We present netra, a tool for systematically analyzing and detecting explicit information-ﬂow vulnerabilities in access control conﬁgurations. Our tool takes a snapshot of the access-control metadata, and performs static analysis on this snapshot. We devise an augmented relational calculus that naturally models both access control mechanisms and information-ﬂow policies uniformly. This calculus is interpreted as a logic program, with a ﬁxpoint semantics similar to Datalog, and produces all access tuples in a given conﬁguration that violate properties of interest. Our analysis framework is programmable both at the model level and at the property level, eﬀectively separating mechanism from policy. We demonstrate the eﬀectiveness of this modularity by analyzing two systems with very diﬀerent mechanisms for access control—Windows XP and SELinux—with the same speciﬁcation of information-ﬂow vulnerabilities. netra ﬁnds vulnerabilities in default conﬁgurations of both systems.