ACL Technology Overview
The classes in the System.Security.AccessControl namespace allow you to programmatically create or modify discretionary access control lists (DACLs) and system access control lists (SACLs) for a number of protected resources such as files, folders, and so on. DACLs allow you to programmatically control access to protected resources, while SACLs allow you to programmatically control system auditing policies of protected resources. For example, you can use the DACL classes to make sure that only an administrator can read a file; you can use the SACL classes to make sure that all successful attempts to open the file are logged.
The topics in this section describe the concepts and techniques that allow you to build ACL functionality into your applications.