Dacl

DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
in Net Infra 70-291
Can anyone explain what a DACL is? I was just reading my 291 book and it used this term. I remember seeing it in the 290 book and after google and asking a teacher, I deemed that it wasn't essential to know. But now that it is popping up again, it would be nice to undersand.

How is it different than an ACL?

Thanks
Decide what to be and go be it.
· Share on FacebookShare on Twitter

Comments

  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    A discretionary access-control list allows the data owner to configure permissions on the file or directory.
    · Share on FacebookShare on Twitter
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    So are you saying that it is a normal ACL that has an ACE of owner/creator?
    Decide what to be and go be it.
    · Share on FacebookShare on Twitter
  • PsoasmanPsoasman Senior Member Member Posts: 2,687 ■■■■■■■■■□
    A DACL will have some ACEs that will allow or deny access to a user or a group. If you set it up the default way, generally only the owner and the system will have access to it.
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    Compare ACLs on a firewall with ACLs for users' files and shared folders. Which one requires an administrator and which one can be configured at the discretion of the data owner?
    · Share on FacebookShare on Twitter
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    dynamik wrote: »
    Compare ACLs on a firewall with ACLs for users' files and shared folders. Which one requires an administrator and which one can be configured at the discretion of the data owner?

    So are you saying that nearly every ACL in windows is really a DACL?

    As far as looking at the difference between a firewall and a file, I'm not getting it. Isn't an ACL always at the discretion of the administrator?
    Decide what to be and go be it.
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    Devilsbane wrote: »
    So are you saying that nearly every ACL in windows is really a DACL?

    If you're talking about an object that has an owner and that owner can configure the permissions as he or she sees fit.
    Devilsbane wrote: »
    As far as looking at the difference between a firewall and a file, I'm not getting it. Isn't an ACL always at the discretion of the administrator?

    First off, I would hope that any firewall ACL modification would go through an appropriate change-management process where others review and approve the it beforehand.

    In terms of discretion, users don't have any ownership and can't modify ACLs for items they own. The ACL has to be explicitly configured by an administrator. You don't need administrative privileges to configure DACLs for items that you own. Ownership is the core component of DACL.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.