Services.exe Security (Windows Embedded CE 6.0)

Article
01/05/2012

1/6/2010

If you are running a service using services.exe, your service is running in a privileged process. However, you need to be aware that normal processes can call your service. For restricted operations, you need to make sure that the calling process is privileged.

To ensure that a specific service can only be called by a privileged process, you need to set the DEVFLAGS_TRUSTEDCALLERONLY flag in the registry for that service. For more information, see Services.exe Registry Settings.

Best Practices

Disable the command-line parsing option

To prevent normal applications from calling services.exe command-line options, set the AllowCmdLine value in the registry to 0. For more information, see Services.exe Registry Settings.

For more information about Windows Embedded CE security services, see Enhancing the Security of a Device.

Services.exe Security (Windows Embedded CE 6.0)

Best Practices

Disable the command-line parsing option

See Also

Concepts

Other Resources

Additional resources