Re: Registry access permission doesn't obey impersonated user

From: alexey (alexey_at_intuitivelabs.com)
Date: 09/03/03


Date: Wed, 3 Sep 2003 06:25:19 -0400


Karim,

Could you give me a hint how to create such a code to impersonate from
ASPNET and read the Registry? I am working on a similar application right
now and can't make impersonation work.

Thanks

Alexey

alexey@intuitivelabs.com

"Karim" <karim3411@!!yahoo!!.com> wrote in message
news:ee30ngspkbua$.1s2drqd5sknpz.dlg@40tude.net...
>
> I have an asp.net application that impersonates a user. I did a test for
> reading a registry key and noticed that the app can read the key even
> though the user does not have access to that key. aspnet user does not
have
> not access either. After denying read access to the key for different
> users, I found out that the INTERACTIVE user is the one that determines
the
> permissions.
>
> How can I deny asp.net apps from reading the registry? Why isn't the app
> following the impersonated user's registry permissions?
>
> karim



Relevant Pages

  • Interop .NET Server and COM client
    ... We have an application that writes to Windows registry and ... registry and files) ... with the addition of "Impersonate a client after ... impersonate if it is running under a normal user account. ...
    (microsoft.public.security)
  • Re: Registry access permission doesnt obey impersonated user
    ... > Could you give me a hint how to create such a code to impersonate from ... > ASPNET and read the Registry? ... >> reading a registry key and noticed that the app can read the key even ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: IIS Security vs The Registry
    ... You can impersonate a high privilege user when you need to access the ... This ensures maxium security because the Internet Anonymous user ... won't have access to Registry. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Interop .NET Server and COM client
    ... trying to write to files or registry locations that you don't have access ... > require the software to impersonate as a highly privileged ... > impersonate if it is running under a normal user account. ... > This can be a real hassale as Administrators would need to ...
    (microsoft.public.security)
  • Re: Locate Documents and Settings folder (LONG)
    ... > Documents and Settings. ... impersonate FMuser -- log on as FMuser, ... that account's registry (thus solving your "execute dos command" problem ...
    (alt.comp.lang.borland-delphi)