Change all registry access permissions to administrator only?

G

Guest

Hello, Is it possible for me to change all registry entrys that have access
listed for user, and administrator to just administrator? Perhaps more
clearly, in my yregistry the listing have access. 'write' administrator
only,' read' admin./ user. I am thinking that if I can remove all acces to
any part of my registry except by administrator, I would achieve a far more
secure system. Also I shoud state that I have no intention of haveing any
other users, other than myself, on my system.
 
G

Guest

-There would be litle point. If a Trojan gets onto the machine froma
web-browsing session, it will be running in your user-space and so will have
full access to the registry.

The correct way to do this (On XP Pro) is to work as a limited user UNLESS
you need to change system-settings. The limited user has no
write-permissions to HKLM, and can only write to their own key in HKEY_USERS.
The downisde is that if you make frequent changes to the system it will be a
huge hassle having to keep logging-off and closing all of your work. . Which
is why most people work as an Administrator.

Vista is supposed to have a better arrangement, though from what I've seen,
it needs some work yet.
 
G

Guest

Thanks for your reply Ian. I am not thinking so much of a trojan as I am of
blocking any sort of outside control or viewing of my system files or
resorces. I have a suspicion that my connection has been tapped and I am
being monitored. I dont know how to stop the process as I believe the
monitoring is being conducted between my modem and the input at the telephone
pole connection. I know that sounds crazy, but I believe it to be the case. I
thought that by restricting the access permissions, I could at least limit
the amount of data that is available to be read by an outside source.
 
T

Touch Base

| Hello, Is it possible for me to change all registry entrys that have access
| listed for user, and administrator to just administrator? Perhaps more
| clearly, in my yregistry the listing have access. 'write' administrator
| only,' read' admin./ user. I am thinking that if I can remove all acces to
| any part of my registry except by administrator, I would achieve a far more
| secure system. Also I shoud state that I have no intention of haveing any
| other users, other than myself, on my system.
| --
| thanks to all for all time and effort



Put in a decent firewall and close off all remote access. Remove computer from internet access until your computer is tightened up.
 
S

Steven L Umbach

It is possible but I don't see it as a good strategy to secure your
computer. Note that if anyone gains administrator access to your computer
they can grant themselves permissions to everything other than possibly
encrypted files on the computer and most likely even encrypted files given
enough time. If you have something specific you want to secure against let
us know and we can probably help with a more defense in depth solution.

Steve

http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx
--- Protect Your PC basics
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Changing HKCU registry permissions for other user, as Admin. 0
Lost Administrator Privileges 10
You do not have access to make the required system configuration m 1
How to add another user without losing access to Administrator 3
SP2 Reset Registry Permissions? 2
Admin Logon Missing 6
Administrator cannot access registry or uninstall programs 11
administrator account problems 3

Top