Abstract
Modern commercial of the shelf operating systems use Discretionary Access Control (DAC) to protect files and other operating system resources. According to the Trusted Computer System Evaluation Criteria (TCSEC) (often referred to as the Orange Book) [1], Discretionary Access Control is “a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control).”