Disabling Task manager using c# in OS Hardened machine

I am using the below code to disable the task manager for a kiosk application which works perfectly

    public void DisableTaskManager()
    {
        RegistryKey regkey;
        string keyValueInt = "1";
        string subKey = "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";

        try
        {
            regkey = Registry.CurrentUser.CreateSubKey(subKey);
            regkey.SetValue("DisableTaskMgr", keyValueInt);
            regkey.Close();
        }
        catch (Exception ex)
        {
            MessageBox.Show("DisableTaskManager" + ex.ToString());
        }
    }

But when i run this in OS hardened machine i get the following error,

DisableTaskManagerSystem.UnauthorizedAccessException: 
Access to the registry key 'HKey_Current_User\Software\Mictrosoft\Windows\CurrentVersion\Policies\System' is denied.
at Microsoft.win32.RegistryKey.win32Error(int32 errorcode, String str)

How can i overcome this ? I need to do thi开发者_StackOverflow社区s for a Kiosk application.

take a look at this, im not yet a good enough C# Developer to comment but i know that during my work with other developers they came accross the UAC In windows 7, If thats what were talking about here.

http://www.aneef.net/2009/06/29/request-uac-elevation-for-net-application-managed-code/

Well the guy that set up that machine basically asked the reverse... "How do I prevent a non-administrator from messing with group policy". So rather engaging in a group policy arms race, you can either do it at install time when running as an admin, or just skip that part of the code when not running as a user that has permission to do so.

Don't have your application disable task manager but instead use a windows service or scheduled task. Your application is going to run in the context of the current user and won't have rights to the registry key. Instead you can create either a windows service or a scheduled task which can run as a user with higher privileges and can write to the registry.

With a windows service you can communicate it through any IPC mechanism such as custom service messages, Sockets, .NET Remoting, WCF, or whatever, to tell it to turn task manager on/off.

the code requires an elevated privilege to access registry. However there is just a fragment of code that requires these extra permission. To handle such scenarios impersonation is used i.e. you will execute this application as normal user only but that particular piece of code will be executed as if you were an Administrator.

http://msdn.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx