The ACL mechanism described in the ``Authorization ACLs'' section of the functional specifications will be implemented by the acl_check function.
enum access_t {
ACCESS_DENIED = 0,
ACCESS_OK = 1,
};
enum access_t acl_check(krb5_principal princ, char *priv);
The priv argument must be one of ``get'', ``add'', ``delete'', or ``modify''. acl_check returns 1 if the principal princ has the named privilege, 0 if it does not.