Menu
Is there a difference between Restricted Token and Filtered Token. From what I can see, they both seem synonymous, but the Windows Internals book has confused me a bit.
670
Microsoft appear to use "restricted token" and "filtered token" interchangeably at least some of the time, e.g., in the documentation for TOKEN_INFORMATION_CLASS:
TokenHasRestrictions
The buffer receives a DWORD value that is nonzero if the token has ever been filtered.
However, "filtered token" is most often used in the specific context of UAC, to describe the restricted token generated by UAC when an administrator logs on. For a restricted token generated in any other way, it is probably safer to stick to "restricted".
132
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
