The ACL mechanism described in the ``Authorization ACLs'' section of the functional specifications will be implemented by the acl_check function.
enum access_t { ACCESS_DENIED = 0, ACCESS_OK = 1, }; enum access_t acl_check(krb5_principal princ, char *priv);
The priv argument must be one of ``get'', ``add'', ``delete'', or ``modify''. acl_check returns 1 if the principal princ has the named privilege, 0 if it does not.