You clould think about giving these RPC calls an ACL (like a file system ACL). Code for checking if something may access something based on ACLs should be in the cache manager ;-) Harald.