Incorrect SDDL string returned while trying to read the Registry User Permissions....
Hi All!
I am trying to Read the User Permissions of a Registry Base Key (HKLM\.DEFAULT) by using the GetSecurityInfo method of Win32 API dll(Advapi32.dll).
// Assign the pointer zero value
IntPtr ptrOwnerSid = IntPtr.Zero;
IntPtr ptrGroupSid = IntPtr.Zero;
IntPtr ptrDacl = IntPtr.Zero;
IntPtr ptrSacl = IntPtr.Zero;
IntPtr ptrSecDesc = IntPtr.Zero;
// Retrieving the security information
DWORD rc = GetSecurityInfo(hKey, SE_OBJECT_TYPE.SE_REGISTRY_KEY, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION|SEC URITY_INFORMATION.PROTECTED_DACL_SECURITY_INFORMAT ION|SECURITY_INFORMATION.UNPROTECTED_DACL_SECURITY _INFORMATION,ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
string strSDDL=ConvertSDToStringSD(ptrSecDesc,4);
This method returns a string value(SDDL String) describing the Permissions that apply to the Registry Base Key, but
the SDDL String value that is being returned is:
D:PAI(A;;KR;;;BU)(A;CIIO;GR;;;BU)(A;;KR;;;PU)(A;CI IO;GR;;;PU)(A;;KA;;;BA)(A;CIIO;GA;;;BA)(A;;KA;;;SY )(A;CIIO;GA;;;SY)(A;;KA;;;BA)(A;CIIO;GA;;;CO)
But on checking the actual permissions for this particular base key in Registry Editor on the system this is what I found:
Allow - Administrators - Full Control - <not inherited> - This key and subkeys
Allow - CREATOR OWNER - Full Control - <not inherited> - Subkeys only
Allow - Power Users - Read - <not inherited> - This key and subkeys
Allow - SYSTEM - Full Control - <not inherited> - This key and subkeys
Allow - Users - Read - <not inherited> - This key and subkeys
According to this I should get only 5 ACE's in the SDDL string listed above but instead I am getting 10 ACE's.
Could any one tell me how this could be set right???
Thanks in advance..
|
Linear Mode
