From: Corinna Vinschen on 25 Feb 2010 14:47 Stefan Kuhr wrote: > Hi Corinna, > > On 2/25/2010 3:38 PM, Corinna Vinschen wrote: >> <snip> >> In Kerem's case I'm not sure. I never checked in the inverse case >> - calling TokenLinkedToken on the elevated token - and without TCB >> privileges, if the linked token is an impersonation token for which >> DuplicateTokenEx(PrimaryToken) fails. I made the suggestion >> nevertheless, because it can be very easily tested. >> > > > Were you thinking about something like the following code? When run > under an elevated token, CPAU fails with 1314 (Privilige not held) and > the linked token is an impersonation token, duplicating it to a primary > token fails with 1346 (bad impersonation level): Yes, exactly. So this is not usable in Kerem's scenario. Too bad. Corinna -- Corinna Vinschen Cygwin Project Co-Leader Red Hat |