The handles window in process Explorer has a column Access which supposedly determines the access rights of that particular handle. I am not able to get any documentation on how to read the flags and what each bit means. Any resource to point me in the direction would be very helpful.
Asked
Active
Viewed 223 times
2
-
Window Handle can be accessed by anything which has access to Process Handle. About the flags I never investigated it. – Andrew Smith Jul 19 '12 at 18:13
1 Answers
1
I believe you can find those defined in winnt.h. (A sample winnt.h which seems to match correctly can be found included in the Wine project.) The lower 16 bits are context-dependent (eg. they are interpreted differently depending on whether the handle is for a file, a threat, a process, etc.)
The bit patterns can be further described in MSDN.
logicalscope
- 6,374
- 3
- 27
- 39