JSI Tip 1256. C2Config doesn't set registry permissions inheritance.

C2config, from the Resource Kit, fails to set Inheritance on the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Secure

Modify the C2RegACL.inf file to include the INHERIT attribute.

Sample of a section of the C2RegACL.inf before modifications:

\[HKEY_LOCAL_MACHINE\SOFTWARE\]
BUILTIN\Administrators = FULL
CREATOR OWNER = FULL
SYSTEM = FULL
Everyone = QV, SV, CS, ES, NT, DE, RC

Sample of the same section, after modification:

\[HKEY_LOCAL_MACHINE\SOFTWARE\]
BUILTIN\Administrators = FULL
BUILTIN\Administrators = INHERIT, FULL
CREATOR OWNER = FULL
CREATOR OWNER = INHERIT, FULL
SYSTEM = FULL
SYSTEM = INHERIT, FULL
Everyone = QV, SV, CS, ES, NT, DE, RC
Everyone = INHERIT, QV, SV, CS, ES, NT, DE, RC


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish