logo标签列表

注册表安全访问被拒绝。C#

c#securityregistry
6

我目前在编写一个应用程序时遇到了问题,需要设置一些传统密钥的权限。传统密钥是非常锁定的,实际上在注册表编辑器中修改它们需要先拥有所有权,然后添加自己并授予完全控制权限。当尝试在代码中复制此操作时,我无法获取可写入的密钥,并显示“拒绝访问”的错误。以下是示例代码:

RegistrySecurity rs = new RegistrySecurity();
rs.AddAccessRule(new RegistryAccessRule("Administrators", RegistryRights.FullControl, AccessControlType.Allow));
rs.SetOwner(new NTAccount("Administrators"));
return LocalMachine.CreateSubKey(post, RegistryKeyPermissionCheck.ReadWriteSubTree, rs);

任何想法都将不胜感激。我已经尝试了请求写入访问权限的OpenSubKey,但我无法获取该键。谢谢大家。
5个回答
7
我终于找到了解决方案。您需要使用“ChangePermissions”打开密钥,然后更改自己的权限...然后重新以完全控制的方式打开密钥以更改所有者。以下是操作步骤。
RegistryKey rk = LocalMachine.OpenSubKey(subkey, RegistryKeyPremissionsCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey);//Get the registry key desired with ChangePermissions Rights.
RegistrySecurity rs = new RegistrySecurity();
rs.AddAccessRule(new RegistryAccessRule("Administrator", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow));//Create access rule giving full control to the Administrator user.
rk.SetAccessControl(rs); //Apply the new access rule to this Registry Key.
rk = LocalMachine.OpenSubKey(subkey, RegistryKeyPremissionsCheck.ReadWriteSubTree, RegistryRights.FullControl); // Opens the key again with full control.
rs.SetOwner(new NTAccount("Administrator"));// Set the securitys owner to be Administrator
rk.SetAccessControl(rs);// Set the key with the changed permission so Administrator is now owner.

这对我有效。如果它对你有用,请告诉我 :)

显然,如果您未以管理员身份登录或需要其他用户的权限,则将Administrator更改为其他用户。

0
using System.Security;
using System.Security.AccessControl;
using System.Security.Principal;
using Microsoft.Win32;

首先必须对子键设置具有完全访问权限的权限

RegistryKey rkey = LocalMachine.OpenSubKey(_subKey, RegistryKeyPermissionCheck.ReadWriteSubTree, gistryRights.ChangePermissions);
if (rkey == null)
 throw new Exception("Not Open");
//-------
RegistrySecurity _registrySecurity =new RegistrySecurity();//Or rkey.GetAccessControl();
WindowsIdentity _windowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
RegistryAccessRule _accessRule = new RegistryAccessRule(_windowsIdentity.Name, RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);
_registrySecurity.AddAccessRule(_accessRule);
_registrySecurity.SetAccessRuleProtection(false, true);
 rkey.SetAccessControl(_registrySecurity);

//--------Now, Set owner

_registrySecurity.SetGroup(new NTAccount("Administrators"));  //This is optional
var SID = new System.Security.Principal.NTAccount("XXX\\Users");
_registrySecurity.SetOwner(SID);
rkey.SetAccessControl(_registrySecurity);

XXX:你的账户名

0
当你用那段代码运行你的应用程序时,你是右键点击exe文件然后选择“以管理员身份运行”吗?
嗨,史蒂夫,我以管理员身份运行Visual Studios,所以调试应该也是以管理员身份运行的吧?我还尝试了以管理员身份运行,但仍然不起作用。传统密钥完全被锁定,只有系统和每个人被设置为只读访问。我已经找到了解决方案,很快就会发布。 - Skintkingle
-1
        RegistryKey rkey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Norton\SecurityStatusSDK", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions);
        if (rkey == null)
            throw new Exception("Not Open");
        //-------
        RegistrySecurity _registrySecurity = new RegistrySecurity();//Or rkey.GetAccessControl();
        WindowsIdentity _windowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
        RegistryAccessRule _accessRule = new RegistryAccessRule(_windowsIdentity.Name, RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);
        _registrySecurity.AddAccessRule(_accessRule);
        _registrySecurity.SetAccessRuleProtection(false, true);
        try
        {
            rkey.SetAccessControl(_registrySecurity);// <---"Attempted to perform an unauthorized operation."
        }
        catch (UnauthorizedAccessException e)
        {

        }

        //--------Now, Set owner

        _registrySecurity.SetGroup(new NTAccount("Administrators"));  //This is optional
        var SID = new System.Security.Principal.NTAccount("XXX\\Users");
        _registrySecurity.SetOwner(SID);
        rkey.SetAccessControl(_registrySecurity);

我安装了诺顿互联网安全软件

-2

Microsoft Visual Studio 2015(管理员)

_subKey = SOFTWARE\Wow6432Node\Norton

rkey.SetAccessControl(_registrySecurity);->"尝试执行未经授权的操作。"

你具体回答的是什么?抱歉,我不明白。 - Skintkingle
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接