Platform SDK: Access Control |
A securable object is an object that can have a security descriptor. All named Win32 objects are securable. Some unnamed objects, such as process and thread objects, can have security descriptors too. For most securable objects, you can specify an object's security descriptor in the function call that creates the object. For example, you can specify a security descriptor in the CreateFile and CreateProcess functions.
In addition, the Win32 security functions enable you to get and set the security information for securable objects created on operating systems other than Windows NT/Windows 2000. The Win32 security functions also provide support for using security descriptors with private, application-defined objects. For more information about private securable objects, see Client-Server Access Control.
Each type of securable object defines its own set of specific access rights and its own mapping of generic access rights. For information about the specific and generic access rights for each type of securable object, see the overview for that type of object.
The following table shows the functions to use to manipulate the security information for each type of securable object.