Impersonation limitations?

[kernel]

Are there any constraints to who is impersonated? If some application gets
authenticated by a PSI web server can it impersonate anyone?

 

[Guest]

Hello kernel,

Only if the application has or can acquire "anyone's" credentials.

First the impersonating application has to be authenticated (you
remembered to validate them right?), then the credentials it is
passing for authentication have to validated.

Bob Segrest