mirror of
https://github.com/reactos/reactos.git
synced 2024-12-29 10:35:28 +00:00
59e74584ac
- Refactor most of the code, since there's quite some stuff that don't make much sense. For instance ImpersonationLevel is basically the requested impersonation level a server asks for. PsImpersonateClient doesn't explicitly say that SecurityAnonymous and SecurityIdentification are not allowed. If the server was to give such levels it simply means it doesn't want to impersonate the client. Another thing that doesn't make much sense is that we check if the client is associated with an anonymous token, then avoid impersonating regular anonymous tokens that weren't created by the system. Only system can create such tokens and an anonymous token basically means a token with hidden security info. - Check that the server is within the same client logon session. - If the server is granted the SeImpersonatePrivilege privilege, allow impersonation regardless of the conditions we want to check for. - Update the documentation and code comments. |
||
---|---|---|
.. | ||
access.c | ||
accesschk.c | ||
acl.c | ||
audit.c | ||
client.c | ||
debug.c | ||
objtype.c | ||
priv.c | ||
sd.c | ||
semgr.c | ||
sid.c | ||
sqos.c | ||
srm.c | ||
subject.c | ||
token.c | ||
tokenadj.c | ||
tokencls.c | ||
tokenlif.c |