* Noah Misch (noah@leadboat.com) wrote:
> Refer to a TOKEN_USER payload as a "token user," not as a "user token".
>
> This corrects messages for can't-happen errors. The corresponding "user
> token" appears in the HANDLE argument of GetTokenInformation().
I'm not at all convinced that this is an improvement. I understand that
it's a "can't happen" case, but we're calling out to a OS function and
as much as things "can't happen" they do, in fact, occationally happen,
and there's no such thing as a "token user" concept. There's an enum,
one value of which is "TokenUser" and that's what we're asking the OS to
provide us info about, but I'd argue that if we're going to refer to the
textual enum representation then we should spell it just exactly as the
enum has it.
If we don't want to use "TokenUser" then I'd suggest that "user token"
is a more accurate term to use, as we had before this change. There is
no such thing as a "token user", as far as I'm aware, in GSSAPI, SSPI,
or general access token lingo.
Thanks!
Stephen
