Registry access permission doesn't obey impersonated user

From: Karim (karim3411_at_!!yahoo!!.com)
Date: 09/03/03

Date: Tue, 2 Sep 2003 21:40:19 -0700

I have an application that impersonates a user. I did a test for
reading a registry key and noticed that the app can read the key even
though the user does not have access to that key. aspnet user does not have
not access either. After denying read access to the key for different
users, I found out that the INTERACTIVE user is the one that determines the

How can I deny apps from reading the registry? Why isn't the app
following the impersonated user's registry permissions?