With discretionary access control (DAC), the owner of an object has the authority to decide who can access it and what particular activities they are allowed to carry out.
Unauthorized users cannot access protected files, folders, or applications due to DAC rules. The owner or administrator sets guidelines for protected resources with this objective in mind. They then specify which individuals or groups are allowed or restricted from having access.
Owners and administrators can easily manage resource access according to their security needs with the use of DAC access control rules.
Ownership-based access is the primary objective of DAC. Permissions can be determined by resource owners. Owners control who can access their data. This feature gives users the ability to control their own resources. Access policies can be customized by data owners to meet their needs.
The resource owner determines which users or groups are permitted to carry out particular operations on the resource when access is configured under DAC like reading, editing, running, and deleting.
Usually in the form of an access control list (ACL), the operating system maintains a record of the permissions. Every time a user or process tries to access a resource, the system verifies the ACL and decides whether to grant or deny the request.
