It is well known that any process can obtain an anonymous token with untrusted integrity and no group membership. But I never saw people mentioning that you can also upgrade it to a LowBox low-integrity token that is still suitable for impersonation.
-
-
Okay, you get an additional access check against ALL APPLICATION PACKAGES, but it's not that you can get past DACLs anyway. ExIsRestrictedCaller & Co will treat you a similar way too. So you mostly get low integrity for free.
-
AC tokens bypass IL so I could see it being useful if a resource grants AN user + All AC write access, but for some reason doesn't do that for Everyone or set an IL label. Never seen such a resource but it's possible to configure one.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.