I have a Windows service that uses ImpersonateLoggedOnUser in order to drop the system permissions and run another application using the current users rights.
If the call to ImpersonateLoggedOnUser fails, an application executed by the service is going to 开发者_高级运维have to have system rights by design, which is not good. I fixed this by checking the return value.
Now I try to determine if it is possible to make that function call fail.
Is there any case where this might happen, without modifying the application and without administrator rights? (and without the fix, of course)
If yes, how?
HANDLE hToken;
OpenProcessToken( hProcess, MAXIMUM_ALLOWED, &hToken );
ImpersonateLoggedOnUser( hToken );
[...]
Thanks!
ImpersonateLoggedOnUser will fail if you don't have the impersonate privilege or if the handle in question is invalid.
I'm not sure if there are other failure modes for the API.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论