| Platform SDK: DLLs, Processes, and Threads |
Windows NT/Windows 2000 security enables you to control access to event, mutex, semaphore, and waitable timer objects. Timer queues, interlocked variables, and critical section objects are not securable. For more information about security, see Access-Control Model.
You can specify a security descriptor for an interprocess synchronization object when you call the CreateEvent, CreateMutex, CreateSemaphore, or CreateWaitableTimer function. To get or set the security descriptor of an event, mutex, semaphore, or waitable timer object, call the GetNamedSecurityInfo, SetNamedSecurityInfo, GetSecurityInfo, or SetSecurityInfo functions.
The handles returned by CreateEvent, CreateMutex, CreateSemaphore, and CreateWaitableTimer have full access to the new object. When you call the OpenEvent, OpenMutex, OpenSemaphore, and OpenWaitableTimer functions, the system checks the requested access rights against the object's security descriptor.
The valid access rights for all interprocess synchronization objects include the DELETE, READ_CONTROL, SYNCHRONIZE, WRITE_DAC, and WRITE_OWNER standard access rights.
The following table lists the specific access rights for event objects.
| Value | Meaning |
|---|---|
| EVENT_ALL_ACCESS | Specifies all possible access rights for an event object. |
| EVENT_MODIFY_STATE | Specifies modify state access, which is required for the ResetEvent and PulseEvent functions. |
The following table lists the specific access rights for mutex objects.
| Value | Meaning |
|---|---|
| MUTEX_ALL_ACCESS | Specifies all possible access rights for a mutex object. |
| MUTEX_MODIFY_STATE | Specifies modify state access, which is required for the ReleaseMutex function. |
The following table lists the specific access rights for semaphore objects.
| Value | Meaning |
|---|---|
| SEMAPHORE_ALL_ ACCESS |
Specifies all possible access rights for a semaphore object. |
| SEMAPHORE_MODIFY_ STATE |
Specifies modify state access, which is required for the ReleaseSemaphore function. |
The following table lists the specific access rights for waitable timer objects.
| Value | Meaning |
|---|---|
| TIMER_ALL_ACCESS | Specifies all possible access rights for a waitable timer object. |
| TIMER_MODIFY_STATE | Specifies modify state access, which is required for the SetWaitableTimer and CancelWaitableTimer functions. |
| TIMER_QUERY_STATE | Reserved for future use. |
To read or write the SACL of an interprocess synchronization object, you must request the ACCESS_SYSTEM_SECURITY access right. For more information, see Access-Control Lists (ACLs) and SACL Access Right.