Windows 2000 introduced the restricted token. A restricted token is typically assigned to a
child process so that it has more limited access than its parent. For example, an application
might derive a restricted token from the primary or impersonation token to run an
untrusted code module if inappropriate actions could be performed using the primary
tokens full privileges.
Restricted tokens are created by making any of the following changes to the original
access token: Removing privileges Applying the deny-only attribute to SIDs Adding a list of restricted SIDs
When a restricted process or thread tries to access a securable object, the system
performstwo access checks against the objects DACL: Compares the tokens enabled and deny-only SIDs Compares the list of restricted SIDs
Access is granted only if both access checks allow the requested access rights.
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment