Why a thread impersonated to user has different permissions than the process running as the same user?

-1

I have an Windows application running in user session but application works with SYSTEM user rights.

Specifically application does this:

  1. Get a windows user token

  2. Impersonate on this user (ImpersonateLoggedOnUser or create new thread and SetThreadToken)

  3. Call to Windows Automation API (ElementFromIAccessible)

Application works on Windows 10, but on Windows 7 automation API returns error 0x80070005 (access denied).

Which is incomprehensible to me:

if I take token from 1. and create new proces as this user (by CreateProcessAsUser) then new process can use automation API without problems.

So questions:

  1. What is the difference in permissions between a thread impersonated to user and a process running as this same user ?

  2. What permissions can cause automation API error ?

c++
winapi
ui-automation
windows-security
asked on Stack Overflow Apr 28, 2019 by Green

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0