Privileges
A privilege is a right that is associated with a process, rather than an object. A typical example of a privilege is SeBackupPrivilege, which confers on a process the right to back up files on a disk.
A few routines check the privilege of the current process before completing an operation. If a driver routine is executed by the system process, then the operation always succeeds, but if the driver routine is executed by a user process that does not have the required privilege, then the operation can fail.
The following table lists some examples of privileges and routines that can require them to succeed.
Privilege | Routine that can require privilege |
---|---|
SeManageVolumePrivilege |
ZwSetInformationFile with FileInformationClass = FileValidDataLengthInformation |
SeTakeOwnershipPrivilege |
|
SeSecurityPrivilege |
Most system routines do not perform any privilege checks.