The sources of a new file's protection code and ACL are similar
    to those of ownership and are considered in the same order. The
    system assigns a file's protection code and ACL from one of the
    following sources:

    1. The explicit assignment of elements at creation

    2. The profile of the previous version of the file, if one exists

    3. A Default Protection ACE and Default ACL on the parent
       directory

    4. The UIC and protection defaults of the process issuing the
       command

    5. One of the above with provision for the user creating the file

    See the OpenVMS Guide to System Security for further information.