Incorrect Registry Read Permissions Being Set
Incorrect Registry Read Permissions Being Set
It seems setting read permissions on a registry key assigns an incorrect attribute. The KEY_CREATE_LINK is assigned instead of the correct KEY_NOTIFY value.
Is there a possible fix/workaround for this? Can an API be called to resolve the issue, or do we wait for the next madSec update?
Is there a possible fix/workaround for this? Can an API be called to resolve the issue, or do we wait for the next madSec update?
I am using the following code:
Code: Select all
acc: IAccount;
sec: ISecurityObject;
sec := RegistrySecurity(...)
AccountCache_Clear;
acc := Account(...);
sec.DAcl.SetFileAccess(acc, false);
sec.DAcl.Flush;
I'd suggest this:
Use regedit to set the access rights you want to have. Then use madSecurity to enumerate the ACEs to find out which access rights are needed. Afterwards you can use IACL.AddItem to realize exactly this combination of rights.
I'm sorry, but I'm at work now. I can't do all the work for you!
Use regedit to set the access rights you want to have. Then use madSecurity to enumerate the ACEs to find out which access rights are needed. Afterwards you can use IACL.AddItem to realize exactly this combination of rights.
I'm sorry, but I'm at work now. I can't do all the work for you!
So like this?
Also, is it the same way then for all other types of permissions? Do we only have pre-built functions for only files and printers, and have to use above method for registry, shares, and services?
Code: Select all
acc: IAccount;
sec: ISecurityObject;
sec := RegistrySecurity(...)
AccountCache_Clear;
acc := Account(...);
sec.DAcl.DeleteItems(acc);
sec.DAcl.NewItem(...);
sec.DAcl.Flush;