删除“受信任的安装程序”文件和文件夹的最安全方法是什么?Win7

tag-icon tag-icon windows-7 windows
删除“受信任的安装程序”文件和文件夹的最安全方法是什么?Win7

有许多关于浪费权限、接管权限甚至删除“受信任的安装程序”权限的教程,大多数教程可能会产生严重后果。

如果某人想删除当前由“受信任的安装程序”拥有的单个文件或文件夹项目。同时,该人除了删除该项目外,不想做任何更改。

如果有人想通过 1 次点击而不是 10 次点击完成此操作。这是在操作系统的 GUI 中完成的,而不是命令提示符,如果此人是管理员。启动到 Unix/linux 操作系统不是 1 次点击 :-) 场景中不存在 Linux 操作系统。

您发现删除“受信任的安装程序”许可项目的最快方法是什么,而无需进行超出此范围的更改,并且会产生除删除该项目之外的其他后果?

可以理解的是,移除物品本身并不被视为“安全”,或者移除物品不会产生任何后果。这不是问题所在。

供参考和测试的示例项:此文件夹C:\Windows\System32\zh-CN

答案1

我找到了一个可以安装的自定义“取得所有权”。这适用于 XP,但也适用于 W7。您可以在应用此更改之前设置手动还原点。

上下文菜单条目“取得所有权”实际上是三个单独的命令。它首先使用 cmd.exe 打开命令提示符窗口,然后运行 ​​takeown.exe 来取得您单击的项目的所有权,如果是文件夹,则还取得文件和子文件夹的所有权。如果成功(并且只有在成功的情况下),它会运行 icacls.exe 以授予管理员组完全控制权限,如果是文件夹,也会递归执行。如果 takeown.exe 失败,您不想运行 icacls.exe,因为它也可能会失败,但在极少数情况下,即使 takeown.exe 成功,也可能会返回错误,因此 icacls.exe 永远不会运行,因此权限永远不会应用。此外,它的配置方式取决于系统 PATH 变量,以便能够找到 cmd.exe、takeown.exe 和 icacls.exe,如果找不到其中任何一个,它将失败,但用户可能没有任何迹象表明它没有工作。并且 takeown 或 icacls 上未指定 .exe 扩展名,因此恶意软件可以轻松地用位于路径上较早找到的另一个文件夹中的批处理脚本文件替换这些命令,并且可以诱骗用户在 UAC 提示上单击“确定”,这样就会运行恶意软件,而不是他们认为正在运行的“获取所有权”选项。

我发现了更好的版本 2,它使用 Systemroot 变量指定文件的完整路径,并使用包括扩展名在内的完整文件名。

打开一个空文本文件并将下面的文本复制到其中,然后保存,然后将文件扩展名更改为.reg,然后右键单击它并选择合并。

Windows 注册表编辑器版本 5.00

[HKEY_CLASSES_ROOT*\shell\runas\command] @=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 63,00,6d,00,64,00,2e,00,65,00,78,00,65,00,20,00,2f,00,63,00,25,00,53,00,79,\ 00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,\ 73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,20,00,74,00,61,00,6b,00,65,00,6f,\ 00,77,00,6e,00,2e,00,65,00,78,00,65,00,20,00,2f,00,66,00,20,00,22,00,25,00,\ 31,00,22,00,20,00,26,00,26,00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,\ 00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,\ 33,00,32,00,5c,00,69,00,63,00,61,00,63,00,6c,00,73,00,2e,00,65,00,78,00,65,\ 00,20,00,22,00,25,00,31,00,22,00,20,00,2f,00,67,00,72,00,61,00,6e,00,74,00,\ 20,00,61,00,64,00,6d,00,69,00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,\ 00,72,00,73,00,3a,00,46,00,00,00

"IsolatedCommand"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 63,00,6d,00,64,00,2e,00,65,00,78,00,65,00,20,00,2f,00,63,00,25,00,53,00,79,\ 00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,\ 73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,20,00,74,00,61,00,6b,00,65,00,6f,\ 00,77,00,6e,00,2e,00,65,00,78,00,65,00,20,00,2f,00,66,00,20,00,22,00,25,00,\ 31,00,22,00,20,00,26,00,26,00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,\ 00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,\ 33,00,32,00,5c,00,69,00,63,00,61,00,63,00,6c,00,73,00,2e,00,65,00,78,00,65,\ 00,20,00,22,00,25,00,31,00,22,00,20,00,2f,00,67,00,72,00,61,00,6e,00,74,00,\ 20,00,61,00,64,00,6d,00,69,00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,\ 00,72,00,73,00,3a,00,46,00,00,00

[HKEY_CLASSES_ROOT\Directory\shell\runas\命令] @=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 63,00,6d,00,64,00,2e,00,65,00,78,00,65,00,20,00,2f,00,63,00,20,00,25,00,53,\ 00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,\ 79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,74,00,61,00,6b,00,65,00,6f,\ 00,77,00,6e,00,2e,00,65,00,78,00,65,00,20,00,2f,00,66,00,20,00,22,00,25,00,\ 31,00,22,00,20,00,2f,00,72,00,20,00,2f,00,64,00,20,00,79,00,20,00,26,00,26,\ 00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,\ 25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,00,63,\ 00,61,00,63,00,6c,00,73,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,00,31,00,\ 22,00,20,00,2f,00,67,00,72,00,61,00,6e,00,74,00,20,00,61,00,64,00,6d,00,69,\ 00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,00,72,00,73,00,3a,00,46,00,\ 20,00,2f,00,74,00,00,00

"IsolatedCommand"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 63,00,6d,00,64,00,2e,00,65,00,78,00,65,00,20,00,2f,00,63,00,20,00,25,00,53,\ 00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,\ 79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,74,00,61,00,6b,00,65,00,6f,\ 00,77,00,6e,00,2e,00,65,00,78,00,65,00,20,00,2f,00,66,00,20,00,22,00,25,00,\ 31,00,22,00,20,00,2f,00,72,00,20,00,2f,00,64,00,20,00,79,00,20,00,26,00,26,\ 00,20,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,\ 25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,00,63,\ 00,61,00,63,00,6c,00,73,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,00,31,00,\ 22,00,20,00,2f,00,67,00,72,00,61,00,6e,00,74,00,20,00,61,00,64,00,6d,00,69,\ 00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,00,72,00,73,00,3a,00,46,00,\ 20,00,2f,00,74,00,00,00

信息来源

答案2

晚了几年,但这是一个 Take Ownership 命令的工作示例,其中包括多语言安全知名 SID管理员组的 (S-1-5-32-544) 以防止 icacls 命令在非英语区域设置中失败。

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\runas]
@="Take Ownership"
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\*\shell\runas\command]
@="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant *S-1-5-32-544:F"
"IsolatedCommand"="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant *S-1-5-32-544:F"

[HKEY_CLASSES_ROOT\Directory\shell\runas]
@="Take Ownership"
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\Directory\shell\runas\command]
@="cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant *S-1-5-32-544:F /t"
"IsolatedCommand"="cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant *S-1-5-32-544:F /t"

相关内容