ACLs, pronounced “ackkls,” can provide greater control over file permissions. You add ACLs when traditional UNIX file protections are not sufficient. Traditional UNIX file protections provide read, write, and execute permissions for the three user classes: owner, group, and other. An ACL provides finer-grained file security.
ACLs enable you to define fine-grained file permissions, including the following:
Owner file permissions
File permissions for the owner's group
File permissions for other users who are outside the owner's group
File permissions for specific users
File permissions for specific groups
Default permissions for each of the previous categories
To protect ZFS files with access control lists (ACLs), see Chapter 7, Using ACLs and Attributes to Protect Oracle Solaris ZFS Files, in Managing ZFS File Systems in Oracle Solaris 11.2 . For information about using ACLs on legacy file systems, see Using Access Control Lists to Protect UFS Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.2 .