c# - Registry change permission remove other user rights -


i change ownership, permission registry key.

here code have far :

        var id = windowsidentity.getcurrent();          if (!win32.setprivilege(win32.takeownership, true))             throw new exception();          if (!win32.setprivilege(win32.restore, true))             throw new exception();          var hklm = registrykey.openbasekey(registryhive, is64key ? registryview.registry64 : registryview.registry32);         using (regkey = hklm.opensubkey(path, registrykeypermissioncheck.readwritesubtree, registryrights.takeownership))         {             if (regkey == null)                 throw new exception("clé de registre non trouvée");              _security = regkey.getaccesscontrol(accesscontrolsections.all);              var oldid = _security.getowner(typeof (securityidentifier));             _oldsi = new securityidentifier(oldid.tostring());              _security.setowner(id.user);             regkey.setaccesscontrol(_security);         }          using (regkey = hklm.opensubkey(path, registrykeypermissioncheck.readwritesubtree, registryrights.changepermissions))         {             _fullaccess = new registryaccessrule(id.user, registryrights.fullcontrol, inheritanceflags.objectinherit | inheritanceflags.containerinherit, propagationflags.none, accesscontroltype.allow);             _security.addaccessrule(_fullaccess);             regkey.setaccesscontrol(_security);         } 

everything works fine, in regedit, subkey right contains user, others users removed.

before :

before change permission

after :

after change permission

it seems inherited rights removed.

i'm close succeed, must miss parameter, don't see one.

try adding this:

_security.setaccessruleprotection(false, false); 

before call this:

regkey.setaccesscontrol(_security); 

doing ensure "protection inheritance" disabled (aka inheritance allowed).


Comments

Popular posts from this blog

Payment information shows nothing in one page checkout page magento -

tcpdump - How to check if server received packet (acknowledged) -