In a discussion forum I had a small argument about whether the ASPNET account can read the registry or not. Frans Bouma is pretty convinced it's not, while I believe the opposite is true. While people at Microsoft confirm my theory, I decided to code a litte C# (please allow for the sloppy coding) to prove it.

<script language="C#" runat="server">
void Page_Load(Object sender, EventArgs e)
{
   Response.Write("<b>Current Account: ");
   Response.Write(System.Security.Principal.WindowsIdentity.GetCurrent().Name);
   Response.Write("</b><br>");
   string uninstallKey = @"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall";
   using (Microsoft.Win32.RegistryKey rk = Microsoft.Win32.Registry.LocalMachine.OpenSubKey(uninstallKey))
   {
      foreach (string skName in rk.GetSubKeyNames())
      {
         using (Microsoft.Win32.RegistryKey sk = rk.OpenSubKey(skName))
         {
  Response.Write(sk.GetValue("DisplayName"));
  Response.Write("<br>");           
         }
      }
   }
}
</script>

First we see under what account the script is actually run, to make sure that it's not through impersonation that we run it. Then we loop through the UnInstall key somewhere in the HKEY_LOCAL_MACHINE to find out what applications are installed (more accurately, what applications can be uninstalled, that is not always the same thing :-(  ).

I tried running this script on my server which I believe was installed pretty default (urlscan and firewall included). The code worked as I expected and showed me a list of applications. So where did the notion come about that the ASPNET account cannot read the registry?