[krbdev.mit.edu #5871] KFW: CCAPI: Logon Session as cache index: poor elevated-user experience
Kevin Koch via RT
rt at krbdev.mit.edu
Thu Mar 13 10:01:02 EDT 2008
I've updated the subject since the design issue is not Vista-UAC-
specific.
A single system-wide ccache isn't going to solve the problem if it is
indexed by logon session id (LSID).
The real problem is the use of LSID, which is different between the
user's logon session and an elevated process spawned by the session.
What identifier can be used that will be the same for the logon session
and an elevated process it spawns?
Should this discussion continue on krbdev?
More information about the kfwdev
mailing list