5.1 Security Considerations for Implementers

Implementers are required to enforce the read/write permissions, as specified in section 3.1.4.21, to prevent unauthorized access to event logs.

Servers authenticate the caller and verify that the caller has proper access before returning a handle. When the handle is subsequently used, the server verifies that the client created the handle, that it was created by a method of this interface, and that the handle is appropriate for the operation.