5.1 Security Considerations for Implementers

Implementers are required to enforce the read/write permissions, as specified in section, to prevent unauthorized access to event logs.

Servers authenticate the caller and verify that the caller has proper access before returning a handle. When the handle is subsequently used, the server verifies that the client created the handle, that it was created by a method of this interface, and that the handle is appropriate for the operation.