Let's have a look at Windows 2000/XP ACL inheritance oddities : 1/ Create a new file named "test.txt" 2/ Break ACL inheritance and apply custom ACL 3/ Rename "test.txt" to "othertest.txt" 4/ Check that ACL has not changed
Now : 1/ Use REGEDIT and create a new key (in HKCU for example) named "key" 2/ Break ACL inheritance and apply custom ACL 3/ Rename "key" to "newkey" 4/ ACL has been reseted and is now inherited from parent !
It looks like the "rename" paradigm does not make sense for registry keys and REGEDIT has to create a new key, copy values, and delete the old key.
Bug or feature ?
Regards, - Nicolas RUFF ----------------------------------- Security Consultant EdelWeb (http://www.edelweb.fr/) Mail : nicolas.ruff@edelweb.fr -----------------------------------
