Code Field Name Description
0x1 File System Objects Access Rights ReadData (or ListDirectory) ReadData: For a file object, the right to read the corresponding file data. For a directory object, the right to read the corresponding directory data. ListDirectory: For a directory, the right to list the contents of the directory.
0x2 File System Objects Access Rights WriteData (or AddFile) WriteData: For a file object, the right to write data to the file. For a directory object, the right to create a file in the directory (FILE_ADD_FILE). AddFile: For a directory, the right to create a file in the directory.
0x4 File System Objects Access Rights AppendData (or AddSubdirectory or CreatePipeInstance) AppendData: For a file object, the right to append data to the file. (For local files, write operations will not overwrite existing data if this flag is specified without FILE_WRITE_DATA.) For a directory object, the right to create a subdirectory (FILE_ADD_SUBDIRECTORY). AddSubdirectory: For a directory, the right to create a subdirectory. CreatePipeInstance: For a named pipe, the right to create a pipe.
0x8 File System Objects Access Rights ReadEA The right to read extended file attributes.
0x20 File System Objects Access Rights Execute (or Traverse) Execute: For a native code file, the right to execute the file. This access right given to scripts may cause the script to be executable, depending on the script interpreter. Traverse: For a directory, the right to traverse the directory. By default, users are assigned the BYPASS_TRAVERSE_CHECKING privilege, which ignores the FILE_TRAVERSE access right. See the remarks in File Security and Access Rights for more information.
0x40 File System Objects Access Rights DeleteChild For a directory, the right to delete a directory and all the files it contains, including read-only files.
0x80 File System Objects Access Rights ReadAttributes The right to read file attributes.
0x100 File System Objects Access Rights WriteAttributes The right to write file attributes.
0x10000 File System Objects Access Rights DELETE The right to delete the object.
0x20000 File System Objects Access Rights READ_CONTROL The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL).
0x40000 File System Objects Access Rights WRITE_DAC The right to modify the discretionary access control list (DACL) in the object's security descriptor.
0x80000 File System Objects Access Rights WRITE_OWNER The right to change the owner in the object's security descriptor
0x100000 File System Objects Access Rights SYNCHRONIZE The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.
0x1000000 File System Objects Access Rights ACCESS_SYS_SEC The ACCESS_SYS_SEC access right controls the ability to get or set the SACL in an object's security descriptor.