Minlogon Security (Windows Embedded Standard 2009)
4/23/2012
Minlogon is a single user environment and does not differentiate between different levels of access privilege. Minlogon does not support user accounts, authentication verification, administrator accounts, or domain joining.
Minlogon provides flexibility and reduced footprint at the cost of security. Minlogon can be beneficial for devices on which user access to the underlying file system is limited.
Because there is no differentiation of privileges, any user on the system can delete or modify any file, setting, or service on the system.
When you develop a Minlogon system, consider the potential risks involved. If users have access to the file system, you may want to consider write-protecting your run-time image with Enhanced Write Filter. For more information, see Enhanced Write Filter.
See Also
Other Resources
Best Practices for Security
Network Security Considerations
Local Security Considerations