Reputation: 61388
Is Windows process a security principal distinct from its user?
The Microsoft doc page at https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-principals says:
A security principal is any entity that can be authenticated by the operating system, such as a user account, a computer account, or a thread or process that runs in the security context of a user or computer account, or the security groups for these accounts.
Is a process indeed a security principal distinct from the user it runs as? If so, how does one get the process' SID?
The reason I'm wondering, it used to be that there were only two security authorities (i. e. principal containers) in Windows - the local SAM, and the domain. But these days there is more. IIS app pools, for example, or services - all security principals under their respective authorities. Who knows, maybe processes have one too.
Upvotes: 1
Views: 118
Answers (0)
Related Questions
- Create Windows service from executable
- Really killing a process in Windows
- Is there a command to refresh environment variables from the command prompt in Windows?
- Run cURL commands from Windows console
- How do I get the application exit code from a Windows command line?
- Is there a human-readable Windows user account ID that maps 1:1 with SID?
- The difference between the 'Local System' account and the 'Network Service' account?