DAC and ACLs

DAC is in the first place a security problem because it gives room for user errors. A high-level manager who accidentially mails confidential company information to somebody. (so called "write-down" - a write operation of classified content into an unclassified target.)

Or giving somebody accidentially the right to read classified information (e.g. by putting a new person in the wrong group - the so called read-up)

But DAC shows its true potential for security leaks when it is implemented on a system using access control lists which violate POLA. Here any program run by the user can - if buggy or taken over - do with all user-owned resources whatever it wants: the basis why viruses and trojans are such a danger on those systems.