In Windows 2000, if you modify a key or subkey in the registry that key or subkey stays expanded. So if you were...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to revisit the registry to perform some other job, the previous key or subkey would still be open. Some users could find this nothing more than an annoyance, because they then have to now "close off" the previous key. But it's more than an annoyance; there is also a security risk to worry about.
Let's say that you have an administrator account and password to access a dedicated workstation located in another department, and that your company policy states that you must give this account and password to senior personnel of that department. To try to keep that password secure, let's say that you hide the diskette and/or CDROM drive to prevent anyone from installing illegal software on this workstation. If someone were to acquire the admin account and password and were to invoke regedit the previous key would be displayed thereby exposing the key that you worked on to hide the drives.
Disabling write permissions for the LastKey subkey can prevent the previous key from being displayed. Here's how: (NOTE: make sure you have backed up the registry in case you make a mistake.)
- Load Regedit32
- Go to HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionAppletsRegedit
- Double-Click LastKey value. Then delete the entry in the string box. Thereby creating an empty string. Click OK.
- Repeat Step 1.
- Go to Security, and then select Permissions.
- Click Advanced to open the Access Control Settings dialog Box. Select the admin account, and then click View/Edit. Select Deny beside. Set Value and then click OK.
- Ensure that the option Reset Permissions On All Child Objects (Located In the Access Control Settings For Regedit) is NOT Selected.
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.