[PATCH 0/1] MR6602: win32u: Always launch explorer for the desktop with a default token.

1 Oct 2024


      Testing on Windows shows that the owner of GetDesktopWindow() always has a default admin token with `TokenElevationTypeDefault`, no matter the token of the process/thread that is responsible for creating it.
We've had issues in this area in the past - 99e2fad1 was a case where it was important that explorer not inherit the token of the *process* spawning it, but instead the token of the *thread*. This patch keeps that app working, since now explorer will get a default token regardless.
In addition to the privilege issues from 99e2fad1, it is a relatively common pattern to duplicate the token of the owner of GetDesktopWindow to acquire a default token.
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/6602

2025

2024

2023

2022

[PATCH 0/1] MR6602: win32u: Always launch explorer for the desktop with a default token.