Hi,
- I am logged as user FOO.
- There’s a file C:\File.dll.
- The user FOO is the owner of C:\File.dll.
- This file’s DACL has the ony entry, EVERYONE:FILE_EXECUTE,
When I call CreateFile(“C:\File.dll”, WRITE_DAC, …),
it fails with ERROR_ACCESS_DENIED. The reason behind it is
that CreateFileA or CreateFileW always adds FILE_READ_ATTRIBUTES
to the access mask. Ownership of the file grants READ_CONTROL
and WRITE_DAC, but not FILE_READ_ATTRIBUTES, so the call fails.
Not that I expect this to be changed (it’s hard-coded in CreateFile
anyway), but has anyone an idea why CreateFile behaves like that ?
L.