Login/Register
Why aren't .NET "application settings" stored in the registry?
Asked Answered
Solved .netregistryapplication-settings
D

17

28

Some time back in the nineties, Microsoft introduced the Windows Registry. Applications could store settings in different hives. There were hives for application-wide and user-specific scopes, and these were placed in appropriate locations, so that roaming profiles worked correctly.

In .NET 2.0 and up, we have this thing called Application Settings. Applications can use them to store settings in XML files, app.exe.config and user.config. These are for application-wide and user-specific scopes, and these are placed in appropriate locations, so that roaming profiles work correctly.

Sound familiar? What is the reason that these Application Settings are backed by XML files, instead of simply using the registry? Isn't this exactly what the registry was intended for?

The only reason I can think of is that the registry is Windows-specific, and .NET tries to be platform-independent. Was this a (or the) reason, or are there other considerations that I'm overlooking?

Destalinization answered 8/4, 2010 at 13:25 Comment(7)
The C# language spec is an open standard but the .Net Framework itself is closely guarded by MS as a Windows only framework (Silverlight aside), I don't think you could say that it tries to be cross-platform so I think that line of thought is a dead-end.Awfully
"Closely guarded" is a bit of an overstatement, considering the fact that MS has actively encouraged the developer of Mono.Less
@Lazarus, boo-urns. you are correct on open standard spec, and proprietary implementation, but your conclusion seems incorrect. spec informs implementation not the other way around, and in both spec and implementation .Net attempts to be platform agnostic. to the original question, i do not know if cross-platform is the reason for app.config, but it may be part. for what it's worth, i believe portability and isolation are also factors. and usability. ever try to fix a corrupt registry?Pyrogenic
@Lazarus: There's no closely guarded anything about .NET. The source code is available for debugging, Microsoft openly supports Mono and Moonlight, and through such projects, enables or is in the throes of enabling a variant of the .NET framework on almost any device.Geer
hopefully is because ms wants to get rid of the registry by windows 10.Wellturned
Just an observation: Every potential answer provided below has been met by the asker with, at best, unwarranted skepticism. Are you interested in hearing options or merely debating the merit of the registry? Seems like an argumentative stance, to me.Goatee
@Chris: As you can see, many answers say "Config files can do X!" where my comment is "The registry can do X too." So those are not valid arguments in favour of the use of config files. Admittedly, I'm playing devil's advocate here. But it seems to have provoked some great answers!Destalinization
A
25

I don't think it is one answer I think it's a combination:

  • The registry at the time of creating it looked like a good idea to store all settings for all programs in one place as oppose to the .ini files generally used before. At the time this increased performance as small .ini file reads from slow hard drives were costly, a single registry file somewhat increased performance. This is now different as hard drives are far faster and more and more settings have been dumped in the registry making it a burden on the system. You will see this if you install and uninstall lots of programs in windows it begins to slow down and eventually you probably end up reformatting.
  • An incorrect write to the registry even in the current user settings can ruin your system.
  • The registry doesn't help xcopy deployment of programs without specific code to handle lack of registry keys... This includes removing programs by simply deleting the folder in many cases
  • Greater permissions can be needed to install an application if it needs access to the registry
  • A .config file easily allows default application and user setting which can be modified on first run of the program by the end user
  • Allows .NET to potentially run on other systems without OS specific code. This can somewhat be seen with Silverlight and isolated storage.
  • Greater security through the use of Isolated Storage for the application and users
  • Gives Microsoft the possibility way in the future to have a managed code only OS without many old dependencies. Think of the framework as a layer between any OS and the managed code.
Archer answered 8/4, 2010 at 15:16 Comment(5)
Sorry I sent this on my phone the bullet points have gone wrongArcher
I'm accepting this answer because it's the most complete summary of all the others. Thank you all!Destalinization
It's worth noting that "Application settings" refers to both "Application-scoped settings" and "User-scoped settings"; however, the points above on xcopy deployment, greater permissions, .config files, and greater security do not apply to user-scoped settings. For those, the only remaining reasons are those related to flexibility (to which I would add XML data types vs. registry data types).Selfmade
An incorrect write to the per-user registry (HKCU) cannot ruin your system, just your account. You retain the recourse to delete the user profile and start with a fresh one. Of course, depending how good backup your backups are, losing your user profile can be almost as bad as losing the whole system. :-) That said, this point is small because the alternative (writing to the file system) can also ruin your user profile.Selfmade
It's worth noting that the registry remains an important speed-up over .ini files, as disk is still slow compared to everything else. Given the increased quantity of configuration info stored, if the same info were stored in .ini or .xml files, performance would be even worse than the crufty experience we currently see. The real problem is lack of indexing, e.g. doing a linear search through HKCR for a collection of COM objects that meet a certain criteria.Selfmade
C
28

