Code:
/ Dotnetfx_Win7_3.5.1 / Dotnetfx_Win7_3.5.1 / 3.5.1 / DEVDIV / depot / DevDiv / releases / whidbey / NetFXspW7 / ndp / clr / src / BCL / System / Security / AccessControl / RegistrySecurity.cs / 1 / RegistrySecurity.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== /*============================================================ ** ** Class: RegistrySecurity ** ** ** Purpose: Managed ACL wrapper for registry keys. ** ** ===========================================================*/ using System; using System.Collections; using System.Security.Permissions; using System.Security.Principal; using Microsoft.Win32; using Microsoft.Win32.SafeHandles; using System.Runtime.InteropServices; using System.IO; namespace System.Security.AccessControl { // We derived this enum from the definitions of KEY_READ and such from // winnt.h and from MSDN, plus some experimental validation with regedit. // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/registry_key_security_and_access_rights.asp [Flags] public enum RegistryRights { // No None field - An ACE with the value 0 cannot grant nor deny. QueryValues = 0x0001, // query the values of a registry key SetValue = 0x0002, // create, delete, or set a registry value CreateSubKey = 0x0004, // required to create a subkey of a specific key EnumerateSubKeys = 0x0008, // required to enumerate sub keys of a key Notify = 0x0010, // needed to request change notifications CreateLink = 0x0020, ExecuteKey = ReadKey, ReadKey = Win32Native.STANDARD_RIGHTS_READ | QueryValues | EnumerateSubKeys | Notify, WriteKey = Win32Native.STANDARD_RIGHTS_WRITE | SetValue | CreateSubKey, Delete = 0x10000, ReadPermissions = 0x20000, ChangePermissions = 0x40000, TakeOwnership = 0x80000, FullControl = 0xF003F | Win32Native.STANDARD_RIGHTS_READ | Win32Native.STANDARD_RIGHTS_WRITE } public sealed class RegistryAccessRule : AccessRule { // Constructor for creating access rules for registry objects public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, AccessControlType type) : this(identity, (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type) { } public RegistryAccessRule(String identity, RegistryRights registryRights, AccessControlType type) : this(new NTAccount(identity), (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type) { } public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) : this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, type) { } public RegistryAccessRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) : this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, type) { } // // Internal constructor to be called by public constructors // and the access rule factory methods of {File|Folder}Security // internal RegistryAccessRule( IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type ) : base( identity, accessMask, isInherited, inheritanceFlags, propagationFlags, type ) { } public RegistryRights RegistryRights { get { return (RegistryRights) base.AccessMask; } } } public sealed class RegistryAuditRule : AuditRule { public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, flags) { } public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, flags) { } internal RegistryAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, flags) { } public RegistryRights RegistryRights { get { return (RegistryRights) base.AccessMask; } } } public sealed class RegistrySecurity : NativeObjectSecurity { public RegistrySecurity() : base(true, ResourceType.RegistryKey) { } /* // The name of registry key must start with a predefined string, // like CLASSES_ROOT, CURRENT_USER, MACHINE, and USERS. See // MSDN's help for SetNamedSecurityInfo for details. [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal RegistrySecurity(String name, AccessControlSections includeSections) : base(true, ResourceType.RegistryKey, HKeyNameToWindowsName(name), includeSections) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand(); } */ [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal RegistrySecurity(SafeRegistryHandle hKey, String name, AccessControlSections includeSections) : base(true, ResourceType.RegistryKey, hKey, includeSections, _HandleErrorCode, null ) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand(); } private static Exception _HandleErrorCode(int errorCode, string name, SafeHandle handle, object context) { System.Exception exception = null; switch (errorCode) { case Win32Native.ERROR_FILE_NOT_FOUND: exception = new IOException(Environment.GetResourceString("Arg_RegKeyNotFound", errorCode)); break; case Win32Native.ERROR_INVALID_NAME: exception = new ArgumentException(Environment.GetResourceString("Arg_RegInvalidKeyName", "name")); break; case