RegistryPermission クラス
アセンブリ: mscorlib (mscorlib.dll 内)
構文
<SerializableAttribute> _ <ComVisibleAttribute(True)> _ Public NotInheritable Class RegistryPermission Inherits CodeAccessPermission Implements IUnrestrictedPermission
[SerializableAttribute] [ComVisibleAttribute(true)] public sealed class RegistryPermission : CodeAccessPermission, IUnrestrictedPermission
[SerializableAttribute] [ComVisibleAttribute(true)] public ref class RegistryPermission sealed : public CodeAccessPermission, IUnrestrictedPermission
RegistryPermission は、レジストリ変数の操作に対する保護方法を管理します。レジストリ変数は、RegistryPermission を持たないコードがアクセスできるメモリ位置に格納しないでください。レジストリ オブジェクトが信頼関係のない呼び出し元に渡されると、不正に使用される場合があります。
許可するレジストリ アクセスの種類は、RegistryPermissionAccess で定義します。複数の種類のアクセスが必要な場合は、次のコード サンプルで示すように、ビット単位の OR 演算を使用して組み合わせることができます。
レジストリ アクセス許可は、標準絶対パスで定義されます。常に標準パス名でチェックする必要があります。キーへのアクセスは、キーに含まれるすべての値、およびキーの下にあるすべての変数へのアクセスを意味します。
注意 |
---|
注 意 (メモ): RegistryPermissionは、HKEY_CURRENT_USER と HKEY_USERS を含め、キーへのすべてのパスに対するアクセス許可を与えます。ファイルへのアクセスを Deny によって拒否するには、そのファイルへの有効なパスをすべて Deny によって拒否する必要があります。たとえば、HKEY_CURRENT_USER\Software\Microsoft\Cryptography へのアクセスを Deny によって拒否するには、HKEY_CURRENT_USER\Software\Microsoft\Cryptography、HKEY_USERS\.......\Software\Microsoft\Cryptography を含め、そのキーにアクセスするために使用できるすべてのパスを Deny によって拒否する必要があります。複数のパスを使用する場合は、PermitOnly と Deny を組み合わせて使用することをお勧めします。この問題および PermitOnly と Deny の使用法の詳細については、「Deny メソッドの使用」の「Deny の使用による標準化の問題」を参照してください。 |
次のコード例では、RegistryPermissionf は CentralProcessor キーから値を読み取るためのアクセス許可を表します。Read と Write は RegistryPermissionAccess 列挙値です。
Dim f As New RegistryPermission( _ RegistryPermissionAccess.Read, _ "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0")
RegistryPermission f = new RegistryPermission( RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0");
RegistryPermission^ f = gcnew RegistryPermission( RegistryPermissionAccess::Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0" );
RegistryPermission f = new RegistryPermission(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\" + "System\\CentralProcessor\\0");
FloatingPointProcessor キーに対する読み取りアクセス許可と書き込みアクセス許可を RegistryPermissionf に追加するコード例を次に示します。
f.AddPathList( _ RegistryPermissionAccess.Write Or RegistryPermissionAccess.Read, _ "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\FloatingPointProcessor\0")
f.AddPathList( RegistryPermissionAccess.Write | RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\FloatingPointProcessor\\0");
f->AddPathList( (RegistryPermissionAccess) (RegistryPermissionAccess::Write | RegistryPermissionAccess::Read) , "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\FloatingPointProcessor\\0" );
f.AddPathList(RegistryPermissionAccess.Write | RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\" + "DESCRIPTION\\System\\FloatingPointProcessor\\0");
RegistryPermission f は、CentralProcessor キーに対する読み取りアクセス許可と、FloatingPointProcessor キーに対する読み取りアクセス許可および書き込みアクセス許可を表します。
RegistryPermission メソッドの動作を示すコード例を次に示します。この例では、メソッドの使用方法ではなく、メソッドの結果を示すことを目的としています。
' This sample demonstrates the IsSubsetOf, Union, Intersect, Copy, ToXml, FromXml ' GetPathList, AddPathList, and SetPathList methods ' of the RegistryPermission class. Imports System Imports System.Security Imports System.Security.Permissions Imports System.Collections Public Class RegistryPermissionDemo Private readPerm1 As New RegistryPermission(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0") Private readPerm2 As New RegistryPermission(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION") Private readPerm3 As New RegistryPermission(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\FloatingPointProcessor\0") Private createPerm1 As New RegistryPermission(RegistryPermissionAccess.Create, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0") Private readPerm4 As IPermission ' IsSubsetOf determines whether the current permission is a subset of the specified permission. Private Function IsSubsetOfDemo() As Boolean Dim returnValue As Boolean = True If readPerm1.IsSubsetOf(readPerm2) Then