Valid access values depend on the class the resource belongs to. The following table lists valid access values by class in the Windows (nt) environment.
|
Class |
Valid Access Values |
Let Accessors... |
|---|---|---|
|
All classes |
all |
Perform all valid operations for the class. |
|
|
none |
Perform no valid operations for the class. |
|
COM, DISK |
change |
Perform the combined operations of delete, read, and write. |
|
|
changepermissions |
Modify the ACL of the resource. |
|
|
delete |
Delete the resource. |
|
|
read |
Access data on the resource without changing it. |
|
|
takeownership, chown, owner |
Change the owner of the specified resource. |
|
|
write |
Write data to the specified resource. |
|
FILE |
|
Note: It is only possible to define access authorities for NTFS files; FAT files cannot have access authorities. |
|
|
change |
Perform the combined operations of delete, read, and write. |
|
|
changepermissions, sec |
Modify the ACL of the resource. |
|
|
chmod |
Perform all operations except delete. |
|
|
chown |
Change the owner of the specified resource. |
|
|
delete |
Delete the resource. |
|
|
execute |
Execute programs. Note: To use this access, the accessor must also have read access. |
|
|
read |
Access a resource without changing it. |
|
|
rename |
Renames the resource. Note: To rename a file, you must have delete access to the source and rename access to the target. The audit log reflects this order of events. |
|
|
write |
Modify the resource. |
|
|
update |
Perform the combined operations of read, write, and execute. |
|
|
|
|
|
PRINTER |
manage |
Manage the printer. For example, set the data for a specified printer, pause printing, resume printing, clear all print jobs, update the ACL, or change printer properties. |
|
|
|
Print using the printer. |
|
REGKEY |
append, create, subkey |
Create or modify a subkey of the registry key |
|
|
takeownership, chown, owner |
Change the owner of the resource |
|
|
changepermissions, sec, dac, writedac |
Modify the ACL of the resource. |
|
|
delete |
Delete the resource. |
|
|
enum |
Enumerate subkeys. |
|
|
link |
Create a link to the registry key. |
|
|
notify |
Change notifications for a registry key or for subkeys of a registry key. |
|
|
query |
Query a value of the registry key |
|
|
read |
Access a resource without changing it. |
|
|
readcontrol, manage |
Read the information in the registry key's security descriptor, not including the information in the system (audit) ACL. |
|
|
set |
Create or set a value of the registry key. |
|
|
write |
Change the registry key and its subkeys. |
|
SHARE |
change |
Change properties of the resource or remove sharing from the resource. |
|
|
read |
Access a resource without changing it. |
Note: The values none and all are applicable to all classes. The value all represents the entire group of access values, other than none, for a particular class. For more information about access authority, see the Endpoint Administration Guide for Windows.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|