@evildictaitor: You're still making the assumption that you have unrestricted access to the file system, there is no such guarantee that forthcoming updates to the kernel-mode parts of Metro won't prohibit that. At which point no amount of trying to circumvent it helps.
There's probably also a fair bit that can be accomplished by simply applying appropriate filesystems ACLs, since UAC has to be on, there is no elevation option and Integrity Levels are enforced at kernel level. Working on the assumption today that you'll be able to make arbitrary Win32 calls is just plain foolish, even for sideloaded apps.
