Penguin

Acronym for Access Control List.

Instead of having simple "User/Group/Other" permissions, the idea with ACL's is you have lists of users and groups that have permissions to some resource. For instance
user=PerryLorier,rwx user=MattBrown,rwx user=JohnMcPherson,rx group=WLUG,x other=none

would give PerryLorier,MattBrown read/write access to some executable, JohnMcPherson gets to read the executable, and everyone in the group WLUG would be able to execute it. Linux 2.6 supports ACLs on some filesystems (such as Ext2).

For example, Solaris allows you to do this. You can use the commands setfacl and getfacl to see file ACLs. The way this is implemented in Solaris, the presence of file ACLs is

specified by a + character next to the "normal" access indicators
$ ls -ld Projects drwxr-xr-x+ 3 user group 4096 2004-01-07 22:29 Projects

FreeBSDs ACLs work much in the same way as Solaris. FreeBSD 5 with UFS2 supports ACLs by default (they can be enabled by recompilation for UFS1 and FreeBSD 4), but you have to mount your filesystem with

mount -o acl

for the setfacl tool to work.

You can then use setfacl to give write access to multiple users and groups (for example), rather than having to create a new group and adding all the requisite users to that group.