Protected Registry Keys and Values (Windows CE 5.0)

Article
09/14/2012

Windows CE does not support all of the registry security functionality that Windows-based desktop operating systems support. Windows CE restricts access to certain registry keys by any application that is considered not trusted. A trusted application is one that is certified by an OEM. Untrusted applications are unable to modify keys or values under the protected registry keys. You can add your own protected keys during boot. For more information about this process see Requesting Additional Secure Registry Keys. The following table shows the protected registry keys and values and corresponding descriptions.

Registry key	Description
HKEY_LOCAL_MACHINE\Comm	Stores communications and network configuration data, including network adapters and protocols.
HKEY_LOCAL_MACHINE\Drivers	Stores data for device drivers that are loaded at boot time.
HKEY_LOCAL_MACHINE\HARDWARE	Stores hardware configuration data.
HKEY_LOCAL_MACHINE\SYSTEM	Stores data for programs that must be started with the operating system (OS).
HKEY_LOCAL_MACHINE\Init	Stores system configuration data such as power settings and date format.
HKEY_LOCAL_MACHINE\WDMDrivers	Stores a list of Windows Driver Model (WDM) device drivers that are loaded at boot time.
HKEY_LOCAL_MACHINE\Services	Stores data for system services.

Untrusted applications receive the error code ERROR_ACCESS_DENIED if they attempt to use the following registry functions in any of the aforementioned registry keys or any of the subkeys below them:

All applications, including untrusted applications, will still be able to read any registry key or value.

Because the rest of the registry is unprotected, you should place all important registry information in the protected registry directories.

You can extend the list of protected root registry keys by responding to IOCTL_HAL_GETREGSECUREKEYS.

Protected Registry Keys and Values (Windows CE 5.0)

See Also

Additional resources