JSI Tip 0362 - How to configure the RestrictRun registry key.

In tip 050 we learned that setting the RestrictRun Value in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer key to 1 would allow us to configure allowed programs at the RestrictRun key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun

RestrictRun can only works from the Explorer process. It does not prevent users from running programs, such as Task Manager, that are started by the system process or by other processes such as CMD.EXE.

For Windows NT to operate properly, users must be permitted to run Systray.exe and setup.exe (both are in %SystemRoot%\System32).

The value entries in this subkey represent local programs which can appear in any order. The value entries have the following syntax:

Decimal number (starting with 1) of type REG_SZ with a data string which is the name of executable file.

Example:

1  REG_SZ  setup.exe
2  REG_SZ  systray.exe
3  REG_SZ  Iexplore.exe
4  REG_SZ  JSITTARH.EXE

where JSITTARH.EXE is the JSI, Inc. - Desktop Tips, Tricks, and Registry Hacks self browsing executable which is described near the bottom of \[NT Main Tips Page\] .

 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish