Windows displays UAC prompts on the “secure desktop” when certain security-related operations need to be performed. There’s obviously some API somewhere that creates the secure desktop and creates a window on it, but I have no idea where I would find out about the mechanisms involved. I guess I could reverse engineer the UAC mechanisms, but I’m not that good at that level of reverse engineering (and I’m pretty sure there’s some legal ramifications involved…)
Anyway, I know there’s an API to create new desktops on the current session, but there’s no mention of secure desktops in any documentation I can find. Out of curiosity, I’d like to know how the whole secure desktop / UAC prompt creation works.
Disclaimer: This is purely theoretical, and I’m not looking to deploy this in any of my code.
It seems likely that, from the point of view of the system, the secure desktop is just a perfectly normal desktop with a suitable ACL. Note that CreateDesktop allows you to specify a security descriptor for the new desktop.
So far as I know, the secure desktop has no special behaviour, so I see no reason to suppose that any additional API (documented or not) is involved.