From 00c2c3a77755857cc376ca1f170df6d0d55900d0 Mon Sep 17 00:00:00 2001
From: Simon Brooke <simon-brooke@users.noreply.github.com>
Date: Mon, 2 Jan 2017 15:42:47 +0000
Subject: [PATCH] Created access control (markdown)

---
 access-control.md | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 access-control.md

diff --git a/access-control.md b/access-control.md
new file mode 100644
index 0000000..17677c4
--- /dev/null
+++ b/access-control.md
@@ -0,0 +1,10 @@
+Every [[cons space]] object has an access control list.
+
+The possible values of that list (and its interpretation) are
+
+* NIL : only system-privileged functions can access the object ('system private');
+* TRUE : every user can access the object;
+* A list : in which case it's equivalent to 
+    (member? current-user (flatten acl))
+
+The reason for using *(flatten acl)* is that groups of users may be added to access control lists as sublists, recursively. Note that if the sublist of the access control list which contains the current user is not readable by the current user, then the object will not be readable by the current user.
\ No newline at end of file