Registry Access Control Checks

A registry ACL is identified by the keyword registry_acl. The ACL name must be unique to be used with a registry permissions item. A registry ACL can contain one or multiple user entry.

Usage

<registry_acl: ["name"]>

<user: ["user_name"]>

acl_inheritance: ["value"]

acl_apply: ["value"]

(optional) acl_allow: ["rights value"]

(optional) acl_deny: ["rights value"]

</user>

</acl>

Syntax

Associated Types	Allowed Types
acl_inheritance	not inherited inherited not used
acl_apply	this key only this key and subkeys subkeys only
acl_allow acl_deny	These settings are optional and are used to define the rights a user has on the object. Generic rights: full control read Advanced rights: full control query value set value create subkey enumerate subkeys notify create link delete write dac write owner read control

Associated Types

Allowed Types

acl_inheritance

not inherited

inherited

not used

acl_apply

this key only

this key and subkeys

subkeys only

acl_allow

acl_deny

These settings are optional and are used to define the rights a user has on the object.

Generic rights:

full control
read

Advanced rights:

full control
query value
set value
create subkey
enumerate subkeys
notify
create link
delete
write dac
write owner
read control

Here is an example registry access control list .audit text:

<registry_acl: "SOFTWARE ACL">

<user: "Administrators">

acl_inheritance: "not inherited"

acl_apply: "This key and subkeys"

acl_allow: "Full Control"

</user>

<user: "CREATOR OWNER">

acl_inheritance: "not inherited"

acl_apply: "Subkeys only"

acl_allow: "Full Control"

</user>

<user: "SYSTEM">

acl_inheritance: "not inherited"

acl_apply: "This key and subkeys"

acl_allow: "Full Control"

</user>

<user: "Users">

acl_inheritance: "not inherited"

acl_apply: "This key and subkeys"

acl_allow: "Read"

</user>

</acl>