Ping a Specific Port

Question

Django Reinhardt

Asked: 2012-03-08 08:07:14 +0800 CST2012-03-08 08:07:14 +0800 CST 2012-03-08 08:07:14 +0800 CST

Will running this batch file cause permanent damage to a Windows 7 or Windows 2008 R2 installation?

772

The following "fix" is found on Microsoft's site under KB968003, but it's unclear which operating systems it's for.

The instructions call for you to run the following batch file:

@echo off

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f 
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f 
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f 
subinacl /subdirectories %SystemDrive% /grant=administrators=f 
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f 
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f 
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f 
subinacl /subdirectories %SystemDrive% /grant=system=f

@pause

But I've read that this was written for Windows XP, and that this script will cause permanent damage to Windows 2008 R2 or Windows 7.

Is there any truth to this? Or will it be OK?

2 Answers

Voted

newmanth · Answer 1 · 2012-03-08T08:24:51+08:00

Best Answer

newmanth

2012-03-08T08:24:51+08:002012-03-08T08:24:51+08:00

These registry keys are valid for both XP and Windows 7/2008. The commands simply modify the the registry to give administrators and system (a built-in account) full access to the respective keys. The script won't negatively affect your system.

If you're paranoid, you can back up your registry or create a system restore point before making the change. See http://support.microsoft.com/kb/322756 and http://windows.microsoft.com/en-US/windows7/Create-a-restore-point.

Normally, you should not be getting this error, so I would highly recommend trying to discover the root cause before deciding these changes are needed.

3

Glenn Sullivan · Answer 2 · 2012-03-08T08:24:05+08:00

Glenn Sullivan

2012-03-08T08:24:05+08:002012-03-08T08:24:05+08:00

No. This script will add an Access Control Entry for the entities specified (Administrators or System) to the locations specified (Registry keys or directories).

It is adding an ACE for "Full Control" which in most cases the specified accounts would already have.

I'm not saying that it will make your system more or less secure, because I would have to look at what the DEFAULT permissions for those locations are. It is possible that the script is adding permissions which are not necessary, which in general is not a great idea.

But granting extra Full Control permissions to the administrators group or system account would almost certainly not "cause permanent damage" to the system.

1

Will running this batch file cause permanent damage to a Windows 7 or Windows 2008 R2 installation?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?