Security Question

R

Robert Paris

I am looking for how I can do the following on Win2K:

1. Disable a User's ability to write to/edit the registry
(Actually disable for all but Administrator)
 
H

Heelen Diyond

Hi,
You can do it using regedt32.
Right click on the hive,then set the permission that you want.
 
M

Mark V

In said:
I am looking for how I can do the following on Win2K:

1. Disable a User's ability to write to/edit the registry
(Actually disable for all but Administrator)
Click to expand...

There are two parts here.
1 Disabling use of registry tools (a Group Policy item)
2 Changing the ACLs of registry keys.

1 would be a preferred method if it fits your requirements.
2 is fraught with hazards and might break things.

And the original question does not specify *where* you need to disable
a user from writing. Ordinary users are already restricted in where
they can write in "the registry". For the HKCU branch (hive), they
*must* be able to write (in most portions). You need to be more
specific.
 
R

Robert Paris

Basically, here's the problem: people are going on the internet and
downloading files that install themselves and write all sorts of crap to the
registry (like setting themselves to run on startup, etc). I want to keep
the users and the programs they download (by accident or on purpose) from
writing ANYTHING to the registry. I only want an admin able to write to the
registry. And you're right it includes both the tools and the permissions.
So what's the best way to do this?
 
M

Mark V

In said:
Basically, here's the problem: people are going on the internet
and downloading files that install themselves and write all sorts
of crap to the registry (like setting themselves to run on
startup, etc). I want to keep the users and the programs they
download (by accident or on purpose) from writing ANYTHING to the
registry. I only want an admin able to write to the registry. And
you're right it includes both the tools and the permissions. So
what's the best way to do this?
Click to expand...

That would be outside the scope of a group focused on registry issues
IMO. A comprehensive security analysis of not just local systems,
but company policies, routers, proxies, firewalls, and other aspects
is likely warranted.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Questions 1
Win 2k Security Questions 2
Disable new grid Chrome tabs on Android 9
no print 3
Concerning HD Sentinel 20
How do you disable password protection in Excel? 1
How to disable password for limited user 5
PowerPoint Powerpoint Slow Animations 2

Top