Discretionary Access Control (DAC) is a security model that allows the owner of a resource, like a file or folder, to decide who can access it. In this system, the owner can grant or restrict permissions to other users, giving them the flexibility to control their own data. For example, if Alice creates a document, she can choose to share it with Bob while keeping it private from Charlie. This approach is user-friendly but can lead to security risks if not managed properly. If Alice accidentally shares her document with too many people, sensitive information could be exposed. Therefore, while DAC offers freedom, it also requires careful oversight to protect valuable data.