Actually, contrary to popular belief (and some answers here), the answer is: yes, you can, but depending on which OS:
On Linux, you can call almost all system calls if you can find their kernel export (for example, "cat / proc / kallsysms | grep sys_"). There is a slight βtrickβ to circumvent protection in most system calls (those that accept user mode *) by setting a data segment (KERNEL_DS). This is not recommended, but it certainly makes sense if you need to access files from the kernel (e.g. SELinux).
On Windows, most Nt * calls in the kernel are also available as Zw * calls - do "dumpbin / exports C: \ windows \ system32 \ ntoskrnl.exe | findstr Zw (or Nt)" for example.
On Mac OS X, this should not technically be allowed, although there are smart hacks to get around it.
Even though system calls are indeed the interface between the user mode and the kernel, there are surprisingly many cases where even code worthy of production does this, but thanks to careful observance of the caveats.
Technologeeks
source share