Holy cow, I wrote a book!
Sometimes people ask for features that are such blatant security
holes I don't know what they were thinking.
Is there a way to get the current user's password?
I have a program that does some stuff, then reboots the system,
and I want to have the current user's password so I can log
that user back in when I'm done, then my program can resume
(Sometimes they don't bother explaining why they need the user's
they just ask for it.)
Imagine the fantastic security hole if this were possible.
Anybody could write a program that steals your password
without even having to trick you into typing it.
They would just call the imaginary
GetPasswordOfCurrentUser function and bingo!
they have your password.
For another angle on credential-stealing, read
why delegation doesn't work over the network.
Even if you didn't want the password itself but merely some
sort of "cookie" that could be used to log the user
on later, you still have a security hole.
Let's call this imaginary function
it returns a "cookie" that can be used to log the user on
instead of using their password.
This is just a thinly-disguised GetPasswordOfCurrentUser
because that "cookie" is equivalent to a password.
Log on with the cookie and you are now that person.