Windows NT protects all of its services by allowing only its own Kernel mode components to directly access operating system resources. User processes cannot directly access these resources. When your application requests an operating system service, the Windows NT security system performs a validation check of the service permissions. If the service access permission matches the requesting user, the service is provided.
With Windows NT, you can set explicit access control to every operating system service. These operating system objects include processes, threads, shares, files, folders, and devices.
The following topics in this section describe how to implement security for several important operating system services:
For More Information Many of the operating system services available in the Windows NT are actually BackOffice components with their own administration and configuration utilities; you can learn how to configure some of these BackOffice services with topics in this chapter. For more information on configuring Windows NT resource access permissions, search for "Access Control Lists" in MSDN Library Visual Studio 6.0.