Chapter 15. What Is Security Context?

To put it simply, a security context is a bit of cached data about a user, including her SID, group SIDs, privileges, and some other stuff that I'll cover in Item 16. One of the fundamental tenets of Windows security is that each process runs on behalf of a user, so each process has a security context associated with it, like a global variable controlled by the kernel. This allows the system to audit the actions taken by a process and make access control decisions when the process acquires resources.

To be more precise, a process is just a container, and it's really threads that do things, such as open resources. But unless you're impersonating (which I'll discuss in Item 31), all the threads in your process ...

Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.