Paul Schmehl wrote in news:[EMAIL PROTECTED]
Oh, alright, just one more, then I'll leave it until I've finished my essay. > The spyware has to bring the credentials with it. The user doesn't *have* > the credentials. It *gets* them from the process in question. That's a > bit different. The user has the right to impersonate within the context > of a process. The process must already have the credentials to elevate, > or the user gets nothing (if I'm understanding impersonation correctly.) You aren't, sorry! This is in fact almost exactly back-to-front: the user *does* have credentials, and processes inherit their credentials from the user who launches the process. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/