Currently, ACL's can be defined in Oneprovider using the GUI or the REST API, either using custom Access Control Lists or using simplified POSIX attributes (see details in the online documentation). When a user space is mounted in a VM using Oneclient, the ACLs are mapped to the regular POSIX permissions.

In the future we are planning to also support POSIX ACLs in Oneclient.