Files on a LionShare peer may be publicly available, or they may be shared only to certain other users. All files on a LionShare peer have an associated metadata structure. As discussed above, this metadata often includes an access control list (ACL) which details the attributes a requester must possess to obtain the file. This ACL is expressed in XACML[6]. It contains both the required attributes and the permissible values for those attributes. This policy should not be released to other peers on the network; doing so would leak sensitive information. To prevent this, a peer will translate the XACML policy into a SAML attribute request. The latter format only lists which attributes a peer requires, but not the values of those attributes. Ideally, a "server" peer will include the SAML "version" of the ACL in a QueryHit message so that a "client" peer can extract it from the QueryHit stream and forward it to its Attribute Authority. See the section on "LionShare Protocol Flow" below for more information.

Policies are not transferred with a file. When a user downloads a file from another Lionshare peer, he receives only that file -- he does not receive the XACML policy for sharing that file. This is to prevent information leakage. Once a file is downloaded, a LionShare peer will automatically reshare that file if it was public; if is was protected, LionShare will not automatically reshare it.