8/28/2008 The following API functions can be called only by privileged applications.
The following table shows file-based API functions that are influenced by the SYSTEM attribute that can be set on a file.
In addition, the debug flags DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS of the CreateProcess API are restricted. If these flags are used by a non-privileged application, the identified process will still launch but no debugging will occur.
Debug flags, DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS, in the CreateProcess API are restricted as well.
Because most of the registry is unprotected, original equipment manufacturers must place all-important registry information in one of the protected keys.
.gif) Note: |
|---|
| All applications have read-only access to all registry keys and values. |
In Windows Mobile powered devices, the following registry root keys and their subkeys are protected from normal applications:
- HKEY_LOCAL_MACHINE\Comm
- HKEY_LOCAL_MACHINE\Drivers
- HKEY_LOCAL_MACHINE\HARDWARE
- HKEY_LOCAL_MACHINE\Init
- HKEY_LOCAL_MACHINE\Services
- HKEY_LOCAL_MACHINE\SYSTEM
- HKEY_LOCAL_MACHINE\WDMDrivers
- HKEY_LOCAL_MACHINE\Security
- HKEY_CURRENT_USER\Security
- HKEY_LOCAL_MACHINE\Loader
Normal applications are also not allowed to modify protected data. They receive the ERROR_ACCESS_DENIED return value if they attempt to use the following registry functions:
- RegSetValueEx
- RegCreateKeyEx
- RegDeleteKey
- RegDeleteValue
-
The following table shows the API functions that can be called only by privileged applications.
The following API functions are available to the original equipment manufacturer (OEM) only. Information on these API functions can be viewed at this Microsoft Web site.
| API | API |
| AllocPhysMem | CeSetMemoryAttributes |
| CheckPassword | CreateWatchDogTimer |
| DrWatsonClear | DrWatsonFlush |
| DrWatsonGetSize | DrWatsonReadData |
| DrWatsonWriteData | ForcePageout |
| FreeIntChainHandler | FreePhysMem |
| InterruptDisable | InterruptDone |
| InterruptInitialize | KernelLibIoControl |
| LoadIntChainHandler | LoadKernelLibrary |
| LockPages | OpenWatchDogTimer |
| PowerOffSystem | RefreshWatchDogTimer |
| SetCleanRebootFlag | SetInterruptEvent |
| SetPassword | SetKMode |
| SetProcPermissions | SetPasswordStatus |
| SetSystemMemoryDivision | StopWatchDogTimer |
| StartWatchDogTimer | UnlockPages |
| VirtualSetPageFlags | VirtualCopy |
In Windows Mobile software there are additional APIs and registry root keys that are also protected from normal applications.
The following table shows the Extended Telephony Application Program Interface (ExTAPI) functions that can be called by privileged applications.
The following table shows the SIM Manager functions that can be called by privileged applications.
The following table shows the Short Message Service (SMS) functions that can be called by privileged applications.
The following table shows other functions that can be called by privileged applications.
Other Resources
Core OS Reference