c# - Registry change permission remove other user rights -
i change ownership, permission registry key.
here code have far :
var id = windowsidentity.getcurrent(); if (!win32.setprivilege(win32.takeownership, true)) throw new exception(); if (!win32.setprivilege(win32.restore, true)) throw new exception(); var hklm = registrykey.openbasekey(registryhive, is64key ? registryview.registry64 : registryview.registry32); using (regkey = hklm.opensubkey(path, registrykeypermissioncheck.readwritesubtree, registryrights.takeownership)) { if (regkey == null) throw new exception("clé de registre non trouvée"); _security = regkey.getaccesscontrol(accesscontrolsections.all); var oldid = _security.getowner(typeof (securityidentifier)); _oldsi = new securityidentifier(oldid.tostring()); _security.setowner(id.user); regkey.setaccesscontrol(_security); } using (regkey = hklm.opensubkey(path, registrykeypermissioncheck.readwritesubtree, registryrights.changepermissions)) { _fullaccess = new registryaccessrule(id.user, registryrights.fullcontrol, inheritanceflags.objectinherit | inheritanceflags.containerinherit, propagationflags.none, accesscontroltype.allow); _security.addaccessrule(_fullaccess); regkey.setaccesscontrol(_security); }
everything works fine, in regedit, subkey right contains user, others users removed.
before :
after :
it seems inherited rights removed.
i'm close succeed, must miss parameter, don't see one.
try adding this:
_security.setaccessruleprotection(false, false);
before call this:
regkey.setaccesscontrol(_security);
doing ensure "protection inheritance" disabled (aka inheritance allowed).
Comments
Post a Comment