[英]Registry change permission remove other user rights
I would like to change ownership, then permission to a registry key. 我想更改所有权,然后更改对注册表项的许可。
here the code I have so far : 这是我到目前为止的代码:
var id = WindowsIdentity.GetCurrent();
if (!Win32.SetPrivilege(Win32.TakeOwnership, true))
throw new Exception();
if (!Win32.SetPrivilege(Win32.Restore, true))
throw new Exception();
var hklm = RegistryKey.OpenBaseKey(registryHive, is64Key ? RegistryView.Registry64 : RegistryView.Registry32);
using (RegKey = hklm.OpenSubKey(path, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership))
{
if (RegKey == null)
throw new Exception("clé de registre non trouvée");
_security = RegKey.GetAccessControl(AccessControlSections.All);
var oldId = _security.GetOwner(typeof (SecurityIdentifier));
_oldSi = new SecurityIdentifier(oldId.ToString());
_security.SetOwner(id.User);
RegKey.SetAccessControl(_security);
}
using (RegKey = hklm.OpenSubKey(path, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions))
{
_fullAccess = new RegistryAccessRule(id.User, RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);
_security.AddAccessRule(_fullAccess);
RegKey.SetAccessControl(_security);
}
Everything works fine, but in regedit, the subkey right only contains my user, all others users are removed. 一切正常,但是在regedit中,子项权限仅包含我的用户,所有其他用户均被删除。
Before : 之前:
After : 之后:
It seems that inherited rights are removed. 似乎继承的权限已被删除。
I'm close to succeed, it must miss a parameter, but I don't see which one. 我快要成功了,它必须错过一个参数,但是我看不到哪个参数。
Try adding this: 尝试添加以下内容:
_security.SetAccessRuleProtection(false, false);
Before you call this: 在您致电之前:
RegKey.SetAccessControl(_security);
Doing so will ensure that "protection from inheritance" is disabled (aka inheritance is allowed). 这样做将确保禁用“防止继承”(允许继承)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.