| Code | Field | Name | Description |
|---|---|---|---|
| 0x1 | File System Objects Access Rights | ReadData (or ListDirectory) | ReadData: For a file object, the right to read the corresponding file data. For a directory object, the right to read the corresponding directory data. ListDirectory: For a directory, the right to list the contents of the directory. |
| 0x2 | File System Objects Access Rights | WriteData (or AddFile) | WriteData: For a file object, the right to write data to the file. For a directory object, the right to create a file in the directory (FILE_ADD_FILE). AddFile: For a directory, the right to create a file in the directory. |
| 0x4 | File System Objects Access Rights | AppendData (or AddSubdirectory or CreatePipeInstance) | AppendData: For a file object, the right to append data to the file. (For local files, write operations will not overwrite existing data if this flag is specified without FILE_WRITE_DATA.) For a directory object, the right to create a subdirectory (FILE_ADD_SUBDIRECTORY). AddSubdirectory: For a directory, the right to create a subdirectory. CreatePipeInstance: For a named pipe, the right to create a pipe. |
| 0x8 | File System Objects Access Rights | ReadEA | The right to read extended file attributes. |
| 0x20 | File System Objects Access Rights | Execute (or Traverse) | Execute: For a native code file, the right to execute the file. This access right given to scripts may cause the script to be executable, depending on the script interpreter. Traverse: For a directory, the right to traverse the directory. By default, users are assigned the BYPASS_TRAVERSE_CHECKING privilege, which ignores the FILE_TRAVERSE access right. See the remarks in File Security and Access Rights for more information. |
| 0x40 | File System Objects Access Rights | DeleteChild | For a directory, the right to delete a directory and all the files it contains, including read-only files. |
| 0x80 | File System Objects Access Rights | ReadAttributes | The right to read file attributes. |
| 0x100 | File System Objects Access Rights | WriteAttributes | The right to write file attributes. |
| 0x10000 | File System Objects Access Rights | DELETE | The right to delete the object. |
| 0x20000 | File System Objects Access Rights | READ_CONTROL | The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL). |
| 0x40000 | File System Objects Access Rights | WRITE_DAC | The right to modify the discretionary access control list (DACL) in the object's security descriptor. |
| 0x80000 | File System Objects Access Rights | WRITE_OWNER | The right to change the owner in the object's security descriptor |
| 0x100000 | File System Objects Access Rights | SYNCHRONIZE | The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right. |
| 0x1000000 | File System Objects Access Rights | ACCESS_SYS_SEC | The ACCESS_SYS_SEC access right controls the ability to get or set the SACL in an object's security descriptor. |