This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Note
Access to this page requires authorization. You can trysigning in orchanging directories.
Access to this page requires authorization. You can trychanging directories.
TheACCESS_MASK data type is aDWORD value that defines standard, specific, and generic rights. These rights are used inaccess control entries (ACEs) and are the primary means of specifying the requested or granted access to an object.
typedef DWORD ACCESS_MASK;typedef ACCESS_MASK* PACCESS_MASK;The bits in this value are allocated as follows.
| Bits | Meaning |
|---|---|
| 0 15 | Specific rights. Contains the access mask specific to the object type associated with the mask. |
| 16 23 | Standard rights. Contains the object's standard access rights. |
| 24 | Access system security (ACCESS_SYSTEM_SECURITY). It is used to indicate access to asystem access control list (SACL). This type of access requires the calling process to have theSE_SECURITY_NAME (Manage auditing and security log) privilege. If this flag is set in the access mask of an audit access ACE (successful or unsuccessful access), the SACL access will be audited. |
| 25 | Maximum allowed (MAXIMUM_ALLOWED). |
| 26 27 | Reserved. |
| 28 | Generic all (GENERIC_ALL). |
| 29 | Generic execute (GENERIC_EXECUTE). |
| 30 | Generic write (GENERIC_WRITE). |
| 31 | Generic read (GENERIC_READ). |
Standard rights bits, 16 to 23, contain the object's standard access rights and can be a combination of the following predefined flags.
| Bit | Flag | Meaning |
|---|---|---|
| 16 | DELETE | Delete access. |
| 17 | READ_CONTROL | Read access to the owner, group, anddiscretionary access control list (DACL) of the security descriptor. |
| 18 | WRITE_DAC | Write access to the DACL. |
| 19 | WRITE_OWNER | Write access to owner. |
| 20 | SYNCHRONIZE | Synchronize access. |
The following constants defined in Winnt.h represent the specific and standard access rights.
#define DELETE (0x00010000L)#define READ_CONTROL (0x00020000L)#define WRITE_DAC (0x00040000L)#define WRITE_OWNER (0x00080000L)#define SYNCHRONIZE (0x00100000L)#define STANDARD_RIGHTS_REQUIRED (0x000F0000L)#define STANDARD_RIGHTS_READ (READ_CONTROL)#define STANDARD_RIGHTS_WRITE (READ_CONTROL)#define STANDARD_RIGHTS_EXECUTE (READ_CONTROL)#define STANDARD_RIGHTS_ALL (0x001F0000L)#define SPECIFIC_RIGHTS_ALL (0x0000FFFFL)| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header |
|
Was this page helpful?
Was this page helpful?