Mandatory access control

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computer security, a mandatory access control (MAC) means a type of access control by which the operating system changes the way a subject (e.g. a user or a program) can access or do some sort of action on an object (e.g. a file or folder). Subjects and objects each have a set of security rules. Whenever a subject tries to use an object, the operating system kernel looks at these security rules and decides whether the subject can use the object.