RegistrySecurity访问被拒绝.C#
本文关键字:拒绝 访问 RegistrySecurity | 更新日期: 2023-09-27 18:00:16
我目前在编写应用程序以设置某些Legacy密钥的权限时遇到问题。遗留密钥被完全锁定,要在regedit中实际修改它们,您必须拥有所有权,然后添加自己的完全控制权。当试图在代码中复制这一点时,我无法获得写入密钥,并出现错误"访问被拒绝"。示例代码:
RegistrySecurity rs = new RegistrySecurity();
rs.AddAccessRule(new RegistryAccessRule("Administrators", RegistryRights.FullControl, AccessControlType.Allow));
rs.SetOwner(new NTAccount("Administrators"));
return LocalMachine.CreateSubKey(post, RegistryKeyPermissionCheck.ReadWriteSubTree, rs);
任何想法都将不胜感激。我也尝试过要求写访问的OpenSubKey,但就是无法获得密钥。
谢谢大家。
我终于找到了解决方案。你必须用"ChangePermissions"打开密钥,然后为自己更改权限。。。然后在完全控制的情况下重新打开钥匙以更换所有者。方法如下。
RegistryKey rk = LocalMachine.OpenSubKey(subkey, RegistryKeyPremissionsCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey);//Get the registry key desired with ChangePermissions Rights.
RegistrySecurity rs = new RegistrySecurity();
rs.AddAccessRule(new RegistryAccessRule("Administrator", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow));//Create access rule giving full control to the Administrator user.
rk.SetAccessControl(rs); //Apply the new access rule to this Registry Key.
rk = LocalMachine.OpenSubKey(subkey, RegistryKeyPremissionsCheck.ReadWriteSubTree, RegistryRights.FullControl); // Opens the key again with full control.
rs.SetOwner(new NTAccount("Administrator"));// Set the securitys owner to be Administrator
rk.SetAccessControl(rs);// Set the key with the changed permission so Administrator is now owner.
这对我有效。如果对你有效,请告诉我:)
如果您不是以管理员身份登录,或者您需要其他用户的权限,请将管理员更改为其他用户。
使用该代码运行应用程序时,是否右键单击exe并选择"以管理员身份运行"?
using System.Security;
using System.Security.AccessControl;
using System.Security.Principal;
using Microsoft.Win32;
首先必须设置具有权限FULL-ACCESS的子密钥权限
RegistryKey rkey = LocalMachine.OpenSubKey(_subKey, RegistryKeyPermissionCheck.ReadWriteSubTree, gistryRights.ChangePermissions);
if (rkey == null)
throw new Exception("Not Open");
//-------
RegistrySecurity _registrySecurity =new RegistrySecurity();//Or rkey.GetAccessControl();
WindowsIdentity _windowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
RegistryAccessRule _accessRule = new RegistryAccessRule(_windowsIdentity.Name, RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);
_registrySecurity.AddAccessRule(_accessRule);
_registrySecurity.SetAccessRuleProtection(false, true);
rkey.SetAccessControl(_registrySecurity);
//--------Now, Set owner
_registrySecurity.SetGroup(new NTAccount("Administrators")); //This is optional
var SID = new System.Security.Principal.NTAccount("XXX''Users");
_registrySecurity.SetOwner(SID);
rkey.SetAccessControl(_registrySecurity);
XXX:您的帐户名
RegistryKey rkey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE'Norton'SecurityStatusSDK", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions);
if (rkey == null)
throw new Exception("Not Open");
//-------
RegistrySecurity _registrySecurity = new RegistrySecurity();//Or rkey.GetAccessControl();
WindowsIdentity _windowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
RegistryAccessRule _accessRule = new RegistryAccessRule(_windowsIdentity.Name, RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow);
_registrySecurity.AddAccessRule(_accessRule);
_registrySecurity.SetAccessRuleProtection(false, true);
try
{
rkey.SetAccessControl(_registrySecurity);// <---"Attempted to perform an unauthorized operation."
}
catch (UnauthorizedAccessException e)
{
}
//--------Now, Set owner
_registrySecurity.SetGroup(new NTAccount("Administrators")); //This is optional
var SID = new System.Security.Principal.NTAccount("XXX''Users");
_registrySecurity.SetOwner(SID);
rkey.SetAccessControl(_registrySecurity);
我安装了Norton Internet Security
Microsoft Visual Studio 2015(管理员)
_subKey = SOFTWARE'Wow6432Node'Norton
rkey.SetAccessControl(_registrySecurity);->
"试图执行未经授权的操作。"`