[ros-dev] Shutdown

Hi, Instead of posting things on chat and coming across as flames, so here we go. I added excerpts and opt edited from "Inside Microsoft Windows 2000". http://www.reactos.org/wiki/index.php/ShutdownProcess "Csrss in turn impersonates the caller and sends a Window message to a hidden window owned by Winlogon telling it to perform a system shutdown." The best way I could do this at one time, take for example. Find the program ntpmon.exe run it and open a console window. Type ctrl-C or break at the same time watch ntpmon. You will see cmd clone itself. One step further in the console window run listdlls.exe and watch ntpmon. You will see "impersonation", threads created under processes to access each process context. Cool right! I could have written this for lib/rtl/dbgbuffer.c but I thought KJK_Hyperions way was cooler and used NtReadVirtualMemory to peek at process context instead. I did have a note in lib/rtl/dbgbuffer.c alluded to this process but one of "the coders that knows more" removed it. So, impersonates; user access rights, its a thread in Csrss created under the user program process context, it finds the parent and sends the shutdown message. I guess, James