Win32Native.ERROR_INVALID_HANDLE: exception = new ArgumentException(Environment.GetResourceString("AccessControl_InvalidHandle")); break; default: break; } return exception; } public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) { return new RegistryAccessRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, type); } public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return new RegistryAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags); } internal AccessControlSections GetAccessControlSectionsFromChanges() { AccessControlSections persistRules = AccessControlSections.None; if (AccessRulesModified) persistRules = AccessControlSections.Access; if (AuditRulesModified) persistRules |= AccessControlSections.Audit; if (OwnerModified) persistRules |= AccessControlSections.Owner; if (GroupModified) persistRules |= AccessControlSections.Group; return persistRules; } /* // See SetNamedSecurityInfo docs - we must start strings // with names like CURRENT_USER, MACHINE, CLASSES_ROOT, etc. // (Look at SE_OBJECT_TYPE, then the docs for SE_REGISTRY_KEY) internal static String HKeyNameToWindowsName(String keyName) { if (keyName.StartsWith("HKEY_")) { if (keyName.Equals("HKEY_LOCAL_MACHINE")) return "MACHINE"; return keyName.Substring(5); } return keyName; } [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal void Persist(String keyName) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand(); AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); if (persistRules == AccessControlSections.None) return; // Don't need to persist anything. String windowsKeyName = HKeyNameToWindowsName(keyName); base.Persist(windowsKeyName, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } */ [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal void Persist(SafeRegistryHandle hKey, String keyName) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand(); WriteLock(); try { AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); if (persistRules == AccessControlSections.None) return; // Don't need to persist anything. base.Persist(hKey, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } finally { WriteUnlock(); } } public void AddAccessRule(RegistryAccessRule rule) { base.AddAccessRule(rule); } public void SetAccessRule(RegistryAccessRule rule) { base.SetAccessRule(rule); } public void ResetAccessRule(RegistryAccessRule rule) { base.ResetAccessRule(rule); } public bool RemoveAccessRule(RegistryAccessRule rule) { return base.RemoveAccessRule(rule); } public void RemoveAccessRuleAll(RegistryAccessRule rule) { base.RemoveAccessRuleAll(rule); } public void RemoveAccessRuleSpecific(RegistryAccessRule rule) { base.RemoveAccessRuleSpecific(rule); } public void AddAuditRule(RegistryAuditRule rule) { base.AddAuditRule(rule); } public void SetAuditRule(RegistryAuditRule rule) { base.SetAuditRule(rule); } public bool RemoveAuditRule(RegistryAuditRule rule) { return base.RemoveAuditRule(rule); } public void RemoveAuditRuleAll(RegistryAuditRule rule) { base.RemoveAuditRuleAll(rule); } public void RemoveAuditRuleSpecific(RegistryAuditRule rule) { base.RemoveAuditRuleSpecific(rule); } public override Type AccessRightType { get { return typeof(RegistryRights); } } public override Type AccessRuleType { get { return typeof(RegistryAccessRule); } } public override Type AuditRuleType { get { return typeof(RegistryAuditRule); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== /*============================================================ ** ** Class: RegistrySecurity ** ** ** Purpose: Managed ACL wrapper for registry keys. ** ** ===========================================================*/ using System; using System.Collections; using System.Security.Permissions; using System.Security.Principal; using Microsoft.Win32; using Microsoft.Win32.SafeHandles; using System.Runtime.InteropServices; using System.IO; namespace System.Security.AccessControl { // We derived this enum from the definitions of KEY_READ and such from // winnt.h and from MSDN, plus some experimental validation with regedit. // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/registry_key_security_and_access_rights.asp [Flags] public enum RegistryRights { // No None field - An ACE with the value 0 cannot grant nor deny. QueryValues = 0x0001, // query the values of a registry key SetValue = 0x0002, // create, delete, or set a registry value CreateSubKey = 0x0004, // required to create a subkey of a specific key EnumerateSubKeys = 0x0008, // required to enumerate sub keys of a key Notify = 0x0010, // needed to request change notifications CreateLink = 0x0020, ExecuteKey = ReadKey, ReadKey = Win32Native.STANDARD_RIGHTS_READ | QueryValues | EnumerateSubKeys | Notify, WriteKey = Win32Native.STANDARD_RIGHTS_WRITE | SetValue | CreateSubKey, Delete = 0x10000, ReadPermissions = 0x20000, ChangePermissions = 0x40000, TakeOwnership = 0x80000, FullControl = 0xF003F | Win32Native.STANDARD_RIGHTS_READ | Win32Native.STANDARD_RIGHTS_WRITE } public sealed class RegistryAccessRule : AccessRule { // Constructor for creating access rules for registry objects public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, AccessControlType type) : this(identity, (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type) { } public RegistryAccessRule(String identity, RegistryRights registryRights, AccessControlType type) : this(new NTAccount(identity), (int) registryRights, false, InheritanceFlags.None, PropagationFlags.None, type) { } public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) : this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, type) { } public RegistryAccessRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) : this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, type) { } // // Internal constructor to be called by public constructors // and the access rule factory methods of {File|Folder}Security // internal RegistryAccessRule( IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type ) : base( identity, accessMask, isInherited, inheritanceFlags, propagationFlags, type ) { } public RegistryRights RegistryRights { get { return (RegistryRights) base.AccessMask; } } } public sealed class RegistryAuditRule : AuditRule { public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(identity, (int) registryRights, false, inheritanceFlags, propagationFlags, flags) { } public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : this(new NTAccount(identity), (int) registryRights, false, inheritanceFlags, propagationFlags, flags) { } internal RegistryAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) : base(identity, accessMask, isInherited, inheritanceFlags, propagationFlags, flags) { } public RegistryRights RegistryRights { get { return (RegistryRights) base.AccessMask; } } } public sealed class RegistrySecurity : NativeObjectSecurity { public RegistrySecurity() : base(true, ResourceType.RegistryKey) { } /* // The name of registry key must start with a predefined string, // like CLASSES_ROOT, CURRENT_USER, MACHINE, and USERS. See // MSDN's help for SetNamedSecurityInfo for details. [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal RegistrySecurity(String name, AccessControlSections includeSections) : base(true, ResourceType.RegistryKey, HKeyNameToWindowsName(name), includeSections) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand(); } */ [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal RegistrySecurity(SafeRegistryHandle hKey, String name, AccessControlSections includeSections) : base(true, ResourceType.RegistryKey, hKey, includeSections, _HandleErrorCode, null ) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.View, name).Demand(); } private static Exception _HandleErrorCode(int errorCode, string name, SafeHandle handle, object context) { System.Exception exception = null; switch (errorCode) { case Win32Native.ERROR_FILE_NOT_FOUND: exception = new IOException(Environment.GetResourceString("Arg_RegKeyNotFound", errorCode)); break; case Win32Native.ERROR_INVALID_NAME: exception = new ArgumentException(Environment.GetResourceString("Arg_RegInvalidKeyName", "name")); break; case Win32Native.ERROR_INVALID_HANDLE: exception = new ArgumentException(Environment.GetResourceString("AccessControl_InvalidHandle")); break; default: break; } return exception; } public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) { return new RegistryAccessRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, type); } public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { return new RegistryAuditRule(identityReference, accessMask, isInherited, inheritanceFlags, propagationFlags, flags); } internal AccessControlSections GetAccessControlSectionsFromChanges() { AccessControlSections persistRules = AccessControlSections.None; if (AccessRulesModified) persistRules = AccessControlSections.Access; if (AuditRulesModified) persistRules |= AccessControlSections.Audit; if (OwnerModified) persistRules |= AccessControlSections.Owner; if (GroupModified) persistRules |= AccessControlSections.Group; return persistRules; } /* // See SetNamedSecurityInfo docs - we must start strings // with names like CURRENT_USER, MACHINE, CLASSES_ROOT, etc. // (Look at SE_OBJECT_TYPE, then the docs for SE_REGISTRY_KEY) internal static String HKeyNameToWindowsName(String