Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Dev Center - Desktop
Click to Rate and Give Feedback
MSDN
MSDN Library
Windows Development
WMI Reference
WMI Security
 File and Directory Access Rights Co...
File and Directory Access Rights Constants

Applies to: desktop apps only

WMI classes that represent files or directories, such as Win32_CodecFile or CIM_DataFile, contain an AccessMask property. This property contains bit settings that specify the access rights a user or group must have for specific access or operations on the file. For more information, see File Security and Access Rights and Changing Access Security on Securable Objects.

The file or directory classes which contain an AccessMask property include:

The following table lists the values for file and directory access rights in the AccessMask property. This property is a bitmap.

Windows 2000:  On FAT volumes, the FULL_ACCESS value is returned instead, which indicates no security has been set on the object.
Constant/valueDescription
FILE_READ_DATA
0 (0x0)

Grants the right to read data from the file.

FILE_LIST_DIRECTORY
0 (0x0)

Grants the right to read data from the file. For a directory, this value grants the right to list the contents of the directory.

FILE_WRITE_DATA
1 (0x1)

Grants the right to write data to the file.

FILE_ADD_FILE
1 (0x1)

Grants the right to write data to the file. For a directory, this value grants the right to create a file in the directory.

FILE_APPEND_DATA
4 (0x4)

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

FILE_ADD_SUBDIRECTORY
4 (0x4)

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

FILE_READ_EA
8 (0x8)

Grants the right to read extended attributes.

FILE_WRITE_EA
16 (0x10)

Grants the right to write extended attributes.

FILE_EXECUTE
32 (0x20)

Grants the right to execute a file.

FILE_TRAVERSE
32 (0x20)

Grants the right to execute a file. For a directory, the directory can be traversed.

FILE_DELETE_CHILD
64 (0x40)

Grants the right to delete a directory and all the files it contains (its children), even if the files are read-only.

FILE_READ_ATTRIBUTES
128 (0x80)

Grants the right to read file attributes.

FILE_WRITE_ATTRIBUTES
256 (0x100)

Grants the right to change file attributes.

DELETE
65536 (0x10000)

Grants the right to delete the object.

READ_CONTROL
131072 (0x20000)

Grants the right to read the information in the security descriptor for the object, not including the information in the SACL.

WRITE_DAC
262144 (0x40000)

Grants the right to modify the DACL in the object security descriptor for the object.

WRITE_OWNER
524288 (0x80000)

Grants the right to change the owner in the security descriptor for the object.

SYNCHRONIZE
1048576 (0x100000)

Grants the right to use the object for synchronization. This enables a process to wait until the object is in signaled state. Some object types do not support this access right.

Requirements

Header
Winnt.h

See also

WMI Security Constants
Maintaining WMI Security

 

 

Send comments about this topic to Microsoft

Build date: 3/9/2012

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Error in numeric values      uffehellum ... Stanley Roark   |   Edit   |   Show History
FILE_READ_DATA (file), FILE_LIST_DIRECTORY (directory)
0 (0x0)

Should be 1 instead of 0

FILE_WRITE_DATA (file), FILE_ADD_FILE (directory)
1 (0x1)

Should be 2 instead of 1

© 2012 Microsoft. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker