堆栈内存溢出
  简体   繁体   English

.Net注册表安全权限-具有权限的用户无法访问注册表

[英].Net Registry Security Permissions - User with Permissions cannot access Registry

 原文  2009-09-11 12:54:04       c#/ .net/ permissions/ registry

问题描述

For my .net application i have a mechanism that creates a special user on the local machine. 对于我的.net应用程序,我有一种在本地计算机上创建特殊用户的机制。 I then create the Registry / Directory entries and assign this newly created user full access to the appropriate Sub Keys / Folders. 然后,我创建注册表/目录条目,并为该新创建的用户分配对适当的子项/文件夹的完全访问权限。

For my test i use Impersonation to setup the enviroment to run under this new user, and then run some manipulations on the Registry / Directory sections. 对于我的测试,我使用模拟来设置要在该新用户下运行的环境,然后在“注册表/目录”部分中运行一些操作。

I use the following code to create my registry section (Run as Admin): 我使用以下代码创建注册表部分(以管理员身份运行): 

        RegistryAccessRule rule = new RegistryAccessRule(LOGON_USER_NAME, RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); 
        RegistrySecurity security = new RegistrySecurity();
        security.AddAccessRule(rule);

        //Create Test Sub Key in Registry with permissions for the MicaUser
        root = Registry.LocalMachine.CreateSubKey(SUB_KEY_ROOT, RegistryKeyPermissionCheck.ReadWriteSubTree);
        root.SetAccessControl(security);

        RegistryKey key = root.CreateSubKey(SUB_KEY_DELETE, RegistryKeyPermissionCheck.ReadWriteSubTree);

        root.Close();
        key.Close();

Then when i attempt to manipulate the register under an impersonated user: 然后,当我尝试在模拟用户下操纵寄存器时:

RegistryKey root = Registry.LocalMachine.OpenSubKey(SUB_KEY_ROOT); RegistryKey根= Registry.LocalMachine.OpenSubKey(SUB_KEY_ROOT); root.DeleteSubKeyTree(SUB_KEY_DELETE); root.DeleteSubKeyTree(SUB_KEY_DELETE);

This causes a permissions exception "Cannot write to the registry key". 这将导致权限异常“无法写入注册表项”。

The directory manipulation is fine, and works as expected, however the registry permissions fail. 目录操作很好,并且可以按预期工作,但是注册表权限失败。 I checked the registry and the user has been granted full permissions to the sub key. 我检查了注册表,并已授予该用户对该子项的完全权限。

Error: "Cannot Write to Registry Key" 错误:“无法写入注册表项”

NOTE: The registry manipulation works fine under an Admin user, so the code is correct. 注意:在Admin用户下,注册表操作可以正常工作,因此代码正确。

Any thoughts? 有什么想法吗?

Regards 问候

Tris

1 个解决方案

解决方案1
 1 已采纳  

Update: 更新:

I have figured out what the problem was with regards to accessing the various sub items, both Directories and Registries. 我已经弄清楚了访问目录和注册管理机构等各个子项目存在的问题。 It appears the ACL is applied ONLY to child items and not to the root item. 似乎ACL仅应用于子项,而不应用于根项。 The issue below is a question as to how to solve this problem: 下面的问题是有关如何解决此问题的问题:

C# - Windows ACL - Applying Inherited Permissions C#-Windows ACL-应用继承的权限

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 确定用户是否具有编辑注册表的权限? - Determine if a user has permissions to edit the registry? 使用.NET设置注册表项写入权限 - Setting Registry key write permissions using .NET 注册表读取权限 - Registry read permissions 我可以阅读注册表权限吗? 如果是这样,怎么办? - Can I read registry permissions? If so, how? 如何在C#中获取注册表写入权限 - How to get registry write permissions in C# 设计模式以检查用户访问权限.net - Design Pattern to check user access permissions .net 访问CurrentUser注册表项以模拟用户-与.NET 3.5的兼容性 - Access CurrentUser Registry Key for Impersonated User - Compatibility with .NET 3.5 请求的注册表允许访问而不会出现安全漏洞 - Requested registry allow access without security leaks 尝试使用C#设置注册表权限时发生NullReferenceException - NullReferenceException when trying to set registry permissions with C# 如何在C#注册表中将权限设置为完全控制 - how to set permissions to full control in c# registry
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM