By default, anyone who is authenticated (supplies a valid password for accessing the VisionFS server) is given full access to the files and directories in the shared folder, and all actions are performed with the UNIX username, taking into account any username mappings. Guests (who don't have a password) are denied access.
This means that when an authenticated user tries to manipulate files or directories in any way (for example, deleting a file), the result would be the same as if the user performed the action from the UNIX command prompt. If the UNIX server would deny permission, so will VisionFS.