The OpenThreadToken function opens the access token associated with a thread.
BOOL OpenThreadToken(
HANDLE ThreadHandle, |
// handle to thread |
DWORD DesiredAccess, |
// access to process |
BOOL OpenAsSelf, |
// flag for process or thread security |
PHANDLE TokenHandle |
// pointer to handle to open access token |
); |
Value |
Meaning |
TOKEN_ADJUST_DEFAULT |
Required to change the default ACL, primary group, or owner of an access token. |
TOKEN_ADJUST_GROUPS |
Required to change the groups specified in an access token. |
TOKEN_ADJUST_PRIVILEGES |
Required to change the privileges specified in an access token. |
TOKEN_ALL_ACCESS |
Combines the STANDARD_RIGHTS_REQUIRED standard access rights and all individual access rights for tokens. |
TOKEN_ASSIGN_PRIMARY |
Required to attach a primary token to a process in addition to the SE_CREATE_TOKEN_NAME privilege. |
TOKEN_DUPLICATE |
Required to duplicate an access token. |
TOKEN_EXECUTE |
Combines the STANDARD_RIGHTS_EXECUTE standard access rights and the TOKEN_IMPERSONATE access right. |
TOKEN_IMPERSONATE |
Required to attach an impersonation access token to a process. |
TOKEN_QUERY |
Required to query the contents of an access token. |
TOKEN_QUERY_SOURCE |
Required to query the source of an access token. |
TOKEN_READ |
Combines the STANDARD_RIGHTS_READ standard access rights and the TOKEN_QUERY access right. |
TOKEN_WRITE |
Combines the STANDARD_RIGHTS_WRITE standard access rights and the TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, and TOKEN_ADJUST_DEFAULT access rights. |
If this parameter is FALSE, the access check is performed using the security
context for the calling thread. If the thread is impersonating a client, this
security context can be that of a client process. If this parameter is TRUE,
the access check is made using the security context of the process for the
calling thread.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The OpenAsSelf parameter allows a server process to open the access token for a client process when the client process has specified the SecurityIdentification impersonation level for the SECURITY_IMPERSONATION_LEVEL enumerated type. Without this parameter, the calling process is not be able to open the client’s access token using the client’s security context, because it is impossible to open executive-level objects using the SecurityIdentification impersonation level.
AdjustTokenGroups, AdjustTokenPrivileges, GetTokenInformation, OpenProcessToken, SetThreadToken, SetTokenInformation
file: /Techref/os/win/api/win32/func/src/f66_11.htm, 7KB, , updated: 2000/4/7 11:19, local time: 2024/11/4 22:41,
13.59.232.9:LOG IN ©2024 PLEASE DON'T RIP! THIS SITE CLOSES OCT 28, 2024 SO LONG AND THANKS FOR ALL THE FISH!
|
©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions? <A HREF="http://linistepper.com/techref/os/win/api/win32/func/src/f66_11.htm"> OpenThreadToken</A> |
Did you find what you needed? |