哪些注册表项配置单元受到的限制较少 [英] Which Registry Key Hives Are Less Restricted

问题描述

我意识到，所有组织在访问目录和某些注册表项上的严格程度可能有所不同.

但是，对于哪些注册表项可以写入"有普遍共识?

到目前为止，我通常只与较小的公司打交道，而且我一直在写LOCAL_MACHINE配置单元.最近，我从我的IT部门的第一个大型企业"客户那里回来.已将LOCAL_MACHINE配置单元锁定. IT人士提到CURRENT_USER配置单元未锁定.

在大多数公司环境(假定安全性可能更严格)中，锁定LOCAL_MACHINE reg键是否很常见?

谢谢

Hi,

I realise that all organisations can be / are different in how restrictive they are in accesses directories and certain registry keys.

However is there a general consensus as to which registry keys are "OK" to write to?

I''ve generally just dealt with smaller companies until now and I''ve been writing to the LOCAL_MACHINE hive. Recently I''ve come back from my first larger "corporate" client whose IT dept. have locked the LOCAL_MACHINE hive down. The IT guy mentioned that the CURRENT_USER hive wasn''t lock.

Is it common to lock down the LOCAL_MACHINE reg keys in most corporate environments (where security is presumable tighter)?

Thanks

推荐答案

我不知道是否对此有一般规定，但您所描述的是我上一家公司采用的政策. HKLM密钥适用于计算机的所有用户，因此倾向于由IT部门控制. HKCU密钥仅适用于当前登录的用户，因此限制较少.该规则通常基于以下事实:如果您弄乱了HKCU中的密钥，它将(希望)不会影响可能需要在该单一系统上工作的任何其他人.

I don''t know if there is a general rule about this but what you describe is the policy adopted at my last company. The HKLM keys apply to all users of the computer, so tends to be controlled by the IT department. The HKCU keys apply only to the currently logged on user so are less restricted. This rule is usually based on the fact that if you mess up a key in HKCU it will (hopefully) not affect anyone else who may need to work on that single system.

这篇关于哪些注册表项配置单元受到的限制较少的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！