, no information is filtered (display all information).

Type: REG_DWORD

Default: 0

Note: We recommend that you do not change the value of this registry entry yourself. For assistance, contact CA Support at http://ca.com/support.

TraceFolderPath

Defines the full pathname to the trace file.

Type: REG_SZ

Default: Blank

TraceOutputMask

Defines the filtering mask for the trace output channels - debug stream, file, or ETW. You can specify that the trace outputs to file, to DbgView debug channel, or to WinDbg debug channel. A value of 0 disables any output.

Type: REG_DWORD

Default: 0

Note: We recommend that you do not change the value of this registry entry yourself. For assistance, contact CA Support at http://ca.com/support.