ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed to be performed on given objects. In the case of Joomla there are two separate aspects to its Access Control List which site administrators can control: One system controls what things on the site users can view. The other controls what things users can do (what actions a user can take).



Access Control List or ACL is according to the Wikipedia definition, “...ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed to be performed on given objects.” In the case of Joomla there are two separate aspects to its Access Control List which site administrators can control:

Which users can gain access to what parts of the website? For example, will a given menu choice be visible for a given user? A registered user can view, but the public at large cannot. Perhaps the menu choice is hidden from all except an Editor user and higher.
What operations (or actions) can a user perform on any given object? For example, can a user listed as an "Editor" submit an article or only edit an existing article. The ACL settings could allow submitting and editing, or allow a change an article's category, add tags or any combination.

The implementation of ACL in Joomla was substantially changed in the Joomla! 2.5 series which allowed for more flexibility in groups and permissions.

Additional information can be found at docs.joomla.org.