I’m surprised this is just being added. Cross session token impersonation was possible? What’s the rationale for that?
-
-
-
Well network authentication token's usually ended up in Session 0 so it'd allow you to impersonate yourself coming in from the network. But I suspect it's to head off more bugs like https://bugs.chromium.org/p/project-zero/issues/detail?id=1672 …
Kraj razgovora
Novi razgovor -
-
-
Good to know! but checks on Token AuthenticationID and Token OriginID are still ignored as far as I know
-
Yeah and I'd expect that to continue. Of course none of this applies if you have SeImpersonatePrivilege.
Kraj razgovora
Novi razgovor -
-
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.