ALL privileges: Difference between revisions
Jump to navigation
Jump to search
Created page with "'''ALL''' is a group of privileges that enable their holders to control the system. It is comprised of the following privileges: {| class="wikitable" |- ! Privilege !! Descri..." |
No edit summary |
||
| Line 31: | Line 31: | ||
| [[UPGRADE]] || Write to a higher integrity object or raise an object's integrity level | | [[UPGRADE]] || Write to a higher integrity object or raise an object's integrity level | ||
|} | |} | ||
[[Category:Privileges]] | |||
Revision as of 18:06, 23 July 2019
ALL is a group of privileges that enable their holders to control the system. It is comprised of the following privileges:
| Privilege | Description |
|---|---|
| BYPASS | Disregard protection |
| CMEXEC | Change to executive mode |
| CMKRNL | Change to kernel mode |
| IMPERSONATE | Create detached processes of arbitrary UIC |
| DOWNGRADE | Write to a lower secrecy object or lower an object's classification |
| LOG_IO | Issue logical I/O requests |
| PFNMAP | Map to specific physical pages |
| PHY_IO | Issue physical I/O requests |
| SETPRV | Enable any privilege |
| SHARE | Access devices allocated to other users |
| SYSNAM | Insert system logical names in the name table |
| SYSPRV | Access objects through the system protection field |
| UPGRADE | Write to a higher integrity object or raise an object's integrity level |