Which access control system is determined by file owners and is considered flexible?

Discretionary Access Control (DAC) is characterized by its flexibility and the authority it grants to file or resource owners. In a DAC system, the owner of a file has the discretion to control who can access that file and what level of access they have, which can include read, write, and execute permissions. This means that file owners can make decisions based on their preferences and the specific context, allowing a more tailored approach to access management.

This system's flexibility is a significant advantage, as it empowers individuals to manage their own resources without needing a centralized authority. Owners can grant or revoke access to others at their discretion, making it suitable for environments where user collaboration and resource sharing are important.

Mandatory Access Control (MAC), in contrast, is based on a set of rules enforced by a central authority, and users cannot modify these permissions. Role-Based Access Control (RBAC) assigns access based on pre-defined roles rather than individual discretion, limiting the flexibility that file owners have in sharing their resources. Therefore, DAC is the correct choice due to its emphasis on the owner's ability to control access as they see fit.