Secure registry for remote access
Have a client program that accesses a server using a mapped drive and uses
this connection to access the server's registry for it's settings.
At the moment I am trying to secure the registry so that a user with this
program could not open regedt32 or regedit and tamper with the servers
registry but I am having a few problems.
If I give read access to
HKLM\System\CurrentControlSet\Control\SecurePipeServers\winreg then when I
run regedt32 as a user with only user group permissions I can access and
change almost any registry key/value that does not have specific permissions
to restrict access. In the MSDN various articles state that you do not need
to give permission on the winreg key as long as you add the path to the key
you wish to access in the Machine MULTI_SZ under the winreg\AllowedPaths key
e.g. add path Software\Test and I should be able to connect anonymously and
access the HKLM\Software\Test key with the access being restricted by the
permissions on the Test key. Unfortunatly this does not work either as the
client program is unable to access the registry at all.
Has anybody come across this problem? Does anyone have a solution?