Taking a dependency on the registry prevents XCOPY Deployment.

Cyanic answered 8/4, 2010 at 13:32 Comment(0)
A
25

I don't think it is one answer I think it's a combination:

  • The registry at the time of creating it looked like a good idea to store all settings for all programs in one place as oppose to the .ini files generally used before. At the time this increased performance as small .ini file reads from slow hard drives were costly, a single registry file somewhat increased performance. This is now different as hard drives are far faster and more and more settings have been dumped in the registry making it a burden on the system. You will see this if you install and uninstall lots of programs in windows it begins to slow down and eventually you probably end up reformatting.
  • An incorrect write to the registry even in the current user settings can ruin your system.
  • The registry doesn't help xcopy deployment of programs without specific code to handle lack of registry keys... This includes removing programs by simply deleting the folder in many cases
  • Greater permissions can be needed to install an application if it needs access to the registry
  • A .config file easily allows default application and user setting which can be modified on first run of the program by the end user
  • Allows .NET to potentially run on other systems without OS specific code. This can somewhat be seen with Silverlight and isolated storage.
  • Greater security through the use of Isolated Storage for the application and users
  • Gives Microsoft the possibility way in the future to have a managed code only OS without many old dependencies. Think of the framework as a layer between any OS and the managed code.
Archer answered 8/4, 2010 at 15:16 Comment(5)
Sorry I sent this on my phone the bullet points have gone wrongArcher
I'm accepting this answer because it's the most complete summary of all the others. Thank you all!Destalinization
It's worth noting that "Application settings" refers to both "Application-scoped settings" and "User-scoped settings"; however, the points above on xcopy deployment, greater permissions, .config files, and greater security do not apply to user-scoped settings. For those, the only remaining reasons are those related to flexibility (to which I would add XML data types vs. registry data types).Selfmade
An incorrect write to the per-user registry (HKCU) cannot ruin your system, just your account. You retain the recourse to delete the user profile and start with a fresh one. Of course, depending how good backup your backups are, losing your user profile can be almost as bad as losing the whole system. :-) That said, this point is small because the alternative (writing to the file system) can also ruin your user profile.Selfmade
It's worth noting that the registry remains an important speed-up over .ini files, as disk is still slow compared to everything else. Given the increased quantity of configuration info stored, if the same info were stored in .ini or .xml files, performance would be even worse than the crufty experience we currently see. The real problem is lack of indexing, e.g. doing a linear search through HKCR for a collection of COM objects that meet a certain criteria.Selfmade
M
15

Another reason is that in order to edit the registry you would have to have higher amounts of permissions. If you are just editing an app config file you would only need to have rights to that file.

Maturation answered 8/4, 2010 at 13:29 Comment(4)
+1: I remember this as a big advantage over having to muck about with the registry. I also believe that it made installations easier: you didn't have to modify the registry as part of your installation.Epitome
A normal user account has write access to their own HKEY_CURRENT_USER by default. Is this ever not the case?Destalinization
@Thomas: Users have permission to write to their personal registry but they may not have access to the registry-editing tools. If the settings become corrupted (and I've seen it happen), it's very useful to be able to just open up the folder and delete/fix the XML files.Object
Hm. Indeed, UAC kicks in when I try to run regedit. How silly... It wouldn't let me access any keys I don't have permissions for, anyway...Destalinization
L
12
  • The registry is huge so it can be cumbersome to locate the relevant information (even with searching).
  • It is possible to affect other applications by accident when modifying the registry.
  • If the registry is corrupted all applications may be affected (including the OS).
  • You need special purpose tools to search, modify and even copy the registry.

