3.3. ACCESS CONTROL LISTS

The UNIX approach to permissions considered so far is limited in its applicability. Imagine an application designed to support managers writing performance reviews of the employees under their charge. Each report is written by a manager who must also be able to read it and create new reports. An employee must be able to read and write to his or her own report, but not those of other employees. Staff in the human resources department must be able to read any of the reports, but not write to any of them; the head of the employee's department must have the same rights. No one may delete a report that has already been written. These permissions could not be expressed in the UNIX model, but represent the requirements of a real application.

HFS+ in Mac OS X has supported access control lists (ACLs) since version 10.4, based on the definition of ACLs in the POSIX standard. The HFS+ ACLs are also very similar to the access control capabilities of the Windows NTFS filesystem. An ACL is an ordered list of Access Control Elements (ACEs), each of which expresses a single rule about the permissions granted to the file or folder to which the ACL is attached. An ACL can contain an arbitrary number of ACEs.