In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria `as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permissi....