In computer security, Discretionary Access Control (DAC) is a type of access control in which a user has complete control over all the programs it owns and executes, and also determines the permissions other users have those those files and programs. Because DAC requires permissions to be assigned to those who need access, DAC is commonly called described as a “need-to-know” access model.
Contrast with Mandatory Access Control (MAC) which is determined by the administrator.
