Rhomboid · March 2, 2016 08:53
diff --git a/process_access_rights.txt b/process_access_rights.txt
 https://msdn.microsoft.com/en-us/library/windows/desktop/aa446632.aspx              // Generic Access Rights
 https://msdn.microsoft.com/en-us/library/windows/desktop/aa379607.aspx              // Standard Access Rights
 https://msdn.microsoft.com/en-us/library/windows/desktop/aa374896.aspx              // Access Mask Format
 https://msdn.microsoft.com/en-us/library/windows/desktop/ms684880.aspx              // Process Security and Access Rights

 Mask Format:

    bits  0 - 15 [16 bits]:     object-specific rights
    bits 16 - 23 [ 8 bits]:     standard access rights
    bit 24:      [ 1 bit]:      right to access SACL (ACCESS_SYSTEM_SECURITY)
    bits 25 - 27 [ 3 bits]:     reserved
    bits 28 - 31 [ 4 bits]:     generic access rights
    
    Securable objects use an access mask format in which the four high-order bits specify generic access rights.
    Each type of securable object maps these bits to a set of its standard and object-specific access rights.
    For example, a Windows file object maps the GENERIC_READ bit to the READ_CONTROL and SYNCHRONIZE standard
    access rights and to the FILE_READ_DATA, FILE_READ_EA, and FILE_READ_ATTRIBUTES object-specific access rights.
    Other types of objects map the GENERIC_READ bit to whatever set of access rights is appropriate for that
    type of object.

    You can use generic access rights to specify the type of access you need when you are opening a handle to
    an object. This is typically simpler than specifying all the corresponding standard and specific rights.

 Generic access rights:

    GENERIC_READ                        0x80000000          10000000 00000000 00000000 00000000
    GENERIC_WRITE                       0x40000000          01000000 00000000 00000000 00000000
    GENERIC_EXECUTE                     0x20000000          00100000 00000000 00000000 00000000
    GENERIC_ALL                         0x10000000          00010000 00000000 00000000 00000000
                                                                                       
 SACL access right:                                                                     
                                                                                       
    ACCESS_SYSTEM_SECURITY              0x01000000          00000001 00000000 00000000 00000000
                                                                                       
 Standard access rights:                                                                
                                                                                       
    SYNCHRONIZE                         0x00100000          00000000 00010000 00000000 00000000
    WRITE_OWNER                         0x00080000          00000000 00001000 00000000 00000000
    WRITE_DAC                           0x00040000          00000000 00000100 00000000 00000000
    READ_CONTROL                        0x00020000          00000000 00000010 00000000 00000000
    DELETE                              0x00010000          00000000 00000001 00000000 00000000
                                                                                       
    STANDARD_RIGHTS_ALL                 0x001f0000          00000000 00011111 00000000 00000000        // DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | SYNCHRONIZE
    STANDARD_RIGHTS_EXECUTE             0x00020000          00000000 00000010 00000000 00000000        // READ_CONTROL
    STANDARD_RIGHTS_READ                0x00020000          00000000 00000010 00000000 00000000        // READ_CONTROL
    STANDARD_RIGHTS_REQUIRED            0x000f0000          00000000 00001111 00000000 00000000        // DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER
    STANDARD_RIGHTS_WRITE               0x00020000          00000000 00000010 00000000 00000000        // READ_CONTROL
                                                                                       
 Process rights:                                                                        
                                                                                       
    PROCESS_QUERY_LIMITED_INFORMATION   0x00001000          00000000 00000000 00010000 00000000        // [>= Vista / 2k8]
    PROCESS_SUSPEND_RESUME              0x00000800          00000000 00000000 00001000 00000000
    PROCESS_QUERY_INFORMATION           0x00000400          00000000 00000000 00000100 00000000
    PROCESS_SET_INFORMATION             0x00000200          00000000 00000000 00000010 00000000
    PROCESS_SET_QUOTA                   0x00000100          00000000 00000000 00000001 00000000
    PROCESS_CREATE_PROCESS              0x00000080          00000000 00000000 00000000 10000000
    PROCESS_DUP_HANDLE                  0x00000040          00000000 00000000 00000000 01000000
    PROCESS_VM_WRITE                    0x00000020          00000000 00000000 00000000 00100000
    PROCESS_VM_READ                     0x00000010          00000000 00000000 00000000 00010000
    PROCESS_VM_OPERATION                0x00000008          00000000 00000000 00000000 00001000
    PROCESS_SET_SESSIONID               0x00000004          00000000 00000000 00000000 00000100        // undocumented
    PROCESS_CREATE_THREAD               0x00000002          00000000 00000000 00000000 00000010
    PROCESS_TERMINATE                   0x00000001          00000000 00000000 00000000 00000001
                                                                                       
