From 81561a242f81f12b7e925491ab5494de4a13425f Mon Sep 17 00:00:00 2001 From: Quantum Date: Thu, 14 Jan 2021 20:53:45 -0500 Subject: [PATCH] [host] windows: remove ImpersonateLoggedOnUser call It shouldn't have any effect, since the host application is created with the token, and there is no need for the service itself to impersonate. In practice, removal doesn't appear to have any effect on the ability to capture privileged things like secure desktop. --- host/platform/Windows/src/service.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/host/platform/Windows/src/service.c b/host/platform/Windows/src/service.c index 1940ac5a..c0d74ac5 100644 --- a/host/platform/Windows/src/service.c +++ b/host/platform/Windows/src/service.c @@ -308,16 +308,6 @@ void Launch(void) goto fail_token; } - if (!enablePriv(SE_IMPERSONATE_NAME)) - goto fail_token; - - if (!ImpersonateLoggedOnUser(hToken)) - { - doLog("fail_tokened to impersonate\n"); - winerr(); - goto fail_token; - } - if (!enablePriv(SE_ASSIGNPRIMARYTOKEN_NAME)) goto fail_token;