Permi��es Regedit.

Delphi

09/04/2008

Bom dia pessoal, bom minha duvida � sobre o regedit, to tentando mudar a permi��o de uma determinada chave, no programa abaixo ele modifica a permi��o de uma chave, dando permi��o especial para o usuario �TODOS� e negando permi��o para o usuario �SYSTEM�.

[i:d55d65fff4]Porem antes de modificar, eu presiso poder acessar a chave,hora que tento visualiza-la da o seguinte erro:[/i:d55d65fff4]

[img:d55d65fff4]http://brasilvalores.com/anuncios/chave-erro.jpg[/img:d55d65fff4]

[i:d55d65fff4]pois antes de tentar modificar ela ja foi modificada por outro programa, � necess�rio tirar essa resti��o e nao sei gostaria de descobrir.[/i:d55d65fff4]

A outra parte � assim:

Presiso negar permi��es para usuario �SYSTEM� veja:

E para o usuario �TODOS� a mesma coisa porem permitindo veja:

[b:d55d65fff4]Meu programa:[/b:d55d65fff4] meu programa abaixo, atribui permi��o de �PERMITIR� para o usuario �TODOS� e atribui permi��o �NEGAR� para o usuario �SYSTEM� porem os dois com [u:d55d65fff4]permi��o espercial[/u:d55d65fff4] que nao � o que necessito.

