Although the current vnode interface shown in Appendix section sec-appendix-vnode-vnodeops includes operations on ACLs, these are very rarely used (I know of none). Aclfs is a file system with a simpler form of Access Control Lists. The ACLs will be stored using Statefs. ACLs could for example include information such as sets of Unix groups that are allowed to access certain files, sets of users all of which will be treated as owners of the files, and even negation ACLs -- users whose membership in certain groups denies them access. It is generally believed that Unix owner and group access permissions are too limiting for multi-user environments, especially software development environments.