Old versionsSee all
Access control lists (ACLs) are an alternate way to control file access. They come to OS X via the FreeBSD distribution where they very likely were inspired by Dave Cutler's security system for what became NT Server. ACLs provide more granularity for access control than the traditional Unix 'read/write/execute'. But they're not an entity unto themselves - 'computer within a computer' - but rather indicators to how the file system will deal with access requests. It's up to the file system to determine how they're to be observed. An access control list is a list of access control entries. The file system looks at these entries each time a user makes a request for access to a file. Access control entries are read in the order given and parsing terminates soon as an answer is provided - a 'yes' or 'no' to the type of access requested.