17.03.2013, 16:15
|
|
Новичок
|
|
Регистрация: 10.03.2013
Сообщения: 73
Репутация: 10
|
|
А вот это не о том?
Код:
procedure SetRegKeySecurity(KeyRoot : HKEY; KeyName : String);
var
Privs : IJwPrivilegeScope;
Key : HKEY;
KeySec : TJwSecureRegistryKey;
DACL : TJwDAccessControlList;
begin
JwInitWellKnownSIDs; //inits JwSecurityProcessUserSID
if RegOpenKeyEx(KeyRoot, PChar(KeyName), 0, KEY_ALL_ACCESS, Key) = ERROR_ACCESS_DENIED then
begin
Privs := JwGetPrivilegeScope([SE_TAKE_OWNERSHIP_NAME], pst_Enable);
if RegOpenKeyEx(KeyRoot, PChar(KeyName), 0, WRITE_OWNER, Key) <> 0 then
RaiseLastOSError;
try
TJwSecureRegistryKey.TakeOwnerShip(Key);
if RegOpenKeyEx(KeyRoot, PChar(KeyName), 0, WRITE_DAC, Key) <> 0 then
RaiseLastOSError;
KeySec := TJwSecureRegistryKey.Create(Key);
try
DACL := KeySec.DACL; //returns a cached DACL so we must not free it!
DACL.Add(TJwDiscretionaryAccessControlEntryAllow.Create(nil, [afContainerInheritAce], KEY_ALL_ACCESS, JwSecurityProcessUserSID));
KeySec.SetDACL(DACL);
finally
KeySec.Free;
end;
finally
RegCloseKey(Key)
end;
end;
end;
|