110,536
社区成员
发帖
与我相关
我的任务
分享请发表友善的回复…
发表回复
rainyubin 2007-01-16
- 打赏
- 举报
mark 学习!
idiotzeng 2007-01-16
- 打赏
- 举报
贴错地方了好象~~~
idiotzeng 2007-01-16
- 打赏
- 举报
IEnumerator levels = System.Security.SecurityManager.PolicyHierarchy();
while (levels.MoveNext())
{
PolicyLevel level = (PolicyLevel)levels.Current;
// We position ourselves on the Top Level CodeGroup for each Policy Level we enumerate through
CodeGroup group = level.RootCodeGroup;
// Look for the Machine Level Policy
if (level.Label.ToString( ) == "Machine")
{
// Now Look for the All_Code/All code CodeGroup - this is the default Toplevel code Group in .NET at each Policy level
if (group.MembershipCondition.ToString( ) == "All code")
{
for(int i=0;i<group.Children.Count;i++)
{
CodeGroup subgroup = group.Children[i] as CodeGroup;
if(subgroup.Name=="***")
return;
}
// Now we add a Child CodeGroup which gives our code the "Full Trust" Permission Set
System.Security.PermissionSet permSetFulltrust =
level.GetNamedPermissionSet("FullTrust");
// Define a membership condition which deals with code that is downloaded from the Internet - the URL Condition
// Note we are not actually going to add our codeGroup to the "Internet Zone" level but as a new Child CodeGroup
// to which we can add a FullTrust permission set --> this should hopefully prevent any problems if an administrator
// blocks all permissions for assemblies from the Internet Zone.
System.Security.Policy.UrlMembershipCondition objUrlMembershipCondition
= new UrlMembershipCondition("http://www.***.com");
// Now add the Child CodeGroup - this is exactly what the caspol tool does for us
// e.g //caspol -ag 1. -url http://localhost/* FullTrust -name TestCodeGroup
UnionCodeGroup ucg = new
System.Security.Policy.UnionCodeGroup(objUrlMembershipCondition,new
System.Security.Policy.PolicyStatement (permSetFulltrust));
ucg.Name ="****";
group.AddChild(ucg);
// and finally get .Net to save the policy for us
System.Security.SecurityManager.SavePolicy( );
return;
}
}
while (levels.MoveNext())
{
PolicyLevel level = (PolicyLevel)levels.Current;
// We position ourselves on the Top Level CodeGroup for each Policy Level we enumerate through
CodeGroup group = level.RootCodeGroup;
// Look for the Machine Level Policy
if (level.Label.ToString( ) == "Machine")
{
// Now Look for the All_Code/All code CodeGroup - this is the default Toplevel code Group in .NET at each Policy level
if (group.MembershipCondition.ToString( ) == "All code")
{
for(int i=0;i<group.Children.Count;i++)
{
CodeGroup subgroup = group.Children[i] as CodeGroup;
if(subgroup.Name=="***")
return;
}
// Now we add a Child CodeGroup which gives our code the "Full Trust" Permission Set
System.Security.PermissionSet permSetFulltrust =
level.GetNamedPermissionSet("FullTrust");
// Define a membership condition which deals with code that is downloaded from the Internet - the URL Condition
// Note we are not actually going to add our codeGroup to the "Internet Zone" level but as a new Child CodeGroup
// to which we can add a FullTrust permission set --> this should hopefully prevent any problems if an administrator
// blocks all permissions for assemblies from the Internet Zone.
System.Security.Policy.UrlMembershipCondition objUrlMembershipCondition
= new UrlMembershipCondition("http://www.***.com");
// Now add the Child CodeGroup - this is exactly what the caspol tool does for us
// e.g //caspol -ag 1. -url http://localhost/* FullTrust -name TestCodeGroup
UnionCodeGroup ucg = new
System.Security.Policy.UnionCodeGroup(objUrlMembershipCondition,new
System.Security.Policy.PolicyStatement (permSetFulltrust));
ucg.Name ="****";
group.AddChild(ucg);
// and finally get .Net to save the policy for us
System.Security.SecurityManager.SavePolicy( );
return;
}
}
Zine_Alone 2007-01-16
- 打赏
- 举报
http://developmentnow.com/g/33_2004_11_0_0_14282/how-to-change-audit-policy-using-wmi.htm
lizhizhe2000 2007-01-16
- 打赏
- 举报
你下载 一个这个软件Regmon
yan0lovesha 2007-01-16
- 打赏
- 举报
怎么找到相应的位置呢?这个东西是要做成产品给客户的,我的目的是要对组策略中的用户文件夹重定向进行操作。
这种开发有没有可用的编程接口呢?
谢谢!
这种开发有没有可用的编程接口呢?
谢谢!
viena 2007-01-16
- 打赏
- 举报
找到相应组策略在注册表的位置,直接修改注册表,是个办法~
yan0lovesha 2007-01-16
- 打赏
- 举报
可是我必须要完全通过编程控制。有什么主意吗?或者有什么资料可以共享吗?
lizhizhe2000 2007-01-16
- 打赏
- 举报
我做的时候一般都是在修改组策略时监视注册表的的变化,然后修改注册表的!
viena 2007-01-16
- 打赏
- 举报
@_@
