1,183
社区成员
发帖
与我相关
我的任务
分享
uses aclapi,AccCtrl;
...
var
lpObjectName:LPTSTR;
OldDACL,NewDACL:PACL ; //uses aclapi
ObjectType:SE_OBJECT_TYPE ; //uses AccCtrl
SD:PSECURITY_DESCRIPTOR;
ea: EXPLICIT_ACCESS;
label Cleanup;
begin
lpObjectName := 'MACHINE\\SYSTEM\\ControlSet001\\Enum\\Root';
// ObjectType :=SE_REGISTRY_KEY;
//建立一个空的ACL;
if SetEntriesInAcl(0, nil, nil, OldDACL)<>ERROR_SUCCESS then
exit;
if (SetEntriesInAcl(0, nil, nil, NewDACL)<>ERROR_SUCCESS) then
exit;
//获取现有的ACL列表到OldDACL
if GetNamedSecurityInfo(lpObjectName, ObjectType,
DACL_SECURITY_INFORMATION,
nil, nil,
OldDACL,
nil, SD) <> ERROR_SUCCESS then
Application.MessageBox('指定的键不存在!','提示',MB_OK);
//设置用户名"Everyone"对指定的键有所有操作权到结构ea
ZeroMemory(@ea, sizeof(EXPLICIT_ACCESS));
BuildExplicitAccessWithName(@ea,
'Everyone', // name of trustee
GENERIC_ALL, // type of access
SET_ACCESS, // access mode
SUB_CONTAINERS_AND_OBJECTS_INHERIT); //让自健继承他的权限; inheritance mode
// 本文转自 C++Builder研究 - http://www.ccrun.com/article.asp?i=563&d=tshoza
//合并结构ea和OldDACL的权限列表到新的NewDACL
if SetEntriesInAcl(1, @ea, nil, NewDACL) <> ERROR_SUCCESS then
goto Cleanup;
//把新的ACL写入到指定的键
SetNamedSecurityInfo(lpObjectName, ObjectType,
DACL_SECURITY_INFORMATION,
nil, nil,
NewDACL,
nil);
///////开始操作注册表//////////
//..........
//////////
//恢复注册表的权限;
BuildExplicitAccessWithName(@ea,
'Everyone', // name of trustee
GENERIC_READ, // type of access
SET_ACCESS, // access mode
NO_INHERITANCE); //让自健继承他的权限; inheritance mode
if SetEntriesInAcl(1, @ea, nil, OldDACL) <> ERROR_SUCCESS then
goto Cleanup;
//把旧的ACL写入到指定的键
SetNamedSecurityInfo(lpObjectName, ObjectType,
DACL_SECURITY_INFORMATION,
nil, nil,
OldDACL,
nil);
//释放指针
Cleanup:
if SD <> nil then
LocalFree(HLOCAL (SD));
if NewDACL <> nil then
LocalFree(HLOCAL (NewDACL));
if OldDACL <> nil then
LocalFree(HLOCAL( OldDACL));