Final word on WINLOGON

[David Moisan <dmoisan () shore net>]

Here's a quote from "Inside Windows 2000" that should put Winlogon and 
"\??\" questions to rest:

"One place in which the executive uses symbolic link objects is in 
translating MS-DOS-style device names into Windows 2000 internal device 
names. In Win32, a user refers to floppy and hard disk drives using the 
names A:, B:, C:, and so on. Moreover, the user can add pseudo drive names 
with the subst (substitute) command or by mapping a drive letter to a 
network share. Once they are created, these drive names must be visible to 
all processes on the system.

The Win32 subsystem makes drive letters protected, global data by placing 
them in the object manager namespace under the \?? object directory. (Prior 
to Windows NT 4, this directory was named \DosDevices; it was renamed \?? 
for performance reasons--that name places it first alphabetically.) When 
the user or an application creates a new drive letter, the Win32 subsystem 
adds another object under the \?? object directory."


Take care,

Dave

David Moisan, N1KGH   ARES/SKYWARN             dmoisan () davidmoisan org
Invisible Disability:  http://www1.shore.net/~dmoisan/invisible_disability.html
ATS-909 FAQ:  http://www1.shore.net/~dmoisan/faqs/sangean/ats909faq.html


----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>