I have an Windows application running in user session but application works with SYSTEM user rights.
Specifically application does this:
Get a windows user token
Impersonate on this user (ImpersonateLoggedOnUser
or create new thread and SetThreadToken
)
Call to Windows Automation API (ElementFromIAccessible
)
Application works on Windows 10, but on Windows 7 automation API returns error 0x80070005 (access denied).
Which is incomprehensible to me:
if I take token from 1. and create new proces as this user (by CreateProcessAsUser
) then new process can use automation API without problems.
So questions:
What is the difference in permissions between a thread impersonated to user and a process running as this same user ?
What permissions can cause automation API error ?
User contributions licensed under CC BY-SA 3.0