Standard Access Rights

Each type of securable object has a set of access rights that correspond to operations specific to that type of object. In addition to these object-specific access rights, there is a set of standard access rights that correspond to operations common to most types of securable objects.

The access mask format includes a set of bits for the standard access rights. The following Windows constants for standard access rights are defined in Winnt.h.

ConstantMeaning
DELETEThe right to delete the object.
READ_CONTROLThe right to read the information in the object's security descriptor, not including the information in the system access control list (SACL).
SYNCHRONIZEThe right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.
WRITE_DACThe right to modify the discretionary access control list (DACL) in the object's security descriptor.
WRITE_OWNERThe right to change the owner in the object's security descriptor.

 

Winnt.h also defines the following combinations of the standard access rights constants.

ConstantMeaning
STANDARD_RIGHTS_ALLCombines DELETE, READ_CONTROL, WRITE_DAC, WRITE_OWNER, and SYNCHRONIZE access.
STANDARD_RIGHTS_EXECUTECurrently defined to equal READ_CONTROL.
STANDARD_RIGHTS_READCurrently defined to equal READ_CONTROL.
STANDARD_RIGHTS_REQUIREDCombines DELETE, READ_CONTROL, WRITE_DAC, and WRITE_OWNER access.
STANDARD_RIGHTS_WRITECurrently defined to equal READ_CONTROL.

 

 

 

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.