Using Access Control Lists
ACLs, pronounced "ackkls", can provide greater control over file permissions. You add ACLs when traditional UNIX file protections are not sufficient. Traditional UNIX file protections provide read, write, and execute permissions for the three user classes: owner, group, and other. An ACL provides finer-grained file security.
ACLs enable you to define fine-grained file permissions, including the following:
-
Owner file permissions
-
File permissions for the owner's group
-
File permissions for other users who are outside the owner's group
-
File permissions for specific users
-
File permissions for specific groups
-
Default permissions for each of the previous categories
To protect ZFS files with access control lists (ACLs), see Setting ACLs on ZFS Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4. For information about using ACLs on legacy file systems, see Using Access Control Lists to Protect UFS Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.