Console.WriteLine(readPerm1.GetPathList(RegistryPermissionAccess.Read) + vbLf + " is a subset of " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + vbLf) Else Console.WriteLine(readPerm1.GetPathList(RegistryPermissionAccess.Read) + vbLf + " is not a subset of " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + vbLf) End If If createPerm1.IsSubsetOf(readPerm1) Then Console.WriteLine("RegistryPermissionAccess.Create" + vbLf + " is a subset of " + "RegistryPermissionAccess.Read" + vbLf) Else Console.WriteLine("RegistryPermissionAccess.Create" + vbLf + " is not a subset of " + "RegistryPermissionAccess.Read" + vbLf) End If Return returnValue End Function 'IsSubsetOfDemo ' Union creates a new permission that is the union of the current permission and ' the specified permission. Private Function UnionDemo() As Boolean Dim returnValue As Boolean = True readPerm3 = CType(readPerm1.Union(readPerm2), RegistryPermission) If readPerm3 Is Nothing Then Console.WriteLine("The union of " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " " + vbLf + "and " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " is null.") Else Console.WriteLine("The union of " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " " + vbLf + "and " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " = " + vbLf + vbTab + CType(readPerm3, RegistryPermission).GetPathList(RegistryPermissionAccess.Read).ToString()) End If Return returnValue End Function 'UnionDemo ' Intersect creates and returns a new permission that is the intersection of the ' current permission and the permission specified. Private Function IntersectDemo() As Boolean Dim returnValue As Boolean = True readPerm3 = CType(readPerm1.Intersect(readPerm2), RegistryPermission) If Not (readPerm3 Is Nothing) AndAlso Not (readPerm3.GetPathList(RegistryPermissionAccess.Read) Is Nothing) Then Console.WriteLine("The intersection of " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " " + vbLf + "and " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " = " + vbLf + vbTab + CType(readPerm3, RegistryPermission).GetPathList(RegistryPermissionAccess.Read).ToString()) Else Console.WriteLine("The intersection of " + vbLf + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " " + vbLf + "and " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " is null. ") End If Return returnValue End Function 'IntersectDemo 'Copy creates and returns an identical copy of the current permission. Private Function CopyDemo() As Boolean Dim returnValue As Boolean = True readPerm4 = CType(readPerm1.Copy(), RegistryPermission) If Not (readPerm4 Is Nothing) Then Console.WriteLine("Result of copy = " + readPerm4.ToXml().ToString() + vbLf) Else Console.WriteLine("Result of copy is null. " + vbLf) End If Return returnValue End Function 'CopyDemo ' ToXml creates an XML encoding of the permission and its current state; FromXml ' reconstructs a permission with the specified state from the XML encoding. Private Function ToFromXmlDemo() As Boolean Dim returnValue As Boolean = True readPerm2 = New RegistryPermission(PermissionState.None) readPerm2.FromXml(readPerm1.ToXml()) Console.WriteLine("Result of ToFromXml = " + readPerm2.ToString() + vbLf) Return returnValue End Function 'ToFromXmlDemo ' AddPathList adds access for the specified registry variables to the existing state of the permission. ' SetPathList sets new access for the specified registry variable names to the existing state of the permission. ' GetPathList gets paths for all registry variables with the specified RegistryPermissionAccess. Private Function SetGetPathListDemo() As Boolean Try Console.WriteLine("********************************************************" + vbLf) Dim readPerm1 As RegistryPermission Console.WriteLine("Creating RegistryPermission with AllAccess rights for 'HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0'") readPerm1 = New RegistryPermission(RegistryPermissionAccess.AllAccess, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0") Console.WriteLine("Adding 'HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION' to the write access list, " + "and " + vbLf + " 'HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\FloatingPointProcessor\0' " + "to the read access list.") readPerm1.AddPathList(RegistryPermissionAccess.Write, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION") readPerm1.AddPathList(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\FloatingPointProcessor\0") Console.WriteLine("Read access list before SetPathList = " + readPerm1.GetPathList(RegistryPermissionAccess.Read)) Console.WriteLine("Setting read access rights to " + vbLf + "'HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0'") readPerm1.SetPathList(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0") Console.WriteLine("Read access list after SetPathList = " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.Read)) Console.WriteLine("Write access = " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.Write)) Console.WriteLine("Write access Registry variables = " + vbLf + readPerm1.GetPathList(RegistryPermissionAccess.AllAccess)) Catch e As ArgumentException ' RegistryPermissionAccess.AllAccess can not be used as a parameter for GetPathList. Console.WriteLine("An ArgumentException occured as a result of using AllAccess. " + _ "AllAccess cannot be used as a parameter in GetPathList because it represents more than one " + _ "type of registry variable access : " + vbLf + e.Message) End Try Return True End Function 'SetGetPathListDemo ' Invoke all demos. Public Function RunDemo() As Boolean Dim ret As Boolean = True Dim retTmp As Boolean ' Call IsSubset demo. If IsSubsetOfDemo() Then Console.Out.WriteLine("IsSubset demo completed successfully.") Else Console.Out.WriteLine("IsSubset demo failed.") End If ret = retTmp AndAlso ret ' Call the Union demo. retTmp = UnionDemo() If retTmp Then Console.Out.WriteLine("Union demo completed successfully.") Else Console.Out.WriteLine("Union demo failed.") End If ret = retTmp AndAlso ret ' Call the intersect demo. retTmp = UnionDemo() If retTmp Then Console.Out.WriteLine("Intersect demo completed successfully.") Else Console.Out.WriteLine("Intersect demo failed.") End If ret = retTmp AndAlso ret ' Call the Copy demo. retTmp = CopyDemo() If retTmp Then Console.Out.WriteLine("Copy demo completed successfully.") Else Console.Out.WriteLine("Copy demo failed.") End If ret = retTmp AndAlso ret ' Call the ToFromXml demo. retTmp = ToFromXmlDemo() If retTmp Then Console.Out.WriteLine("ToFromXml demo completed successfully.") Else Console.Out.WriteLine("ToFromXml demo failed.") End If ret = retTmp AndAlso ret ' Call the GetPathList demo. retTmp = SetGetPathListDemo() If retTmp Then Console.Out.WriteLine("SetGetPathList demo completed successfully.") Else Console.Out.WriteLine("SetGetPathList demo failed.") End If ret = retTmp AndAlso ret Return ret End Function 'RunDemo ' Test harness. Public Shared Sub Main(ByVal args() As String) Try Dim democase As New RegistryPermissionDemo() Dim ret As Boolean = democase.RunDemo() If ret Then Console.Out.WriteLine("The RegisterPermission demo completed successfully.") Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 100 Else Console.Out.WriteLine("The RegisterPermission demo failed") Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 101 End If Catch e As Exception Console.Out.WriteLine("The RegisterPermission demo failed") Console.WriteLine(e.ToString()) Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 101 End Try End Sub 'Main End Class 'RegistryPermissionDemo
