File System Access Control List (FACL)

Security+ 🏆 • Authentication & Authorization 🔐 • Security Operations 🛡️ • Difficulty: premium

Definition

A File System Access Control List is a set of permission rules attached to a file or folder that specifies which users or groups are allowed or denied actions such as read, write, modify, or execute. It is a common way operating systems enforce access control for stored data.

Examples

A shared finance folder grants the Finance group read and write access, while all other users are denied access.
A Linux file uses an extended ACL so one specific contractor can read a file without being added to the main group.

Discover 🔎

When you store data on a computer or file server, the system needs rules for who can access it. File System Access Control Lists are those rules. They are the reason one user can open a file and another user gets an access denied message. ACLs are a foundational part of access control because they translate policy into enforceable, system-level permissions.

Remember: An ACL is the rule list. The operating system checks the ACL every time someone tries to access the file or folder.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.