Named objects are arranged in hierarchical directories, but the Win32 API
restricts user-mode applications’ access to these directories. Here’s a quick
run-though of the most interesting directories:
BaseNamedObjects This directory is where all conventional Win32
named objects, such as mutexes, are stored. All named-object Win32
APIs automatically use this directory—application programs have no
control over this.
Devices This directory contains the device objects for all currently active
system devices. Generally speaking each device driver has at least one
entry in this directory, even those that aren’t connected to any physical
device. This includes logical devices such as Tcp, and physical devices
such as Harddisk0. Win32 APIs can never directly access object in this
directory—they must use symbolic links(see below).
GLOBAL?? This directory (also named ??in older versions of Windows)
is the symbolic linkdirectory. Symbolic links are old-style names for ker-
nel objects. Old-style naming is essentially the DOS naming scheme,
which you’ve surely used. Think about assigning each drive a letter,
such as C:, and about accessing physical devices using an 8-letter name
that ends with a colon, such as COM1:. These are all DOS names, and in
modern versions of Windows they are linked to real devices in the
Devicesdirectory using symbolic links. Win32 applications can only
access devices using their symbolic link names.Some kernel objects are unnamed and are only identified by their handles or
kernel object pointers. A good example of such an object is a thread object,
which is created without a name and is only represented by handles (from user
mode) and by a direct pointer into the object (from kernel mode).
Processes and Threads
Processes and threads are both basic structural units in Windows, and it is cru-
cial that you understand exactly what they represent. The following sections
describe the basic concepts of processes and threads and proceed to discuss
the details of how they are implemented in Windows.
Windows Fundamentals 83