Trusted APIs

In addition to the OEM functions, the CeGetCurrentTrust and CeGetCallerTrust APIs enable a DLL to query the trust level of a calling application. You can use these functions to verify the trust levels of the applications.

The following table shows the application programming interfaces (APIs) that can be called only by trusted applications:

API API
AllocPhysMem ReadRegistryFromOEM
CeSetThreadPriority RegCopyFile
CeSetThreadQuantum RegReplaceKey
CheckPassword RegRestoreFile
ContinueDebugEvent RegSaveKey
CryptUnprotectData SetCleanRebootFlag
DebugActiveProcess SetCurrentUser
ForcePageout SetInterruptEvent
FreeIntChainHandler SetKMode
FreePhysMem SetPassword
InterruptDisable SetPasswordStatus
InterruptDone SetProcPermissions
InterruptInitialize SetSystemMemoryDivision
KernelLibIoControl SetUserData
LoadDriver UnlockPages
LoadIntChainHandler VirtualCopy
LoadKernelLibrary VirtualSetPageFlags
LockPages WaitForDebugEvent
PowerOffSystem WriteProcessMemory
ReadProcessMemory WriteRegistryToOEM

The following table shows file-based APIs that are influenced by the SYSTEM attribute that can be set on a file.

API API
CreateFile CreateFileForMapping
CopyFile DeleteFile
DeleteAndRenameFile MoveFile
RemoveDirectory SetFileAttributes

For more information, see File System Security.

The following table shows database APIs that are influenced by the SYSTEM attribute that can be set on a database.

API API
CeMountDBVol CeCreateDatabaseEx2
CeOpenDatabaseEx2 CeDeleteDatabaseEx
CeSetDatabaseInfoEx2  

For more information, see Database Security.

In addition, the debug flags DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS of the CreateProcess API are restricted. If these flags are used by a non-trusted application, the identified process will still launch but no debugging will occur.

Debug flags, DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS, in the CreateProcess API are restricted as well.

The secure registry architecture in Windows CE allows only trusted applications that you have identified to modify keys and values in protected portions of the registry.

Because most of the registry is unprotected, OEMs must place all important registry information in one of the protected keys.

**Note   **All applications have read-only access to all registry keys and values.

In Windows CE .NET, the following registry root keys and their subkeys are protected from untrusted applications:

  • HKEY_LOCAL_MACHINE\Comm
  • HKEY_LOCAL_MACHINE\Drivers
  • HKEY_LOCAL_MACHINE\HARDWARE
  • HKEY_LOCAL_MACHINE\Init
  • HKEY_LOCAL_MACHINE\Services
  • HKEY_LOCAL_MACHINE\SYSTEM
  • HKEY_LOCAL_MACHINE\WDMDrivers

Untrusted applications are also not allowed to modify protected data. They receive the ERROR_ACCESS_DENIED return value if they attempt to use the following registry functions:

  • RegSetValueEx
  • RegCreateKeyEx
  • RegDeleteKey
  • RegDeleteValue

See Also

Protected Registry Keys and Values | Database Security | Core OS Interface

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.