"Access Control List (access, ACL)"

Definition: Access Control List (access, ACL): Controlling access not only the system in general, but also resources within the system. For example, firewalls can be configured to allow access to different portions of the network for different users. Likewise, even after you log onto a file server, the server may still block access to certain files. Key point: An Access Control List (ACL) is used to list those accounts that have access to the resource that the list applies to. When talking about firewalls, the ACL implies the list of IP addresses that have access to which ports and systems through the firewall. When talking about WinNT, the ACL implies the list of users that can access a specific file or directory on NTFS. Contrast: Discretionary Access Control is the ability to have fine grained control over who has access to what resources. Misconception: Many people believe that firewall IP address rules or IEEE 802.11 MAC address rules form robust ACLs. However, since neither IP addresses or MAC addresses provide robust authentication, such ACLs provide only a weak form of security. When these so-called ACLs are relied upon for security, they frequently lead to compromises as people spoof their IP or forge their MAC address. From Hacking-Lexicon

* Linux/Unix/Computing Glossary