Standard Access Rights
Each type of securable object has a set of access rights that correspond to operations specific to that type of object. In addition to these object-specific access rights, there is a set of standard access rights that correspond to operations common to most types of securable objects.
The access mask format includes a set of bits for the standard access rights. The following Windows constants for standard access rights are defined in Winnt.h.
| Constant | Meaning |
|---|---|
| DELETE | The right to delete the object. |
| READ_CONTROL | The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL). |
| SYNCHRONIZE | The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right. |
| WRITE_DAC | The right to modify the discretionary access control list (DACL) in the object's security descriptor. |
| WRITE_OWNER | The right to change the owner in the object's security descriptor. |
Winnt.h also defines the following combinations of the standard access rights constants.
| Constant | Meaning |
|---|---|
| STANDARD_RIGHTS_ALL | Combines DELETE, READ_CONTROL, WRITE_DAC, WRITE_OWNER, and SYNCHRONIZE access. |
| STANDARD_RIGHTS_EXECUTE | Currently defined to equal READ_CONTROL. |
| STANDARD_RIGHTS_READ | Currently defined to equal READ_CONTROL. |
| STANDARD_RIGHTS_REQUIRED | Combines DELETE, READ_CONTROL, WRITE_DAC, and WRITE_OWNER access. |
| STANDARD_RIGHTS_WRITE | Currently defined to equal READ_CONTROL. |