keyName) { if (keyName.StartsWith("HKEY_")) { if (keyName.Equals("HKEY_LOCAL_MACHINE")) return "MACHINE"; return keyName.Substring(5); } return keyName; } [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal void Persist(String keyName) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand(); AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); if (persistRules == AccessControlSections.None) return; // Don't need to persist anything. String windowsKeyName = HKeyNameToWindowsName(keyName); base.Persist(windowsKeyName, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } */ [SecurityPermission(SecurityAction.Assert, UnmanagedCode=true)] internal void Persist(SafeRegistryHandle hKey, String keyName) { new RegistryPermission(RegistryPermissionAccess.NoAccess, AccessControlActions.Change, keyName).Demand(); WriteLock(); try { AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); if (persistRules == AccessControlSections.None) return; // Don't need to persist anything. base.Persist(hKey, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } finally { WriteUnlock(); } } public void AddAccessRule(RegistryAccessRule rule) { base.AddAccessRule(rule); } public void SetAccessRule(RegistryAccessRule rule) { base.SetAccessRule(rule); } public void ResetAccessRule(RegistryAccessRule rule) { base.ResetAccessRule(rule); } public bool RemoveAccessRule(RegistryAccessRule rule) { return base.RemoveAccessRule(rule); } public void RemoveAccessRuleAll(RegistryAccessRule rule) { base.RemoveAccessRuleAll(rule); } public void RemoveAccessRuleSpecific(RegistryAccessRule rule) { base.RemoveAccessRuleSpecific(rule); } public void AddAuditRule(RegistryAuditRule rule) { base.AddAuditRule(rule); } public void SetAuditRule(RegistryAuditRule rule) { base.SetAuditRule(rule); } public bool RemoveAuditRule(RegistryAuditRule rule) { return base.RemoveAuditRule(rule); } public void RemoveAuditRuleAll(RegistryAuditRule rule) { base.RemoveAuditRuleAll(rule); } public void RemoveAuditRuleSpecific(RegistryAuditRule rule) { base.RemoveAuditRuleSpecific(rule); } public override Type AccessRightType { get { return typeof(RegistryRights); } } public override Type AccessRuleType { get { return typeof(RegistryAccessRule); } } public override Type AuditRuleType { get { return typeof(RegistryAuditRule); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- _OverlappedAsyncResult.cs
- GridViewRowEventArgs.cs
- MarshalByValueComponent.cs
- XmlWellformedWriterHelpers.cs
- TreeViewImageIndexConverter.cs
- WebAdminConfigurationHelper.cs
- RoleGroup.cs
- CollectionBuilder.cs
- AdornerHitTestResult.cs
- EmptyQuery.cs
- DoubleAnimationBase.cs
- ObfuscateAssemblyAttribute.cs
- SqlDataSourceStatusEventArgs.cs
- NativeMethods.cs
- WebBaseEventKeyComparer.cs
- DecoratedNameAttribute.cs
- PersonalizationEntry.cs
- ListDictionaryInternal.cs
- ExpressionBuilderCollection.cs
- UniqueEventHelper.cs
- StructuralObject.cs
- CheckBox.cs
- ButtonRenderer.cs
- RenderCapability.cs
- WindowsIdentity.cs
- PluralizationServiceUtil.cs
- Span.cs
- ErasingStroke.cs
- ToolBarPanel.cs
- ComponentFactoryHelpers.cs
- GeometryGroup.cs
- WindowsFormsSectionHandler.cs
- OciEnlistContext.cs
- SQLSingleStorage.cs
- CollectionViewGroupRoot.cs
- DesignerPainter.cs
- InstanceData.cs
- FixedLineResult.cs
- WebPartsPersonalization.cs
- ValueQuery.cs
- ProgressBarBrushConverter.cs
- BinaryExpression.cs
- JpegBitmapEncoder.cs
- LinkClickEvent.cs
- WebPartDesigner.cs
- TextBoxRenderer.cs
- GroupBox.cs
- XPathNodeHelper.cs
- log.cs
- RSAPKCS1KeyExchangeDeformatter.cs
- WindowsUserNameCachingSecurityTokenAuthenticator.cs
- UnsafeCollabNativeMethods.cs
- Point3DConverter.cs
- EventTrigger.cs
- ConfigurationElementCollection.cs
- GrammarBuilder.cs
- ValueType.cs
- LZCodec.cs
- InvalidCastException.cs
- NativeObjectSecurity.cs
- SectionInformation.cs
- handlecollector.cs
- TdsParserSessionPool.cs
- UpdatePanel.cs
- EntityDataReader.cs
- FileDetails.cs
- DataGridViewRowHeightInfoPushedEventArgs.cs
- WindowsContainer.cs
- GraphicsPath.cs
- MdbDataFileEditor.cs
- WeakEventTable.cs
- ComboBoxAutomationPeer.cs
- ObservableCollection.cs
- Pair.cs
- RepeatInfo.cs
- ToolboxComponentsCreatedEventArgs.cs
- XmlSchemaIdentityConstraint.cs
- SHA384Managed.cs
- GcSettings.cs
- Array.cs
- HitTestParameters3D.cs
- EtwTrace.cs
- SecurityHelper.cs
- MenuBindingsEditor.cs
- WindowsRichEditRange.cs
- OracleException.cs
- XmlCDATASection.cs
- Bidi.cs
- PaperSize.cs
- BindingCollection.cs
- Imaging.cs
- ReferenceConverter.cs
- VisualBrush.cs
- DataPager.cs
- CompensateDesigner.cs
- SrgsElement.cs
- CookielessHelper.cs
- MetadataStore.cs
- InstancePersistenceContext.cs
- NativeMethods.cs