Access control is a security solution for preventing unauthorized access to confidential data in any way. Access control systems consist a set of access policies (rules) plus mechanisms for implementing them. You may consider access control as a matrix of roles (users or user groups) and resources (files and directories). Policies (rules) are matrix elements. They strictly determine what actions (read/write/execute) every role (user or group of users) is allowed to perform on every file and directory.
DAC is not a powerful access control system and can easily be violated by owners, the super user and rootkits. In addition, since the owner can remove his own permissions, DAC may end up in a deadlock. And as the last flaw, the super user can do everything in a DAC system.