Access-control list

In computer security, an access-control list (ACL) is a list of permissions[a] associated with a system resource (object or facility). An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resources.[1] Each entry in a typical ACL specifies a subject and an operation. For instance,

  • If a file object has an ACL that contains (Alice: read,write; Bob: read), this would give Alice permission to read and write the file and give Bob permission only to read it.
  • If the RACF profile CONSOLE CLASS(TSOAUTH) has an ACL that contains (ALICE:READ), this would give ALICE permission to use the TSO CONSOLE command.


Cite error: There are <ref group=lower-alpha> tags or {{efn}} templates on this page, but the references will not show without a {{reflist|group=lower-alpha}} template or {{notelist}} template (see the help page).

  1. ^ R. Shirey (August 2007). Internet Security Glossary, Version 2. doi:10.17487/RFC4949. RFC 4949. Retrieved May 19, 2023.