c# - Secure a registry key via ACL to remove all access to non administrators -

-

I am trying to lock a registry key with some important information that should be accessible to the client machine, I do not want to be a non administrator for accessing this key if you are an administrator then you will already make more damage than what you are storing in the key.

What I am currently doing is this: 

  // Only allow access to administrators and deny all others rights to System.Security. AccessControl.RegistrySecurity acl = New System Security. AccessControl.RegistrySecurity (); Acl.AddAccessRule (New System Security. AccessControl.RegistryAccessRule ("Admin", System.Security.AccessControl.RegistryRights.FullControl, System.Security.AccessControl.AccessControlType.Allow)); Acl.AddAccessRule (New System Security. AccessControl.RegistryAccessRule ("Everyone", System.Security.AccessControl.RegistryRights.FullControl, System.Security.AccessControl.AccessControlType.Deny)); // Prevent access to legacy from accessible software or key to access to the company. Acl.SetAccessRuleProtection (true, false); MyKey.SetAccessControl (ACL);

If I am right then it will refuse to access everyone, allow anyone to explicitly log in to the Administrator group and stop applying all the hereditary permissions by applying to my key ? I should know that before I will do ACL before screwing up the key, as if I could not remove it. Should I set the key owner as an Administrator group too?

PS: It is very important that the key can also be read as non-administrator, not only has changed.

"post-text" itemprop = "text">

Be very careful with refusing rules - they are only a few of the essentials.

If ACLs are to provide only AC administrators with access to those that you want them to do, then no one else will have access to key because ACE does not have access.

This is not clear from the document for AddAccessRule () if it will guarantee that a new rule (or ACE) is added to the end of the ACL or not to be the case Chances are, but if this happens and your ACE does not get denied then ACE ends before giving access to the administrator, then refuses AC refusal to use one (access to the first system Looking at aca Once it does reject the grant, which hit the first AC or reject). This is the reason that the use of denial of ACE can be difficult and since ACL does not explicitly allow, then admission check causes failure, you usually only need to specify which one Access is allowed.

You probably want to make sure that the owner does not have access to any key (or whatever thing) to the administrator group - but an owner always has the right to change the ACL (if You think about it for a moment).


Comments

Post a Comment

Popular posts from this blog

oracle - The fastest way to check if some records in a database table? -

-
I have a big table to work with. I have to see that there are some records whose parent_id is equal to my passing value. Currently I do this by implementing "my_table using select count (*) where parent_id =: id"; If the result> 0, it means that they exist. Because this is a very large table, and I do not care what the actual number of records present, I just want to know if it exists, so I think count (*) Bit is disabled. How do I apply this requirement most quickly? I'm using Oracle 10. # Tips for Hibernation & amp; Tricks It suggests writing in such a way: Integer number = (integer) session .createQuery ("Select Count (*) to ...."). UniqueResult (); I do not know what is the magic of the unique rule? Why does it fast? To compare, select "1 from mytable where parent_id = passId and rowrum", which is more efficient? If you are not interested in the number of records, then there is an EXISTS query one: Select 'y'
Read more

php - multilevel menu with multilevel array -

-
Just ask someone to solve this problem? I want to create a multilevel menu I can not find the right solution generated with multilevel array, it always gets an array_push error My study came from the original idea But still my Can not match the need. This is my MySQL [code] ----- --------------------- --------------- | ID | PARENT_ID | Name | Link | Seq | 1 | 0 | Dashboad | Dashboard / | 1 | 2 | 0 | Menu 1 | Menu 1 / | 2 | 3 | 0 | Menu 2 | Menu 2 / | 3 | 4 | 0 | Menu 3 | Menu 3 / | 4 | 5 | 2 | Joint Add / | 1 | 6 | 3 | Joint Add / | 1 | 7 | 2 | Edit | Edit / | 2 | 8 | 4 | Joint Add / | 1 ------------------------------------------ [/ Code] I want to do something like this in my array array ('dashboard' = & gt; array ('id' = & gt; '' 'Dame' = & gt; 'Dashboard', 'Title' = & gt; 'Dashboard', 'MatchMin' = & gt; Base_URL (). 'Dashboard /', 'Active' => = & Gt; NULL), &
Read more

jQuery UI: Datepicker month format -

-
I am trying to change the format of the month that shows in the popup (not in the date that the picker actually I do not have any choice anywhere to do this, do I like to use a sub-string () or something else? What I normally display is Trying to change: Class = "ui-datepicker-title"> January & lt; / span & gt; ... & lt; / div & gt; Div>
Read more