Discretionary Access Control (DAC)
(DAC) is not forced from the administrator or operating system. Instead, access is controlled by an objects owner. For example, if a secretary creates a folder, he decides who will have access to that folder. This access is configured using permissions and an access control list. DAC uses an access control list (ACL) to determine access. The ACL is a table that informs the operating system of the rights each user has to a particular system object, such as a file, directory, or printer. Each object has a security attribute that identifies its ACL. The list has an entry for each system user with access privileges. The most common privileges include the ability to read a file (or all the files in a directory), to write to the file or files, and to execute the file (if it is an executable file or program). Microsoft Windows ervers/7/Vista/XP, Linux, UNIX, and Mac OS X are among the operating systems that use ACLs. The list is implemented differently by each operating system.