Linux security begins with an idea that seems simple but carries deep implications for system design: every file’s owner decides who can access it and how. This approach, called **Discretionary Access Control (DAC)**, forms the foundation of Linux’s permission model. Although it dates back to early Unix, DAC remains central to modern systems because it balances simplicity, autonomy, and flexibility.
1. What DAC Means
DAC stands for Discretionary Access Control. It is called “discretionary” because the authority to control access is given to the resource owner, not the system administrator. In other words, Linux assumes that if you created a file, you should have the right to decide who can read, modify, or execute it. The operating system enforces those permissions but does not override them unless a superuser (root) intervenes.
2. The Basic Structure of DAC
Every file and directory on Linux is associated with three categories of users:
- Owner (User) – the creator or assigned owner of the file.
- Group – a set of users who share access privileges.
- Others – all other users on the system.
Each category can have three possible permissions: read (r), write (w), and execute (x). Together they form the well-known nine-character permission string, for example:
-rwxr-xr--
The first character indicates the type of file (- for regular file, d for directory, etc.), and the next nine characters encode permissions in three groups of three: owner, group, and others.
3. The Numeric Representation
Permissions can also be expressed numerically using octal notation. Each permission corresponds to a bit:
| Permission | Symbol | Binary | Decimal |
|---|---|---|---|
| Read | r | 100 | 4 |
| Write | w | 010 | 2 |
| Execute | x | 001 | 1 |
Combining these bits yields values from 0 to 7:
| Value | Symbol | Meaning |
|---|---|---|
| 0 | --- | No permission |
| 1 | --x | Execute only |
| 2 | -w- | Write only |
| 3 | -wx | Write and execute |
| 4 | r-- | Read only |
| 5 | r-x | Read and execute |
| 6 | rw- | Read and write |
| 7 | rwx | Read, write, and execute |
When you run a command like chmod 755 script.sh, you are assigning the value 7 to the owner, 5 to the group, and 5 to others. The result is:
rwxr-xr-x
which means the owner can read, write, and execute, while others can only read and execute.
4. DAC in Everyday Linux Use
Consider the following example:
-rw-r--r-- 1 ubuntu ubuntu 2048 Nov 7 18:00 config.txt
Here:
- The file owner (
ubuntu) can read and write. - Members of the
ubuntugroup can only read. - All other users can also only read.
The owner can change these permissions using:
chmod 700 config.txt # make private
chmod 644 config.txt # make public read-only
chown root config.txt # change ownership
chgrp dev config.txt # change group
All of these actions represent the discretionary nature of DAC—the user has control over their own files.
5. How DAC Compares to Other Access Control Models
Linux’s DAC model is one of several possible security frameworks. The others include Mandatory Access Control (MAC) and Role-Based Access Control (RBAC). The following table summarizes the key distinctions:
| Model | Full Name | Decision Maker | Typical Context |
|---|---|---|---|
| DAC | Discretionary Access Control | File owner | General-purpose operating systems |
| MAC | Mandatory Access Control | System policy | Military, security-critical systems |
| RBAC | Role-Based Access Control | Role definitions | Databases, enterprise systems |
DAC is flexible and user-centric but relies on individuals to maintain good security practices.
MAC enforces access based on system-wide policies that even the root user cannot bypass.
RBAC assigns permissions to roles, and users inherit the permissions associated with their roles.
6. The Strengths and Weaknesses of DAC
The greatest advantage of DAC is its simplicity. It is intuitive, easy to configure, and well-suited for personal or collaborative environments where users manage their own resources. However, this freedom comes with risks:
- Overly permissive settings – users may assign world-writable permissions (
chmod 777), exposing the system to malicious modification. - Privilege misuse – malware running under a user account can access any file that user can access.
To mitigate these risks, many modern Linux distributions implement MAC frameworks such as SELinux or AppArmor alongside DAC. These add a mandatory layer of enforcement that prevents processes from violating global security policies, even if DAC permissions allow it.
7. How DAC and MAC Interact
When a process requests access to a resource, Linux performs two checks:
- DAC check: verifies whether the user has the required permission (based on owner, group, and others).
- MAC check: enforces system-wide security rules, as defined by SELinux or similar mechanisms.
Only if both checks succeed is the access granted.
8. Common Permission Configurations
| Command | Permission | Description |
|---|---|---|
chmod 600 file | rw------- | Private files, such as SSH keys |
chmod 644 file | rw-r--r-- | Publicly readable documents |
chmod 700 dir | rwx------ | Private directories |
chmod 755 script.sh | rwxr-xr-x | Executable scripts |
chmod 777 tmp | rwxrwxrwx | Fully open directory, used cautiously |
9. Conclusion
Linux’s Discretionary Access Control system embodies a philosophy of individual responsibility. It gives users the autonomy to manage their own resources, consistent with the Unix principle of simplicity and transparency. However, autonomy implies risk, and the flexibility of DAC can be dangerous in environments that demand strict confidentiality or isolation. This is why modern systems integrate DAC with MAC and RBAC, combining user discretion with mandatory safeguards and role-based efficiency.
Discretionary Access Control remains a cornerstone of Linux security—not because it is flawless, but because it reflects the trust placed in users to control their own systems.