.Net. Registry security permissions. A user with permissions cannot access the registry.
For my .net application, I have a mechanism that creates a special user on the local machine. Then I create registry / directory entries and assign this newly created user full access to the corresponding sub keys / folders.
For my test, I'm using impersonation to set up the environment to run as this new user, and then do some manipulation on the registry / directory keys.
I am using the following code to create a registry key (Run as administrator):
RegistryAccessRule rule = new RegistryAccessRule(LOGON_USER_NAME, RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow);
RegistrySecurity security = new RegistrySecurity();
security.AddAccessRule(rule);
//Create Test Sub Key in Registry with permissions for the MicaUser
root = Registry.LocalMachine.CreateSubKey(SUB_KEY_ROOT, RegistryKeyPermissionCheck.ReadWriteSubTree);
root.SetAccessControl(security);
RegistryKey key = root.CreateSubKey(SUB_KEY_DELETE, RegistryKeyPermissionCheck.ReadWriteSubTree);
root.Close();
key.Close();
Then when I try to manipulate the case under a personalized user:
RegistryKey root = Registry.LocalMachine.OpenSubKey (SUB_KEY_ROOT); root.DeleteSubKeyTree (SUB_KEY_DELETE);
This causes a "Cannot write to registry key" permission exception.
Directory manipulation is fine and works as expected, however registry permissions are not being executed. I checked the registry and the user was given full permissions for the additional key.
Error: "Unable to write registry key"
NOTE. Registry manipulation works fine under admin user, so the code is correct.
Any thoughts?
Hello
tris