|
Posted by Roger Abell [MVP] on June 13, 2006, 5:24 am
Please log in for more thread options
The accesses requested are what is shown, and a failure event means
that one or more of those was not granted. A plain grant of Read,
which does not include Write Attributes, is sufficient for the filesystem
to allow the file content to be accessed (and have the last accessed
timestamp updated, which is done by the system).
Whatever is attempting the file opens is specifically requesting a
grant that is not allowed by NTFS, probably the Write Attribute.
Roger
>I turned on failure auditing for everyone on my system drive, and I noticed
>there are a number of failed accesses with the flags:
>
> READ_CONTROL
> SYNCHRONIZE
> ReadData (or ListDirectory)
> ReadEA
> ReadAttributes
> WriteAttributes
>
> Am I correct in interpreting this as failing because the program is
> attempting to update the last access time attribute?
>
| 
XML Sitemap