program Project2; {$APPTYPE CONSOLE} uses SysUtils, Registry, Windows, Dialogs; const SECURITY_NULL_SID_AUTHORITY = 0; SECURITY_WORLD_SID_AUTHORITY = 1; SECURITY_LOCAL_SID_AUTHORITY = 2; SECURITY_CREATOR_SID_AUTHORITY = 3; SECURITY_NT_AUTHORITY = 5; SECURITY_LOCAL_SYSTEM_RID = $00000012; SECURITY_WORLD_RID = $00000000; ACL_REVISION = 2; SECURITY_DESCRIPTOR_REVISION = 1; type PACE_Header = ^TACE_Header; TACE_Header = record AceType: BYTE; AceFlags: BYTE; AceSize: WORD; end; PAccess_Allowed_ACE = ^TAccess_Allowed_ACE; TAccess_Allowed_ACE = record Header: TACE_Header; Mask: ACCESS_MASK; SidStart: DWORD; end; type SE_OBJECT_TYPE = ( SE_UNKNOWN_OBJECT_TYPE, SE_FILE_OBJECT, SE_SERVICE, SE_PRINTER, SE_REGISTRY_KEY, SE_LMSHARE, SE_KERNEL_OBJECT, SE_WINDOW_OBJECT, SE_DS_OBJECT, SE_DS_OBJECT_ALL, SE_PROVIDER_DEFINED_OBJECT, SE_WMIGUID_OBJECT ); PPSID = ^PSID; function SetNamedSecurityInfoW(pObjectName : PWideChar;ObjectType : SE_OBJECT_TYPE;SecurityInfo : SECURITY_INFORMATION;ppSIDOwner,ppSIDGroup : PPSID;ppDacl,ppSacl : PACL) : DWORD;stdcall;external �advapi32.dll�name �SetNamedSecurityInfoW�; function SetPermissions : Boolean; var sia, eia : TSIDIdentifierAuthority; pSystemSID, pEveryoneSID : PSID; sd : Windows.TSecurityDescriptor; pDacl : PACL; dwAclSize : DWORD; aHKey : HKEY; lRetCode : LongInt; bSuccess : Boolean; begin sia.Value[0] := 0; sia.Value[1] := 0; sia.Value[2] := 0; sia.Value[3] := 0; sia.Value[4] := 0; sia.Value[5] := SECURITY_NT_AUTHORITY; pSystemSID := nil; eia.Value[0] := 0; eia.Value[1] := 0; eia.Value[2] := 0; eia.Value[3] := 0; eia.Value[4] := 0; eia.Value[5] := SECURITY_WORLD_SID_AUTHORITY; pEveryoneSID := 0; pDacl := nil; bSuccess := False; lRetCode := RegOpenKeyEx(HKEY_LOCAL_MACHINE,�SOFTWARE\Microsoft\Windows\CurrentVersion\Run\�,0,WRITE_DAC,aHKey); if( not AllocateAndInitializeSID(sia,1,SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0,pSystemSid)) then begin // SECURITY_LOCAL_SYSTEM_RID WriteLn(�Error in: AllocateAndInitializeSid�); end else WriteLn(�SYSTEM SID succesfully initialized.�); if( not AllocateAndInitializeSID(eia, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0,pEveryoneSid)) then begin WriteLn(�Error in: AllocateAndInitializeSid�); end else WriteLn(�Everyone SID succesfully initialized.�); dwAclSize := sizeof(TACL) + 2 * ( sizeof(TAccess_Allowed_ACE) - sizeof(DWORD) ) + GetLengthSid(pSystemSid) + GetLengthSid(pEveryoneSid); pDacl := PACL(HeapAlloc(GetProcessHeap(), 0, dwAclSize)); if( not InitializeAcl(pDacl^, dwAclSize,ACL_REVISION)) then begin WriteLn(�Error in: InitializeAcl�); end else WriteLn(�ACL succesfully initialized.�); if(not AddAccessAllowedAce(pDacl^,ACL_REVISION,KEY_READ,pEveryoneSid)) then begin WriteLn(�Error in: AddAccessAllowedAce. [pEveryoneSid]�); end else WriteLn(�Access for Everyone succesfully added.�); /// nagando permi��o para system if(not AddAccessDeniedAce(pDacl^,ACL_REVISION,KEY_ALL_ACCESS,pSystemSid)) then begin WriteLn(�Error in: AddAccessAllowedAce. [pSystemSid]�); end else WriteLn(�Denied Access for System succesfully added.�); if(not InitializeSecurityDescriptor(@sd, SECURITY_DESCRIPTOR_REVISION)) then begin WriteLn(�Error in: InitializeSecurityDescriptor�); end else WriteLn(�Security Descriptor succesfully initialized.�); if(not SetSecurityDescriptorDacl(@sd, TRUE, pDacl, FALSE)) then begin WriteLn(�Error in: SetSecurityDescriptorDacl�); end else WriteLn(�DACL succesfully updated.�); lRetCode := RegSetKeySecurity(aHKey,SECURITY_INFORMATION(DACL_SECURITY_INFORMATION),@sd); if(lRetCode <> ERROR_SUCCESS) then begin WriteLn(�Error in: RegSetKeySecurity�); end else WriteLn(�Registry Key Security Operation succesfull.�); bSuccess := TRUE; end; function AllowRegKeyForEveryone(Key : HKEY; Path : string) : Boolean; var WidePath : PWideChar; Len : Integer; begin case Key of HKEY_LOCAL_MACHINE: Path := �MACHINE\� + Path; HKEY_CURRENT_USER: Path := �CURRENT_USER\� + Path; HKEY_CLASSES_ROOT: Path := �CLASSES_ROOT\� + Path; HKEY_USERS: Path := �USERS\� + Path; end; Len := (Length(Path) + 1) * SizeOf(WideChar); GetMem(WidePath,Len); MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, PChar(Path), - 1, WidePath, Len); Result := SetNamedSecurityInfoW(WidePath, SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION, nil, nil, nil, nil) = ERROR_SUCCESS; FreeMem(WidePath); end; var Result : Boolean; begin Result := SetPermissions; if Result = False then begin WriteLn(�FAILURE ! ... pressio qualquer tecla para continuar.�); ReadLn; end; end.

.. [b:d55d65fff4]Como eu fasso para liberar o acesso a chave primeiro depois.. atribuir as permi��es conforme foto 2 e 3.

Vlw pessoal.[/b:d55d65fff4]

Joilson Junior

Curtidas 0

Respostas

Rjun

09/04/2008

Permiss�o com �� e fa�o com �ss�. Que beleza.

GOSTEI 0

POSTAR