// This sample demonstrates the IsSubsetOf, Union, Intersect, Copy, ToXml, FromXml // GetPathList, AddPathList, and SetPathList methods // of the RegistryPermission class. using System; using System.Security; using System.Security.Permissions; using System.Collections; [assembly: CLSCompliant(true)] public class RegistryPermissionDemo { RegistryPermission readPerm1 = new RegistryPermission(RegistryPermissionAccess.Read , "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"); RegistryPermission readPerm2 = new RegistryPermission(RegistryPermissionAccess.Read , "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION"); RegistryPermission readPerm3 = new RegistryPermission(RegistryPermissionAccess.Read , "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\FloatingPointProcessor\\0"); RegistryPermission createPerm1 = new RegistryPermission(RegistryPermissionAccess.Create , "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"); IPermission readPerm4; // IsSubsetOf determines whether the current permission is a subset of the specified permission. private bool IsSubsetOfDemo() { bool returnValue = true; if (readPerm1.IsSubsetOf(readPerm2)) { Console.WriteLine(readPerm1.GetPathList(RegistryPermissionAccess.Read) + "\n is a subset of " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + "\n"); } else { Console.WriteLine(readPerm1.GetPathList(RegistryPermissionAccess.Read) + "\n is not a subset of " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + "\n"); } if (createPerm1.IsSubsetOf(readPerm1)) { Console.WriteLine("RegistryPermissionAccess.Create" + "\n is a subset of " + "RegistryPermissionAccess.Read" + "\n"); } else { Console.WriteLine("RegistryPermissionAccess.Create" + "\n is not a subset of " + "RegistryPermissionAccess.Read" + "\n"); } return returnValue; } // Union creates a new permission that is the union of the current permission and // the specified permission. private bool UnionDemo() { bool returnValue = true; readPerm3 = (RegistryPermission)readPerm1.Union(readPerm2); if (readPerm3 == null) { Console.WriteLine("The union of \n" + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " \nand " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " is null."); } else { Console.WriteLine("The union of \n" + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " \nand " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " = \n\t" + ((RegistryPermission)readPerm3).GetPathList(RegistryPermissionAccess.Read).ToString()); } return returnValue; } // Intersect creates and returns a new permission that is the intersection of the // current permission and the permission specified. private bool IntersectDemo() { bool returnValue = true; readPerm3 = (RegistryPermission)readPerm1.Intersect(readPerm2); if (readPerm3 != null && readPerm3.GetPathList(RegistryPermissionAccess.Read) != null) { Console.WriteLine("The intersection of \n" + readPerm1.GetPathList(RegistryPermissionAccess.Read) + " \nand " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " = \n\t" + ((RegistryPermission)readPerm3).GetPathList(RegistryPermissionAccess.Read).ToString()); } else { Console.WriteLine("The intersection of \n" + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " \nand " + readPerm2.GetPathList(RegistryPermissionAccess.Read) + " is null. "); } return returnValue; } //Copy creates and returns an identical copy of the current permission. private bool CopyDemo() { bool returnValue = true; readPerm4 = (RegistryPermission)readPerm1.Copy(); if (readPerm4 != null) { Console.WriteLine("Result of copy = " + readPerm4.ToString() + "\n"); } else { Console.WriteLine("Result of copy is null. \n"); } return returnValue; } // ToXml creates an XML encoding of the permission and its current state; FromXml // reconstructs a permission with the specified state from the XML encoding. private bool ToFromXmlDemo() { bool returnValue = true; readPerm2 = new RegistryPermission(PermissionState.None); readPerm2.FromXml(readPerm1.ToXml()); Console.WriteLine("Result of ToFromXml = " + readPerm2.ToString() + "\n"); return returnValue; } // AddPathList adds access for the specified registry variables to the existing state of the permission. // SetPathList sets new access for the specified registry variable names to the existing state of the permission. // GetPathList gets paths for all registry variables with the specified RegistryPermissionAccess. private bool SetGetPathListDemo() { try { Console.WriteLine("********************************************************\n"); RegistryPermission