Chapter 18. What Is a Window Station?
Window stations are a little-known but very important security feature designed to sandbox the windowing environment in the operating system. In order to avoid putting ACLs on each window and incurring the wrath of the performance gods by doing access checks on each window message, we simply let windows message each other without any security checks. However, we do so in a private environment known as a window station.
A window station is a secure kernel object that contains a clipboard, a private atom table, a set of desktops, and a set of windows. Each process is tied to one window station, and this association normally parallels logon session assignments. That is, for each logon session there's a corresponding ...
Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.