Sometimes it is convenient to make thread authenticated as another principle. For example, perhaps something should run temporarily w/administrative rights. This is especially useful if you do not want the issues of making a COM object or service(which are other ways to solve the problem).
Python, 41 lines
On windows, processes run with a specific security token. By default, threads use that token. You can however, attach another token to the thread rather easily, thanks to Mark Hammonds modules.
The to do this is with the win32 calls: LogonUser and ImpersonateLoggedOnUser. LogonUser gives you a handel which ImpersonateLoggedOnUser can then use to "become" the user. To do this the thread calling, LogonUser, needs SE_TCB_NAME, SE_CHANGE_NOTIFY_NAME, and SE_ASSIGNPRIMARYTOKEN_NAME privileges.