public static uint ApiRegSetKeySecurity(RegistryHive hive, string _sObjectname, IntPtr pSecurityDescriptor) { uint iRet = 0; Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegSetKeySecurity() is called", Logger.LogLevel.Verbose)); IntPtr hKey = (IntPtr)0, phSubKey = (IntPtr)0; IntPtr hProv = (IntPtr)0; if ((RegistryInteropWindows.RegConnectRegistry(RegistryInteropWrapperWindows.sHostName, hive, out hKey)) == 0) { try { iRet = (uint)RegistryInteropWindows.RegOpenKeyEx( hKey, _sObjectname, 0, (uint)(RegistryApi.RegSAM.Execute), out phSubKey); iRet = RegistryInteropWindows.RegSetKeySecurity(phSubKey, SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.PROTECTED_DACL_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.UNPROTECTED_DACL_SECURITY_INFORMATION, //SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, //Commented this since the Api is returning the Access denied error code=5 pSecurityDescriptor); } catch (Exception ex) { Logger.LogException("RegistryInteropWrapperWindows.ApiRegSetKeySecurity()", ex); } finally { if ((int)phSubKey > 0) { // Attempt to dispose of key RegistryInteropWindows.RegCloseKey(phSubKey); } if ((int)hKey > 0) { // Attempt to dispose of hive RegistryInteropWindows.RegCloseKey(hKey); } if ((int)pSecurityDescriptor > 0) { // Attempt to dispose of hive SecurityDescriptorApi.CloseHandle(pSecurityDescriptor); } } } return(iRet); }
public static IntPtr ApiRegGetKeySecurity(RegistryHive hive, string _sObjectname) { uint iRet = 0; Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegGetKeySecurity(_sObjectname = {0})", _sObjectname), Logger.LogLevel.Verbose); IntPtr hKey = (IntPtr)0, phSubKey = (IntPtr)0; IntPtr hProv = (IntPtr)0; IntPtr pSecurityDescriptor = IntPtr.Zero; IntPtr pProcessHandle = IntPtr.Zero; ulong lpcbSecurityDescriptor = 0; if ((RegistryInteropWindows.RegConnectRegistry(RegistryInteropWrapperWindows.sHostName, hive, out hKey)) == 0) { try { iRet = SecurityDescriptorWrapper.ApiGetCurrentProcessHandle( SecurityDescriptorApi.TOKEN_ALL_ACCESS, out pProcessHandle); iRet = (uint)RegistryInteropWindows.RegOpenKeyEx( hKey, _sObjectname, 0, (uint)(RegistryApi.RegSAM.AllAccess), out phSubKey); SecurityDescriptorWrapper.ApiGetHandleToCSP(_sObjectname, out hProv); if ((iRet) == 0) { iRet = RegistryInteropWindows.RegGetKeySecurity(phSubKey, SecurityDescriptorApi.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, //SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, //Commented this since the Api is returning the Access denied error code=5 IntPtr.Zero, ref lpcbSecurityDescriptor); if (iRet == (uint)122) //Insufficient buffer { pSecurityDescriptor = Marshal.AllocHGlobal((int)lpcbSecurityDescriptor); iRet = RegistryInteropWindows.RegGetKeySecurity(phSubKey, SecurityDescriptorApi.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION | SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, //SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, pSecurityDescriptor, ref lpcbSecurityDescriptor); } SecurityDescriptor.objectType = SecurityDescriptorApi.SE_OBJECT_TYPE.SE_REGISTRY_KEY; if (iRet != 0) { Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegGetKeySecurity returns error code; " + iRet), Logger.LogLevel.Verbose); return(IntPtr.Zero); } } } catch (Exception ex) { Logger.LogException("RegistryInteropWrapperWindows.ApiRegGetKeySecurity()", ex); } finally { if ((int)phSubKey > 0) { // Attempt to dispose of key RegistryInteropWindows.RegCloseKey(phSubKey); } if ((int)hKey > 0) { // Attempt to dispose of hive RegistryInteropWindows.RegCloseKey(hKey); } } } return(pSecurityDescriptor); }