madshi.net

high quality low level programming
http://forum.madshi.net/

How to deny read access to registry key ?

http://forum.madshi.net/viewtopic.php?f=8&t=834

Page 1 of 1

How to deny read access to registry key ?

Posted: Tue Nov 08, 2005 5:44 pm
by stpavel
Hello !
I need deny access for everyone , except Administrator group to some registry key , but sometimes give read access for everyone at that key..
I don't understand how to do it..

I tried :

with RegistrySecurity('HKLM\SOFTWARE\SecurityKey') do begin
Dacl.DeleteItems(Everyone);
DAcl.NewItem(Everyone,ACCESS_CODE,atDenied);
end;

but , how to calcultate this ACCESS_CODE ?

Posted: Tue Nov 08, 2005 7:51 pm
by madshi
I suggest to use IAcl.SetFileAccess. It's not really made for registry access rights, but it will probably work just fine.

If it doesn't work, I'm not sure right now myself which flags to use exactly. The problem is that for each and every security object, Windows has its own security flags. I'd have to analyze it myself.

What you can do is use RegEdit to set the rights you want to have. Then use madSecurity to to enumerate the ACL to see how it looks like. This way you know which flags to set.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited