|
Discretionary Access Control (DAC) defines basic access control policies to objects in a filesystem.
Generally, these are done at the discretion of the object owner -- file/directory permissions and user/group ownership.
The Telecom Glossary (http://www.atis.org/tg2k/t1g2k.html) defines DAC as "A means of restricting access to objects based on the identity and need-to-know of users and/or groups to which the object belongs. Controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (directly or indirectly) to any other subject."
|
