Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Windows Registry
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Security == {{Main|Security descriptor}} Each key in the registry of Windows NT versions can have an associated [[security descriptor]]. The security descriptor contains an [[access control list|access control list (ACL)]] that describes which user groups or individual users are granted or denied access permissions. The set of registry permissions include 10 rights/permissions which can be explicitly allowed or denied to a user or a group of users. {| class=wikitable |+Registry permissions |- !Permission !Description |- |Query Value |The right to read the registry key value. |- |Set Value |The right to write a new value |- |Create Subkey |The right to create subkeys. |- |Enumerate Subkeys |Allow the enumeration of subkeys. |- |Notify |The right to request change notifications for registry keys or subkeys. |- |Create Link |Reserved by the operating system. |- |Delete |The right to delete a key. |- |Write DACL |The right to modify permissions of the container's DACL. |- |Write Owner |The right to modify the container's owner. |- |Read Control |The right to read the DACL. |} As with other securable objects in the operating system, individual access control entries (ACE) on the security descriptor can be explicit or inherited from a parent object.<ref>{{cite book|last=Gibson|first=Darril|title=Microsoft Windows security : essentials|publisher=Wiley|location=Indianapolis, Ind.|isbn=978-1-118-01684-8|chapter=Chapter 4: Securing Access with Permissions|date=June 28, 2011}}</ref> [[Windows Resource Protection]] is a feature of [[Windows Vista]] and later versions of Windows that uses security to deny Administrators and the system WRITE access to some sensitive keys to protect the integrity of the system from malware and accidental modification.<ref>{{cite web|url=https://msdn.microsoft.com/en-us/library/windows/desktop/bb756998.aspx|title=Application Compatibility: Windows Resource Protection (WRP)|publisher=[[Microsoft]]|access-date=8 Aug 2012}}</ref> Special ACEs on the security descriptor can also implement [[mandatory integrity control]] for the registry key and subkeys. A process running at a lower integrity level cannot write, change or delete a registry key/value, even if the account of the process has otherwise been granted access through the ACL. For instance, Internet Explorer running in Protected Mode can ''read'' medium and low integrity registry keys/values of the currently logged on user, but it can only modify low integrity keys.<ref>{{cite web|title=Understanding and Working in Protected Mode Internet Explorer|url=https://msdn.microsoft.com/en-us/library/bb250462(v=vs.85).aspx|access-date=8 August 2012|author=Marc Silbey, Peter Brundrett}}</ref> Outside security, registry keys cannot be deleted or edited due to other causes. Registry keys containing NUL characters cannot be deleted with standard registry editors and require a special utility for deletion, such as [[RegDelNull]].<ref>{{cite web | url=https://technet.microsoft.com/en-us/sysinternals/bb897448.aspx | title=RegDelNull v1.1 | date=1 November 2006 | access-date=8 August 2012 }}</ref><ref>{{cite web | url=http://support.microsoft.com/kb/2021860 | title=Unable to delete certain registry keys β Error while deleting key | date= March 23, 2010 | access-date=8 August 2012 }} Microsoft Support page.</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)