Full-Kernel Mode (Windows Embedded CE 6.0)
1/6/2010
You can run all OS threads in either kernel (full) mode or user (protected) mode. The default behavior is for full-kernel mode. Although running threads in kernel mode leaves the entire system vulnerable, it also enables increased performance. This is because Windows Embedded CE bypasses security functionality that can prevent a thread from entering kernel mode. This can be acceptable in a closed environment, but in an open environment, this can have dramatic effects on security. To disable full-kernel mode, ROMFLAGS in the Config.bib file must have its second bit set. Depending on what other flags are set, the value of ROMFLAGS might vary.