Window stations are a little-known but very important security feature designed to sandbox the windowing environment in the operating system. In order to avoid putting ACLs on each window and incurring the wrath of the performance gods by doing access checks on each window message, we simply let windows message each other without any security checks. However, we do so in a private environment known as a window station.

A window station is a secure kernel object that contains a clipboard, a private atom table, a set of desktops, and a set of windows. Each process is tied to one window station, and this association normally parallels logon session assignments. That is, for each logon session there's a corresponding ...