The valid access rights for files and directories include the DELETE, READ_CONTROL, WRITE_DAC, WRITE_OWNER, and SYNCHRONIZEstandard access rights. The following table lists the access rights that are specific to files and directories.
For a directory, the right to create a file in the directory.
For a directory, the right to create a subdirectory.
All possible access rights for a file.
For a file object, the right to append data to the file. (For local files, write operations will not overwrite existing data if this flag is specified without FILE_WRITE_DATA.) For a directory object, the right to create a subdirectory (FILE_ADD_SUBDIRECTORY).
For a named pipe, the right to create a pipe.
For a directory, the right to delete a directory and all the files it contains, including read-only files.
For a native code file, the right to execute the file. This access right given to scripts may cause the script to be executable, depending on the script interpreter.
For a directory, the right to list the contents of the directory.
The right to read file attributes.
For a file object, the right to read the corresponding file data. For a directory object, the right to read the corresponding directory data.
For a file object, the right to write data to the file. For a directory object, the right to create a file in the directory (FILE_ADD_FILE).
The right to write extended file attributes.
Includes READ_CONTROL, which is the right to read the information in the file or directory object's security descriptor. This does not include the information in the SACL.
Same as STANDARD_RIGHTS_READ.
Minimum supported client
Windows XP [desktop apps only]
Minimum supported server
Windows Server 2003 [desktop apps only]
WinNT.h (include Windows.h)
The feedback system for this content will be changing soon. Old comments will not be carried over. If content within a comment thread is important to you, please save a copy. For more information on the upcoming change, we invite you to read our blog post.