Allows programs running on behalf of a user to impersonate a client. Requiring this privilege prevents an unauthorized user from convincing a client to connect to a service they have created and impersonating that client, which can elevate the unauthorized user’s permissions to administrative or system levels. Note that assigning this privilege can be a security risk, so only assign it to trusted users.
Q]Can someone be able to provide a better explanation for the above or an example how programs running on behalf of a user can impersonate a client?
2] Adjust Memory Quotas For A Process:
Allows a process that has access to a second process to increase the processor quota assigned to the second process. This privilege is useful for system tuning, but it can be abused. In the wrong hands, it could be used to launch a denial-of-service attack.
Q] If you look closely in the explanation, it says *Processor Quota*, but the Privilege itself says Memory Quotas. Am I missing something here?
can someone be able to provide scenarios of how this Privilege can be used to launch DOS?