Platform SDK

Expect a Secure Desktop

Windows 2000 provides a secure operating environment. This means that access controls can be placed on various system resources to restrict users from performing certain operations. These issues come up most often when writing data to the file system or registry. Security is enforced by the operating system at a low level and typically cannot be circumvented by applications.

The bottom line is that an administrator can restrict access to files, folders, and the registry using Access Control Lists (ACLs), and your application needs to be written with this in mind. The following sections contain a few simple guidelines that will enable your application to work properly in a secure environment. The most important things to remember are:

Desktop security is an all-pervasive aspect of the Windows 2000 platform. At some time your application will encounter Windows security, it’s just a fact of life. Code defensively, anticipate any security implications and devise solutions.