Mail Archives: cygwin/2005/10/28/03:35:52
Dave,
Chris,
* Chris Taylor (2005-10-27 10:59 +0100)
> Dave Korn wrote:
>> Thorsten Kampe wrote:
>>>* Chris Taylor (2005-10-26 17:38 +0100)
>>>>Problem with that is that if the sysadmin knows what he's doing, it only
>>>>takes about 4 seconds to block off almost all possible ways of actually
>>>>editing the registry...
>>>
>>>Definitely not.
>>
>> Oh yes it does. Start->Run->regedit. Right-click the user's tree under
>> HKEY_USERS, choose Permissions, remove their write access leaving them a
>> read-only per-user registry tree. Easily done in 4 seconds by an experienced
>> BOFH, and can't be reversed without admin rights!
>
> Thankyou for proving my point Dave.
> Does anyone else feel Thorsten should let this go now, before we all
> lose any semblance of respect for him as a person? (Or did that already
> happen to the rest of you?)
You and Dave actually tried that, didn't you?! Of course you did -
because, as Dave pointed out in [1]: "There's an important point here.
Before claiming that a piece of software does or does not exhibit a
certain behaviour, DON'T JUST GUESS - TEST IT AND SEE!"
The bad news is that your whole scenario is absolutely pointless. The
registry key under HKEY_USERS is only dynamically loaded from the
user's ntuser.dat while he's *logged on*[2].
So an experienced BOFH couldn't just "Right-click the user's tree
under HKEY_USERS, choose Permissions, remove their write access
leaving them a read-only per-user registry tree" BECAUSE THERE IS NO
SUCH KEY UNDER HKEY_USERS!!
It's easy to verify that if you look at [3].
T.
[1] http://permalink.gmane.org/gmane.os.cygwin/70828%3E
[2] except systemprofile, LocalService and NetworkService which are always loaded
[3] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -