It’s a day for DACLS!
This gets a little complicated really fast.
q: (name of it, security descriptors of it) of folder "c:\temp"
A: Temp, O:S-1-5-21-1743679890-914043743-99403186-1000G:S-1-5-21-1743679890-914043743-99403186-513D:AI(A;OICI;0x1200a9;;;WD)(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
I: plural ( string, security descriptor )
These are the exact permissions of the folder in SDDL. If you don’t read SDDL, you may want to use our inspectors to dive in.
q: (name of it, (trustee of it) of entries of dacls of security descriptors of it) of folder "c:\temp"
A: Temp, Everyone
A: Temp, BUILTIN\Administrators
A: Temp, BUILTIN\Administrators
A: Temp, NT AUTHORITY\SYSTEM
A: Temp, NT AUTHORITY\SYSTEM
A: Temp, BUILTIN\Users
A: Temp, NT AUTHORITY\Authenticated Users
A: Temp, NT AUTHORITY\Authenticated Users
I: plural ( string, security identifier )
And adding a Whose clause to filter for only the Everyone Trustee
q: (name of it, (trustee of it) of entries whose (trustee of it as string = "Everyone") of dacls of security descriptors of it) of folder "c:\temp"
A: Temp, Everyone
And then diving into 3 of your listed permissions of interest
q: (name of it, (trustee of it, traverse permission of it, list permission of it, read attributes permission of it /*and so on...*/) of entries whose (trustee of it as string = "Everyone") of dacls of security descriptors of it) of folder "c:\temp"
A: Temp, ( Everyone, True, True, True )
I: plural ( string, ( security identifier, boolean, boolean, boolean ) )
More Access Control List properties here: https://developer.bigfix.com/relevance/reference/access-control-entry.html