Privileged APIs
4/8/2010
The following API functions can be called only by privileged applications.
The following table shows file-based API functions that are influenced by the SYSTEM attribute that can be set on a file.
| API | API |
|---|---|
In addition, the debug flags DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS of the CreateProcess API are restricted. If these flags are used by a non-privileged application, the identified process will still launch but no debugging will occur.
Debug flags, DEBUG_ONLY_THIS_PROCESS and DEBUG_PROCESS, in the CreateProcess API are restricted as well.
Because most of the registry is unprotected, original equipment manufacturers must place all-important registry information in one of the protected keys.
Note
All applications have read-only access to all registry keys and values.
In Windows Mobile devices, the following registry root keys and their subkeys are protected from normal applications:
HKEY_LOCAL_MACHINE\Comm
HKEY_LOCAL_MACHINE\Drivers
HKEY_LOCAL_MACHINE\HARDWARE
HKEY_LOCAL_MACHINE\Init
HKEY_LOCAL_MACHINE\Services
HKEY_LOCAL_MACHINE\SYSTEM
HKEY_LOCAL_MACHINE\WDMDrivers
HKEY_LOCAL_MACHINE\Security
HKEY_CURRENT_USER\Security
HKEY_LOCAL_MACHINE\Loader
Normal applications are also not allowed to modify protected data. They receive the ERROR_ACCESS_DENIED return value if they attempt to use the following registry functions:
RegSetValueEx
RegCreateKeyEx
RegDeleteKey
RegDeleteValue
-
The following table shows the API functions that can be called only by privileged applications.
| API | API |
|---|---|
The following API functions are available to the original equipment manufacturer (OEM) only. Information on these API functions can be viewed at this Microsoft Web site.
| API | API |
|---|---|
AllocPhysMem |
CeSetMemoryAttributes |
CheckPassword |
CreateWatchDogTimer |
DrWatsonClear |
DrWatsonFlush |
DrWatsonGetSize |
DrWatsonReadData |
DrWatsonWriteData |
ForcePageout |
FreeIntChainHandler |
FreePhysMem |
InterruptDisable |
InterruptDone |
InterruptInitialize |
KernelLibIoControl |
LoadIntChainHandler |
LoadKernelLibrary |
LockPages |
OpenWatchDogTimer |
PowerOffSystem |
RefreshWatchDogTimer |
SetCleanRebootFlag |
SetInterruptEvent |
SetPassword |
SetKMode |
SetProcPermissions |
SetPasswordStatus |
SetSystemMemoryDivision |
StopWatchDogTimer |
StartWatchDogTimer |
UnlockPages |
VirtualSetPageFlags |
VirtualCopy |
Windows Mobile Software
In Windows Mobile software there are additional APIs and registry root keys that are also protected from normal applications.
The following table shows the Extended Telephony Application Program Interface (ExTAPI) functions that can be called by privileged applications.
| API | API |
|---|---|
The following table shows the SIM Manager functions that can be called by privileged applications.
| API | API |
|---|---|
The following table shows the Short Message Service (SMS) functions that can be called by privileged applications.
| API |
|---|
The following table shows other functions that can be called by privileged applications.
| API |
|---|
Connection Manager function ConnMgrProviderMessage |
Critical Process Monitor function CPMRegister (Reboot) |