mirror of
https://github.com/reactos/reactos.git
synced 2024-12-29 10:35:28 +00:00
bee9b2fcc6
LSASS implements a default ACL inside the token structure field but it doesn't actually set a protective security descriptor for the token object itself. This happens so that the kernel gets whatever default ACLs it finds for the object which is incorrect. SYSTEM has full and supreme control over tokens, administrators can only read the token as such. The logged in user of their own token has full access. Credits and courtesy goes to Thomas Faber for the patch. |
||
---|---|---|
.. | ||
lang | ||
authpackage.c | ||
authport.c | ||
CMakeLists.txt | ||
database.c | ||
dssetup.c | ||
lookup.c | ||
lsarpc.c | ||
lsasrv.c | ||
lsasrv.h | ||
lsasrv.rc | ||
lsasrv.spec | ||
notify.c | ||
policy.c | ||
privileges.c | ||
registry.c | ||
resources.h | ||
security.c | ||
service.c | ||
session.c | ||
srm.c | ||
utils.c |