I don’t know how many of you have heard about Rich ACL or Rich Access Control Lists. Most of you might have heard about NFS protocol i.e, the Network File System protocol. This particular protocol, with its v4.0 and above defines a particular set of ACLS known as NFSv4 ACLs. Rich ACL is a modified or an extended form of NFSv4 ACLs. Let me explain in brief on what do we mean by ACLs.
ACL or Access Control List ?
This is a list of permissions attached to an object. The object can be file, directories and so on. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.
ACLs and Linux
Linux follows the POSIX 1003.1e draft 17 standard for defining and storing ACLs. Even then in linux, getfacl and setfacl command line utilities do not strictly follow POSIX 1003.2c draft 17, which shows mostly in the way they handle default ACLs. For detailed explanation on how ACLs are defined and how they work in linux, please see http://users.suse.com/~agruen/acl/linux-acls/online/ .
Variations in ACL implementations
The ACL model implemented by the various versions of Windows is more powerful and complex than POSIX ACLs, and differs in several aspects. These differences create interoperability problems on both sides which is a disadvantage for UNIX-like systems. To address this issue, several UNIX-like systems started to support additional ACL models based on version 4 of the the Network File System (NFSv4) protocol specification. Linux is lacking this support so far. Following are some of the differences between various ACLs
Openforums 