Is it fatal if RevertToSelf() after ImpersonateSelf() fails?
MSDN says that if RevertToSelf() fails the program should terminate immediately, because otherwise it continues to run in the name of the client being impersonated and that is inappropriate. Now suppose I do
ImpersonateSelf( SecurityImpersonation );
and the call succeeds, then I call RevertToSelf()
and the latter fails. The thread continues to run with the privileges of the current process. It it fatally bad too?
I like your question, and MSDN is not clear about it.
I looked at Programming Windows Security (Keith Brown) pages 112 to 117. ImpersonateSelf
does all the work you could do yourself by calling
While RevertToSelf
is merely a call to
SetThreadToken(0,0)
Passing two null parameters instruct the method to revert to the previous token. You don't have to deal with impersonation vs. primary tokens and token access rights. The call will always succeed.
And if you look at RpcRevertToSelf
function's error codes, you see that RPC related codes aside, the only failure mode is if you are not impersonating.
I say it is safe to assume RevertToSelf
(called from the same thread as ImpersonateSelf) will always succeed.
上一篇: 哪个是创建XSL文件的最佳工具?