Topics Map > University of Chicago > IT Services > Accounts, Identity, & Security > Security
ACL - Access Control List
An access-control list (ACL) is a list of security protections that applies to an object. (An object can be a file, process, event, or anything else having a security descriptor.) An entry in an ACL is an access-control entry (ACE). There are two types of access-control list, discretionary and system. The discretionary access-control list (DACL) is typically what is meant when the term ACL is used. The DACL is an access-control list that is controlled by the owner of an object and that specifies the access particular users or groups can have to the object. The system access-control list (SACL) controls the generation of audit messages for attempts to access a securable object. The ability to get or set an object's SACL is controlled by a privilege typically held only by system administrators.