Synchronization Object Security and Access Rights
The Windows security model enables you to control access to event, mutex, semaphore, and waitable timer objects. Timer queues, interlocked variables, and critical section objects are not securable. For more information, see Access-Control Model.
You can specify a security descriptor for an interprocess synchronization object when you call the CreateEvent, CreateMutex, CreateSemaphore, or CreateWaitableTimer function. If you specify NULL, the object gets a default security descriptor. The Access-Control Lists (ACLs) in the default security descriptor for a synchronization object come from the primary or impersonation token of the creator.
To get or set the security descriptor of an event, mutex, semaphore, or waitable timer object, call the GetNamedSecurityInfo, SetNamedSecurityInfo, GetSecurityInfo, or SetSecurityInfo functions.
The handles returned by CreateEvent, CreateMutex, CreateSemaphore, and CreateWaitableTimer have full access to the new object. When you call the OpenEvent, OpenMutex, OpenSemaphore, and OpenWaitableTimer functions, the system checks the requested access rights against the object's security descriptor.
The valid access rights for the interprocess synchronization objects include the standard access rights and some object-specific access rights. The following table lists the standard access rights used by all objects.
| Value | Meaning |
|---|---|
| DELETE (0x00010000L) | Required to delete the object. |
| READ_CONTROL (0x00020000L) | Required to read information in the security descriptor for the object, not including the information in the SACL. To read or write the SACL, you must request the ACCESS_SYSTEM_SECURITY access right. For more information, see SACL Access Right. |
| SYNCHRONIZE (0x00100000L) | The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. |
| WRITE_DAC (0x00040000L) | Required to modify the DACL in the security descriptor for the object. |
| WRITE_OWNER (0x00080000L) | Required to change the owner in the security descriptor for the object. |
The following table lists the object-specific access rights for event objects. These rights are supported in addition to the standard access rights.
| Value | Meaning |
|---|---|
| EVENT_ALL_ACCESS (0x1F0003) | All possible access rights for an event object. Use this right only if your application requires access beyond that granted by the standard access rights and EVENT_MODIFY_STATE. Using this access right increases the possibility that your application must be run by an Administrator. |
| EVENT_MODIFY_STATE (0x0002) | Modify state access, which is required for the SetEvent, ResetEvent and PulseEvent functions. |
The following table lists the object-specific access rights for mutex objects. These rights are supported in addition to the standard access rights.
| Value | Meaning |
|---|---|
| MUTEX_ALL_ACCESS (0x1F0001) | All possible access rights for a mutex object. Use this right only if your application requires access beyond that granted by the standard access rights. Using this access right increases the possibility that your application must be run by an Administrator. |
| MUTEX_MODIFY_STATE (0x0001) | Reserved for future use. |
The following table lists the object-specific access rights for semaphore objects. These rights are supported in addition to the standard access rights.
| Value | Meaning |
|---|---|
| SEMAPHORE_ALL_ACCESS (0x1F0003) | All possible access rights for a semaphore object. Use this right only if your application requires access beyond that granted by the standard access rights and SEMAPHORE_MODIFY_STATE. Using this access right increases the possibility that your application must be run by an Administrator. |
| SEMAPHORE_MODIFY_STATE (0x0002) | Modify state access, which is required for the ReleaseSemaphore function. |
The following table lists the object-specific access rights for waitable timer objects. These rights are supported in addition to the standard access rights.
| Value | Meaning |
|---|---|
| TIMER_ALL_ACCESS (0x1F0003) | All possible access rights for a waitable timer object. Use this right only if your application requires access beyond that granted by the standard access rights and TIMER_MODIFY_STATE. Using this access right increases the possibility that your application must be run by an Administrator. |
| TIMER_MODIFY_STATE (0x0002) | Modify state access, which is required for the SetWaitableTimer and CancelWaitableTimer functions. |
| TIMER_QUERY_STATE (0x0001) | Reserved for future use. |
To read or write the SACL of an interprocess synchronization object, you must request the ACCESS_SYSTEM_SECURITY access right. For more information, see Access-Control Lists (ACLs) and SACL Access Right.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for