Applying Advanced Resource Control Using ACLs
New with Tiger, Apple has added Access Control Lists (ACLs) to the choices a user or administrator has in defining who can do what with a file. ACLs provide significantly more power than traditional Unix permissions. Where a traditional permission set can only detail what's allowable for the owner, the group, or “everyone else” for a particular file, an ACL can be so detailed as to individually define the permissions that are available for each user on the system. The types of permissions that are available are likewise considerably more fine-grained than the read/write/execute permissions controlled by the traditional Unix permissions system.
Despite the considerable additional ...