The ACL library provides simple and practical access to the DCE security model.
The library provides a routine that indicates in a single call whether or not a client has the appropriate permissions to perform a particular operation. A server can also easily retrieve the full set of permissions granted to a client by an object's ACL.
The library provides the complete rdacl_*( ) remote interface. Standard routines are provided to map either a UUID attached to a handle or a residual name specified as one of the parameters.
The combination of these capabilities means that most servers will not have any need to use DCE ACL data types directly.