The virtual directory in Penrose can be configured to grant/deny certain access rights to certain users using ACL. The ACL specifies the target (entire object or certain attributes only), the scope (base, one level, subtree), the action (grant or deny), and the type of operations (e.g. search, modify). ACL defined in one entry is inherited by the children. See [PENROSE20:ACL].