I prefer config files.

Lumber answered 8/4, 2010 at 13:32 Comment(2)
Affecting other applications by accident when modifying the filesystem is also possible.Destalinization
@Thomas: Certainly, I'm not saying config files are fool proof, but IMO they are easier to handle than the registry.Lumber
M
7

It's because the registry is an ugly nightmare to use, and people didn't like it. It also didn't support xcopy deployment. With the use of xml files for configuration, you can move an app from machine to machine without the need of an installer. This was one of the biggest complaints with writing code back in the 90s.

With the registry, you have to grant someone permission to modify it when you install the application which in many organizations is forbidden. To modify the setting for an application you also have to know where to look in the registry which is difficult at best in many instances. With the config file, it's right there segregated from most other apps. Typically all the settings you need are right there for easy view and modification.

Malley answered 8/4, 2010 at 13:33 Comment(2)
The user.config file isn't exactly "right there". It's hidden pretty well in a folder that's invisible by default.Destalinization
That's true there are options available to .net which are difficult to find, but by default the app.config is pretty easy locate and modify. Technically, you can still write to the registry in .net, they've just provided a much better (IMO) alternative.Malley
D
5

One immediate (but important) advantage:

With plain configuration files, users can restore their settings easily in case of a reinstall / restore from backup. It's a lot harder to do this from registry values.

Devastating answered 8/4, 2010 at 13:29 Comment(0)
G
3

One big advantage of moving to config files over the registry is to allow side-by-side installs of the same program. With the registry, central configuration info would overlap for these duplicate installs, but using config files, the information is kept private to each specific install. It's true that user-specific configuration overrides might potentially overlap (since they're stored in the user's app data folder, not specific to the install path), but imagine a scenario where different users use different installs, in which case this potential problem becomes irrelevant.

Goatee answered 9/4, 2010 at 12:48 Comment(0)
O
2

I think that one of the main reasons for this was application updates. When you install an update (i.e. using ClickOnce), the new settings actually go into a new folder. When you uninstall it, the new folder is deleted and the old settings are still around. If the registry were used instead, there would be no way to do this "versioning."

Other reasons might include:

  • Permissions (app settings always go into AppData/LocalAppData which requires no privileges)
  • Ease of maintenance/backups
  • Portability (it's rather difficult to deal with the registry using the .NET Compact Framework, and god help you if you're trying to support Mono).
Object answered 8/4, 2010 at 13:33 Comment(2)
Why couldn't you do this with the registry? It's got a concept of "folders" too, only they're named "keys".Destalinization
@Thomas: That's true, although they'd have had to implement a special versioning system for the registry. Using XML settings they can take advantage of the application versioning system that already exists in ClickOnce.Object
A
2

It seems to me that the registry is one of those things that "seemed like a good idea at the time" - for all the many reasons already listed by others. There is nothing wrong with realizing that something was not such a great idea after all, and instead using an alternative that is simpler and more convenient, even if it may seem like a step backwards in certain ways.

Andrews answered 8/4, 2010 at 13:45 Comment(1)
Interesting. I hadn't thought of it in this way. Can you think of any other examples where MS is abandoning the registry in favour of something else?Destalinization
B
1

I heard a fairly substantial rumor that the data storage format used by sharepoint and by team foundation server, backed by SQL, was originally intended to replace the windows file system in windows 7. If this was the plan, then windows would have gained / (will someday?) gain a transactional data store for storing lists of data. This data storage method would probably be superior in every way to the registry.

Given that, it's hardly suprising to see Microsoft minimize the use of the registry as they move forward with the .net framework.

Bottoms answered 8/4, 2010 at 13:42 Comment(1)
Hmmm... wikipedia. Maybe I should have said 'somewhat disreputable rumor'. But yes, WinFS was what I was thinking of.Bottoms
P
1

instead of simply using the registry

The registry is NOT simple. On my PC, it's a 40MB binary mess, and I hope the bits inside it don't change their mind.

