Desktop Switching "Secure Mode"
-
Okay, I see from here[^] that there are 3 desktops that come standard with Windows: default, screen-saver, and Winlogon. The screen-saver and Winlogon desktops are called "secured desktops", meaning they prevent regular programs on the default desktop from being messed with. Conceptually I get that. Additionally, it says the "unsecured screen-savers" run on that default desktop, thereby negating your security. Whoopsie. I would hate to create an "unsecured" screen-saver. From a C# perspective, I've been looking at all the articles on creating screen savers I can find, and not a single dang one of them creates secure mode screen savers. Grah! So, dear reader, where are the articles I cannot seem to find? I know somebody has done this, but my Google Fu is very weak. Please help.
Narf.
-
Okay, I see from here[^] that there are 3 desktops that come standard with Windows: default, screen-saver, and Winlogon. The screen-saver and Winlogon desktops are called "secured desktops", meaning they prevent regular programs on the default desktop from being messed with. Conceptually I get that. Additionally, it says the "unsecured screen-savers" run on that default desktop, thereby negating your security. Whoopsie. I would hate to create an "unsecured" screen-saver. From a C# perspective, I've been looking at all the articles on creating screen savers I can find, and not a single dang one of them creates secure mode screen savers. Grah! So, dear reader, where are the articles I cannot seem to find? I know somebody has done this, but my Google Fu is very weak. Please help.
Narf.
The screensaver-executable is loaded onto that desktop by default:
Quoted from the sample:
"Before a screensaver appears, Windows creates a new virtual desktop for it. The screensaver process is created on this second desktop, which is never locked. Any other processes that the screensaver creates will inherit this virtual desktop, [...]"
Take a look at the example here[^]. You'd have to scroll down until you find the heading "Secure a Locked Workstation" :)
I are Troll :suss:
-
The screensaver-executable is loaded onto that desktop by default:
Quoted from the sample:
"Before a screensaver appears, Windows creates a new virtual desktop for it. The screensaver process is created on this second desktop, which is never locked. Any other processes that the screensaver creates will inherit this virtual desktop, [...]"
Take a look at the example here[^]. You'd have to scroll down until you find the heading "Secure a Locked Workstation" :)
I are Troll :suss:
-
The screensaver-executable is loaded onto that desktop by default:
Quoted from the sample:
"Before a screensaver appears, Windows creates a new virtual desktop for it. The screensaver process is created on this second desktop, which is never locked. Any other processes that the screensaver creates will inherit this virtual desktop, [...]"
Take a look at the example here[^]. You'd have to scroll down until you find the heading "Secure a Locked Workstation" :)
I are Troll :suss:
Uh oh. I followed that whole example, but still couldn't get the interactive "Default" desktop to go away. After a lot of testing, I had the silly idea to check the "Password protect" check box on the screen saver dialog. Et voila! The documentation never says that part. It constantly implies that screen savers automatically launch in secure mode unless... they don't. Which is confusing as heck. At least now I know how the secure mode is created, even if I have no control over the process. It's Windows that decides which context to run it in. IF it's in secure mode, it does exactly what I want: create a blank desktop showing the current wallpaper and nothing else (save my screen saver form, which I made transparent). That's wonderful. But I want that to happen whether it's in secure mode or interactive mode. So I'm going to have to do some more testing on the desktop creation and switching API, which is a headache for a noob, but I suppose it's good learning experience.
Narf.