In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object).
An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation.
For instance, if a file object has an ACL that contains:
- Alice: read, write
- Bob: read
this would give Alice permission to read and write the file, and give Bob permission only to read it.
Reference: