Our database product logs various actions to the Windows Event Log when run on the desktop/server platforms (NT, XP, 2K, etc). One of the main advantages for us in doing so is that the event log records can not be modified by end users. This allows us to claim '21 CFR Part 11 audit logging capability' for our product. (21 CFR Part 11 is a FDA guideline)
There is of course no Event Log on CE. The CE database functions looks like a good fit. We could simply create our own database and log the appropriate information into it. However there appears to be no way to limit what applications can modify the records within it. Is there anything I'm missing?