filsystemACLs

A filesystem ACL (access control list) is a metadata mechanism attached to a file or directory that specifies which principals can access it and what operations they are allowed to perform. It complements the traditional owner, group, and other permission bits by enabling finer-grained control. In many POSIX-compliant systems, ACLs are optional extensions that work alongside the basic read, write, and execute permissions.

An ACL consists of multiple entries that define rights for users and groups, plus a mask and

Platform differences exist in how ACLs are implemented and used. Linux and other POSIX systems (such as

Management and best practices include using ACLs to grant the minimum necessary rights, documenting the rationale,