Isn't this exactly what the registry was intended for?

Yes. But then again, DLLs were intended to provide shared functionality to different applications.

Pal answered 8/4, 2010 at 14:38 Comment(1)
The registry itself may not be simple, but accessing it from a .NET program is not a difficult affair. Not much more difficult than accessing the filesystem. msdn.microsoft.com/en-us/library/microsoft.win32.registry.aspxDestalinization
P
0

I think the new way of .config file helps by:

  • Give the applications the flexibility to provide their own configurations as an override to the default configurations provided - consider the case of web.config overriding the machine.config
  • Sometimes, it might not be possible to change the registry settings since you might not have the rights needed. So, a config file allows you to make changes applicable for your own application without needing the additional rights
  • With a registry entry, multiple application could potentially be using the same configuration. But if you change it for your application, you might cause un-intended behaviour on the other applications & you might not have complete information about this

Just some thoughts that come to mind...

HTH.

Placia answered 8/4, 2010 at 13:32 Comment(2)
Why couldn't multiple applications potentially be using the same XML file, as well? Because there are measures in place to prevent this (GUID strings). The same thing could be used in the registry.Destalinization
@Destalinization - multiple application will have their own .config file deployed in their bin/root which will contain setting specific to that application & usually deployed with the application. I think this is a far better way to go than change registry setting.Placia
M
0

I would venture a guess that ease of remote deployment was a deciding factor.

Melisandra answered 8/4, 2010 at 13:33 Comment(0)
C
0

Application portability can be one reason. Application folders can be copied from one computer to other and settings will go with the application. Useful when running applications from usb flash drives on multiple computers.

Cloraclorinda answered 8/4, 2010 at 13:52 Comment(2)
User settings won't go with the application; they'll go with the user profile. Application settings, which are usually modified only by administrators, are the only settings that would move along with the application. So I doubt that this was the reason.Destalinization
Well it actually depends what you are storing in application settings and how your are dealing with user settings. Still moving application settings adds some portability. "Application settings addresses both needs by providing an easy way to store both application-scoped and user-scoped settings on the client computer." msdn.microsoft.com/en-us/library/k4s6c3a0.aspxCloraclorinda
R
0

I dont think this is a question of being platform independant. Many applications have been developped in the past on Linux, Mac and Windows, some using config files and others the registry.

I think the main reason comes from the "COM experience". The whole principle was to have component objects registered centrally in the registry so that any application could use it without having to copy the dll. This rapidly lead us to versionning problems. Multiple applications could hardly use different versions of a same component.

With configurations in the registry you have the same problem. Having two versions of a same application can be a real problem if the development was not done right. We had this kind of problems using multiple versions of Oracle a long time ago.

With .Net and the exploding capacity of hard drives and bandwidth, file duplication is no longer a concern. Having the dependencies copied in your folder project greatly simplifies application deployment. The same applies to configurations files. You can host multiple copies/versions of the same application without having problems with the limited machine/user architecture of the Registry.

Redwood answered 8/4, 2010 at 15:52 Comment(0)
D
0

Microsoft suggested both ways, because they have different capabilities. For example if you create some application for using in Active Directory, you can easily modify settings for thousands computers, even your application installed to different directories. If you choose xml you should know application folders for every PC or create some smart script to find them. But as many people said xml better for portability, settings backup and other.

So, there is no best way. Developers who need registry - using it directly. It is not so difficult. Probably that's why Microsoft didn't make app settings in registry.

Demagogic answered 22/7, 2013 at 21:28 Comment(0)
F
-1

I think there is a huge security issue about Application Setting (.config files) is that can be edited in any text editor and change every thing.

Let's say that a connectionString is stored and some one deleted or changed all values in the config file then the application will have a lot of proplem so the config file should be protected.

or store Setting in DLL file for example.

Famulus answered 8/4, 2010 at 14:4 Comment(3)
Unless I'm greatly mistaken, this isn't answering the question at all.Destalinization
Only an idiot would store an unencrypted connection string in a production app.Hitormiss
I mean VS Studio sould provide another way to store SettingFamulus

© 2022 - 2024 — McMap. All rights reserved.