[cvsnt-dev] Re: NtCreateToken & SeImpersonatePrivilege
Tony Hoyle
tmh at nodomain.org
Fri May 21 22:38:09 BST 2004
KJK::Hyperion wrote:
>
> hmmm:
>
> D:\Documents and Settings\Administrator>privcheck | findstr /I impersonate
> SeImpersonatePrivilege *
>
> This on a Windows 2000 Service Pack 4
It could just be hardcoded into privcheck (no reference to this in google so I
can't try it myself.. a homegrown app???). Even if such a privilege exists in
Win2kSP4 (but not in XP??? that *would* be odd) it never actually did anything
until Win2k3 started enforcing it.
See
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure03132003.asp
and
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure03132003.asp
for some disussion of the changes in 2003.
And for the create token issue (no official microsoft stuff but then they
never officially acknowledged the existence of the function anyway):
http://groups.google.com/groups?selm=g6ppev8pvl1q2e95c4ma7sgaabrr52n6ov%404ax.com
Tony
--
Te audire no possum. Musa sapientum fixa est in aure.
Tony Hoyle <tmh at nodomain.org> Key ID: 104D/4F4B6917 2003-09-13
Fingerprint: 063C AFB4 3026 F724 0AA2 02B8 E547 470E 4F4B 6917
More information about the cvsnt-dev
mailing list