It would be possible to construct a set of security attributes to pass to CreateFile that accurately represents the mode. In the worst case, this would involve looking up user and all group names, and creating an entry for each. Alternatively, we could call the _chmod (partial emulation) function after file creation, although this leaves us with an obvious race.
Practically speaking, however, these efforts would be largely meaningless on FAT, the most common file system, which only has a "readable" and "writable" flag, applying to all users.
On all Windows platforms, system paging file memory is freed on last close. For this reason, multiple processes sharing a database environment created using the DB_SYSTEM_MEM flag must arrange for at least one process to always have the environment open, or alternatively that any process joining the environment be prepared to re-create it. If a shared environment is closed by all processes, a subsequent open without specifying the DB_CREATE flag will return an error. Further, if a shared environment that supports transactions is closed by all processes, recovery must be run by the next process to open the environment or data corruption may occur.
When using the DB_SYSTEM_MEM flag, Berkeley DB shared regions are created without ACLs, which means that the regions are only accessible to a single user. If wider sharing is appropriate (for example, both user applications and Windows/NT service applications need to access the Berkeley DB regions), the Berkeley DB code will need to be modified to create the shared regions with the correct ACLs. Alternatively, by not specifying the DB_SYSTEM_MEM flag, filesystem-backed regions will be created instead, and the permissions on those files may be directly specified through the DB_ENV->open interface.
Copyright Sleepycat Software