Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

On windows nt, ntdll gets loaded in all processes, it's hardcoded in the kernel (http://gate.upm.ro/os/LABs/Windows_OS_Internals_Curriculum_R...). That's where the loader resides, so you can't go without it. And that's where all the Zw/Nt* functions/ i.e. where the syscalls are.

So you can't really go without it.



Except the new picoprocesses, which don't get ntdll (or anything really, I guess).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: