Rights are associated with handles and convey privileges to perform actions on either the associated handle or the object associated with the handle.
The <zircon/rights.h>
header defines
default rights for each object type, which can be reduced via
zx_handle_replace()
or zx_handle_duplicate()
.
Right | Conferred Privileges |
---|---|
ZX_RIGHT_DUPLICATE | Allows handle duplication via zx_handle_duplicate |
ZX_RIGHT_TRANSFER | Allows handle transfer via zx_channel_write |
ZX_RIGHT_READ | TO BE REMOVED Allows inspection of object state |
Allows reading of data from containers (channels, sockets, VM objects, etc) | |
Allows mapping as readable if ZX_RIGHT_MAP is also present | |
ZX_RIGHT_WRITE | TO BE REMOVED Allows modification of object state |
Allows writing of data to containers (channels, sockets, VM objects, etc) | |
Allows mapping as writeable if ZX_RIGHT_MAP is also present | |
ZX_RIGHT_EXECUTE | Allows mapping as executable if ZX_RIGHT_MAP is also present |
ZX_RIGHT_MAP | Allows mapping of a VM object into an address space. |
ZX_RIGHT_GET_PROPERTY | Allows property inspection via zx_object_get_property |
ZX_RIGHT_SET_PROPERTY | Allows property modification via zx_object_set_property |
ZX_RIGHT_ENUMERATE | Allows enumerating child objects via zx_object_get_info and zx_object_get_child |
ZX_RIGHT_DESTROY | Allows termination of task objects via zx_task_kill |
ZX_RIGHT_SET_POLICY | Allows policy modification via zx_job_set_policy |
ZX_RIGHT_GET_POLICY | Allows policy inspection via zx_job_get_policy |
ZX_RIGHT_SIGNAL | Allows use of zx_object_signal |
ZX_RIGHT_SIGNAL_PEER | Allows use of zx_object_signal_peer |
ZX_RIGHT_WAIT | Allows use of zx_object_wait_one, zx_object_wait_many, and other waiting primitives |
ZX_RIGHT_INSPECT | NOT YET IMPLEMENTED Allows inspection via zx_object_get_info |
ZX_RIGHT_MANAGE_JOB | NOT YET IMPLEMENTED Allows creation of processes, subjobs, etc. |
ZX_RIGHT_MANAGE_PROCESS | NOT YET IMPLEMENTED Allows creation of threads, etc |
ZX_RIGHT_MANAGE_THREAD | NOT YET IMPLEMENTED Allows suspending/resuming threads, etc |