April 28th, 2015

Access to a file's attributes is controlled by two things

We saw some time ago that permission to delete a file is granted either

  • if you have DELETE access on the file, or
  • if you have FILE_DELETE_CHILD access on the containing directory.

File attributes behave in an analogous way. Permission to read a file’s attributes is granted either

  • if you have FILE_READ_ATTRIBUTES access on the file, or
  • if you have FILE_LIST_DIRECTORY access on the containing directory.

If you want the file’s attributes, you could always get it by reading the directory, because one of the pieces of information you get from Find­First­File is the file attributes. Therefore, having permission to read a directory implicitly gives you permission to read the attributes of any file in that directory.

(Note, of course, that write permission on attributes is another story.)

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.