Prev: Coding help for loading custom icons into toolbar
Next: Interesting CreateEvent issue
From: Corinna Vinschen on 25 Feb 2010 14:47
Stefan Kuhr wrote:
> Hi Corinna,
>
> On 2/25/2010 3:38 PM, Corinna Vinschen wrote:
>> <snip>
>> In Kerem's case I'm not sure. I never checked in the inverse case
>> - calling TokenLinkedToken on the elevated token - and without TCB
>> privileges, if the linked token is an impersonation token for which
>> DuplicateTokenEx(PrimaryToken) fails. I made the suggestion
>> nevertheless, because it can be very easily tested.
>>
>
>
> Were you thinking about something like the following code? When run
> under an elevated token, CPAU fails with 1314 (Privilige not held) and
> the linked token is an impersonation token, duplicating it to a primary
> token fails with 1346 (bad impersonation level):

Yes, exactly. So this is not usable in Kerem's scenario. Too bad.


Corinna

--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
First  |  Prev  | 
Pages: 1 2 3 4
Prev: Coding help for loading custom icons into toolbar
Next: Interesting CreateEvent issue