I wrote a service program running as a local service account.
This service used to use GetNamedSecurityInfo to obtain folder related access rights and it works fine. Recently, I upgraded to 20h2 version of win10 and found that there were some different return values in this interface.
I use the sample code https://docs.microsoft.com/en-us/windows/win32/api/aclapi/nf-aclapi-geteffectiverightsfromacla
to get folder C:\Users\Admin\Documents\NewFolder Local Service access permission.
NewFolder has no local service permission.
The previous version was win10 2004, I never get error from GetNamedSecurityInfo, and AuthzAccessCheck can get accessMask without error.
After win10 upgrade to 20H2, I get errorcode = 5 when call GetNamedSecurityInfo,
Any comments or something I don't know?