Message393119
> The whoami process check output shows that my account is in
> BUILTIN\Administrators, which proves that the account I am
> logged in as local Administrator permissions.
Please show the output when whoami.exe is spawned from Python. I never questioned whether your account is in the administrators group. I need to know exactly how the group is flagged and/or enabled in the security context of the Python process. For example, a UAC limited logon will include the group with a flag that enables it only for access-denied entries in an object's discretionary access control list (DACL):
Group Name: BUILTIN\Administrators
Type: Alias
SID: S-1-5-32-544
Attributes: Group used for deny only
For the group to apply to access-allowed entries in a DACL, it must be enabled as follows:
Group Name: BUILTIN\Administrators
Type: Alias
SID: S-1-5-32-544
Attributes: Mandatory group, Enabled by default, Enabled group, Group owner |
|
Date |
User |
Action |
Args |
2021-05-06 17:52:16 | eryksun | set | recipients:
+ eryksun, WildCard65, shreyanavigyan, paulenet |
2021-05-06 17:52:16 | eryksun | set | messageid: <1620323536.38.0.624103597156.issue44046@roundup.psfhosted.org> |
2021-05-06 17:52:16 | eryksun | link | issue44046 messages |
2021-05-06 17:52:16 | eryksun | create | |
|