Export (0) Print
Expand All

File and Directory Access Rights Constants

WMI classes that represent files or directories, such as Win32_CodecFile or CIM_DataFile, contain an AccessMask property. This property contains bit settings that specify the access rights a user or group must have for specific access or operations on the file. For more information, see File Security and Access Rights and Changing Access Security on Securable Objects.

The file or directory classes which contain an AccessMask property include:

The following table lists the values for file and directory access rights in the AccessMask property. This property is a bitmap.

Constant/valueDescription
FILE_READ_DATA
0 (0x0)

Grants the right to read data from the file.

FILE_LIST_DIRECTORY
0 (0x0)

Grants the right to read data from the file. For a directory, this value grants the right to list the contents of the directory.

FILE_WRITE_DATA
1 (0x1)

Grants the right to write data to the file.

FILE_ADD_FILE
1 (0x1)

Grants the right to write data to the file. For a directory, this value grants the right to create a file in the directory.

FILE_APPEND_DATA
4 (0x4)

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

FILE_ADD_SUBDIRECTORY
4 (0x4)

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

FILE_READ_EA
8 (0x8)

Grants the right to read extended attributes.

FILE_WRITE_EA
16 (0x10)

Grants the right to write extended attributes.

FILE_EXECUTE
32 (0x20)

Grants the right to execute a file.

FILE_TRAVERSE
32 (0x20)

Grants the right to execute a file. For a directory, the directory can be traversed.

FILE_DELETE_CHILD
64 (0x40)

Grants the right to delete a directory and all the files it contains (its children), even if the files are read-only.

FILE_READ_ATTRIBUTES
128 (0x80)

Grants the right to read file attributes.

FILE_WRITE_ATTRIBUTES
256 (0x100)

Grants the right to change file attributes.

DELETE
65536 (0x10000)

Grants the right to delete the object.

READ_CONTROL
131072 (0x20000)

Grants the right to read the information in the security descriptor for the object, not including the information in the SACL.

WRITE_DAC
262144 (0x40000)

Grants the right to modify the DACL in the object security descriptor for the object.

WRITE_OWNER
524288 (0x80000)

Grants the right to change the owner in the security descriptor for the object.

SYNCHRONIZE
1048576 (0x100000)

Grants the right to use the object for synchronization. This enables a process to wait until the object is in signaled state. Some object types do not support this access right.

Requirements

Header

Winnt.h

See also

WMI Security Constants
Maintaining WMI Security

 

 

Show:
© 2014 Microsoft