    PROCESS_ALL_ACCESS [XP / 2k3]       0x001f0fff          00000000 00011111 00001111 11111111        // STANDARD_RIGHTS_ALL | 0x0fff
    PROCESS_ALL_ACCESS [>= Vista / 2k8] 0x001fffff          00000000 00011111 11111111 11111111        // STANDARD_RIGHTS_ALL | 0xffff
	https://msdn.microsoft.com/en-us/library/windows/desktop/aa446632.aspx // Generic Access Rights
	https://msdn.microsoft.com/en-us/library/windows/desktop/aa379607.aspx // Standard Access Rights
	https://msdn.microsoft.com/en-us/library/windows/desktop/aa374896.aspx // Access Mask Format
	https://msdn.microsoft.com/en-us/library/windows/desktop/ms684880.aspx // Process Security and Access Rights

	Mask Format:

	bits 0 - 15 [16 bits]: object-specific rights
	bits 16 - 23 [ 8 bits]: standard access rights
	bit 24: [ 1 bit]: right to access SACL (ACCESS_SYSTEM_SECURITY)
	bits 25 - 27 [ 3 bits]: reserved
	bits 28 - 31 [ 4 bits]: generic access rights

	Securable objects use an access mask format in which the four high-order bits specify generic access rights.
	Each type of securable object maps these bits to a set of its standard and object-specific access rights.
	For example, a Windows file object maps the GENERIC_READ bit to the READ_CONTROL and SYNCHRONIZE standard
	access rights and to the FILE_READ_DATA, FILE_READ_EA, and FILE_READ_ATTRIBUTES object-specific access rights.
	Other types of objects map the GENERIC_READ bit to whatever set of access rights is appropriate for that
	type of object.

	You can use generic access rights to specify the type of access you need when you are opening a handle to
	an object. This is typically simpler than specifying all the corresponding standard and specific rights.

	Generic access rights:

	GENERIC_READ 0x80000000 10000000 00000000 00000000 00000000
	GENERIC_WRITE 0x40000000 01000000 00000000 00000000 00000000
	GENERIC_EXECUTE 0x20000000 00100000 00000000 00000000 00000000
	GENERIC_ALL 0x10000000 00010000 00000000 00000000 00000000

	SACL access right:

	ACCESS_SYSTEM_SECURITY 0x01000000 00000001 00000000 00000000 00000000

	Standard access rights:

	SYNCHRONIZE 0x00100000 00000000 00010000 00000000 00000000
	WRITE_OWNER 0x00080000 00000000 00001000 00000000 00000000
	WRITE_DAC 0x00040000 00000000 00000100 00000000 00000000
	READ_CONTROL 0x00020000 00000000 00000010 00000000 00000000
	DELETE 0x00010000 00000000 00000001 00000000 00000000

	STANDARD_RIGHTS_ALL 0x001f0000 00000000 00011111 00000000 00000000 // DELETE \| READ_CONTROL \| WRITE_DAC \| WRITE_OWNER \| SYNCHRONIZE
	STANDARD_RIGHTS_EXECUTE 0x00020000 00000000 00000010 00000000 00000000 // READ_CONTROL
	STANDARD_RIGHTS_READ 0x00020000 00000000 00000010 00000000 00000000 // READ_CONTROL
	STANDARD_RIGHTS_REQUIRED 0x000f0000 00000000 00001111 00000000 00000000 // DELETE \| READ_CONTROL \| WRITE_DAC \| WRITE_OWNER
	STANDARD_RIGHTS_WRITE 0x00020000 00000000 00000010 00000000 00000000 // READ_CONTROL

	Process rights:

	PROCESS_QUERY_LIMITED_INFORMATION 0x00001000 00000000 00000000 00010000 00000000 // [>= Vista / 2k8]
	PROCESS_SUSPEND_RESUME 0x00000800 00000000 00000000 00001000 00000000
	PROCESS_QUERY_INFORMATION 0x00000400 00000000 00000000 00000100 00000000
	PROCESS_SET_INFORMATION 0x00000200 00000000 00000000 00000010 00000000
	PROCESS_SET_QUOTA 0x00000100 00000000 00000000 00000001 00000000
	PROCESS_CREATE_PROCESS 0x00000080 00000000 00000000 00000000 10000000
	PROCESS_DUP_HANDLE 0x00000040 00000000 00000000 00000000 01000000
	PROCESS_VM_WRITE 0x00000020 00000000 00000000 00000000 00100000
	PROCESS_VM_READ 0x00000010 00000000 00000000 00000000 00010000
	PROCESS_VM_OPERATION 0x00000008 00000000 00000000 00000000 00001000
	PROCESS_SET_SESSIONID 0x00000004 00000000 00000000 00000000 00000100 // undocumented
	PROCESS_CREATE_THREAD 0x00000002 00000000 00000000 00000000 00000010
	PROCESS_TERMINATE 0x00000001 00000000 00000000 00000000 00000001

	PROCESS_ALL_ACCESS [XP / 2k3] 0x001f0fff 00000000 00011111 00001111 11111111 // STANDARD_RIGHTS_ALL \| 0x0fff
	PROCESS_ALL_ACCESS [>= Vista / 2k8] 0x001fffff 00000000 00011111 11111111 11111111 // STANDARD_RIGHTS_ALL \| 0xffff