is there difference between restricted token , filtered token. can see, both seem synonymous, windows internals book has confused me bit.
microsoft appear use "restricted token" , "filtered token" interchangeably @ least of time, e.g., in documentation token_information_class:
tokenhasrestrictions
the buffer receives dword value nonzero if token has ever been filtered.
however, "filtered token" used in specific context of uac, describe restricted token generated uac when administrator logs on. restricted token generated in other way, safer stick "restricted".
Comments
Post a Comment