readPerm1; Console.WriteLine("Creating RegistryPermission with AllAccess rights for 'HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0'"); readPerm1 = new RegistryPermission(RegistryPermissionAccess.AllAccess, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"); Console.WriteLine("Adding 'HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION' to the write access list, " + "and \n 'HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\FloatingPointProcessor\\0' " + "to the read access list."); readPerm1.AddPathList(RegistryPermissionAccess.Write, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION"); readPerm1.AddPathList(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\FloatingPointProcessor\\0"); Console.WriteLine("Read access list before SetPathList = " + readPerm1.GetPathList(RegistryPermissionAccess.Read)); Console.WriteLine("Setting read access rights to \n'HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0'"); readPerm1.SetPathList(RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0"); Console.WriteLine("Read access list after SetPathList = \n" + readPerm1.GetPathList(RegistryPermissionAccess.Read)); Console.WriteLine("Write access = \n" + readPerm1.GetPathList(RegistryPermissionAccess.Write)); Console.WriteLine("Write access Registry variables = \n" + readPerm1.GetPathList(RegistryPermissionAccess.AllAccess)); } catch (ArgumentException e) { // RegistryPermissionAccess.AllAccess can not be used as a parameter for GetPathList. Console.WriteLine("An ArgumentException occured as a result of using AllAccess. " + "AllAccess cannot be used as a parameter in GetPathList because it represents more than one " + "type of registry variable access : \n" + e); } return true; } // Invoke all demos. public bool RunDemo() { bool ret = true; bool retTmp; // Call IsSubset demo. if (retTmp = IsSubsetOfDemo()) Console.Out.WriteLine("IsSubset demo completed successfully."); else Console.Out.WriteLine("IsSubset demo failed."); ret = retTmp && ret; // Call the Union demo. if (retTmp = UnionDemo()) Console.Out.WriteLine("Union demo completed successfully."); else Console.Out.WriteLine("Union demo failed."); ret = retTmp && ret; // Call the intersect demo. if (retTmp = IntersectDemo()) Console.Out.WriteLine("Intersect demo completed successfully."); else Console.Out.WriteLine("Intersect demo failed."); ret = retTmp && ret; // Call the Copy demo. if (retTmp = CopyDemo()) Console.Out.WriteLine("Copy demo completed successfully."); else Console.Out.WriteLine("Copy demo failed."); ret = retTmp && ret; // Call the ToFromXml demo. if (retTmp = ToFromXmlDemo()) Console.Out.WriteLine("ToFromXml demo completed successfully."); else Console.Out.WriteLine("ToFromXml demo failed."); ret = retTmp && ret; // Call the GetPathList demo. if (retTmp = SetGetPathListDemo()) Console.Out.WriteLine("SetGetPathList demo completed successfully."); else Console.Out.WriteLine("SetGetPathList demo failed."); ret = retTmp && ret; return (ret); } // Test harness. public static void Main(String[] args) { try { RegistryPermissionDemo democase = new RegistryPermissionDemo(); bool ret = democase.RunDemo(); if (ret) { Console.Out.WriteLine("The RegisterPermission demo completed successfully."); Console.Out.WriteLine("Press the Enter key to exit."); string consoleInput = Console.ReadLine(); System.Environment.ExitCode = 100; } else { Console.Out.WriteLine("The RegisterPermission demo failed"); Console.Out.WriteLine("Press the Enter key to exit."); string consoleInput = Console.ReadLine(); System.Environment.ExitCode = 101; } } catch (Exception e) { Console.Out.WriteLine("The RegisterPermission demo failed"); Console.WriteLine(e.ToString()); Console.Out.WriteLine("Press the Enter key to exit."); string consoleInput = Console.ReadLine(); System.Environment.ExitCode = 101; } } }
System.Security.CodeAccessPermission
System.Security.Permissions.RegistryPermission
プラットフォーム
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。
参照
- RegistryPermission クラスのページへのリンク