For review: Make sure you take a look at the language around collaborating peers. Is that statement now sufficiently nuanced?
Original comment:
This may be overly strong right? It does not guard against malicious peers taking control of the ACL if they had write access to it in the first place. But a malicious peer without write access to the ACL should not be able to hijack it.
Changes thanks to comments from @hsanjuan.
For review: Make sure you take a look at the language around collaborating peers. Is that statement now sufficiently nuanced?
Original comment: