EventLogPermissionAttribute PermissionAccess property setting acce

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

The PermissionaAccess property is set using the EventLogPermissionAccess
enumeration value Audit, Browse, Instrument, and None. The problem I have is
the controlling powers want to only allow write access. The have a problem
with users having read access to the application's log.

I kmow this is silly, is there away to only have write access?
 
Hi

So far in .NET 1.1, we only have the four below
Audit The EventLog can read existing logs, delete event sources or logs,
respond to entries, clear an event log, listen to events, and access a
collection of all event logs. 10
Browse The EventLog can read existing logs. 2
Instrument The EventLog can read or write to existing logs, and create
event sources and logs. 6
None The EventLog has no permissions. 0


http://msdn2.microsoft.com/en-us/library/w0he4hbe
The Write permission will be added into .NET 2.0(Whidbey).
Member name Description
Administer The EventLog can create an event source, read existing logs,
delete event sources or logs, respond to entries, clear an event log,
listen to events, and access a collection of all event logs.
Audit The EventLog can read existing logs, delete event sources or logs,
respond to entries, clear an event log, listen to events, and access a
collection of all event logs.
Browse The EventLog can read existing logs.
Instrument The EventLog can read or write to existing logs, and create
event sources and logs.
None The EventLog has no permissions.
Write The EventLog can write to existing logs, and create event sources and
logs.


Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
EventLogPermission is a CAS (code access security) permission, and it only
controls what managed code can do, not what users can do. Limiting the
event log permissions of your application will not have any effect on what
users can do with the event log via other applications (such as the Windows
event log viewer). If you want to truly prevent users from viewing your
event log, you'll need to ensure that the users are not granted read
permission on the log. This can be done by setting the permissions on the
subkey of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
key that corresponds to the target log or, on Windows 2003, by setting the
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\<log
name>\CustomSD value (see
http://msdn.microsoft.com/library/en-us/dncode/html/secure06122003.asp for
details).
 
Back
Top